last executing test programs:

8m9.97092017s ago: executing program 2 (id=2028):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000680)={'bridge0\x00'})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x100000000, 0x8, 0x0, 0x3}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000001c00), 0x400000000000159, 0x40840)
openat$ptmx(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
sendmmsg$inet(r6, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x2404c8c0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xe, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0xa, 0x200008, 0x5, 0x1ffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r7], 0x4c}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
write$binfmt_misc(r9, &(0x7f0000000000), 0xfffffecc)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r9, 0xc0189377, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r3, {0x8, 0x1}}, './file0\x00'})

8m8.944291526s ago: executing program 2 (id=2033):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = io_uring_setup(0x3c91, &(0x7f0000000900)={0x0, 0x1246, 0x0, 0x1, 0x60})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r3)
r4 = fcntl$dupfd(r2, 0x0, r2)
read$snapshot(r4, 0x0, 0xffffffbf)
inotify_init1(0x80800)
r5 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r5, 0x48e9, 0x0, 0x2, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r1, 0x40044146, &(0x7f0000000040)=0xaac)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r9, 0x40089413, &(0x7f0000000000)=0x5)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000838500000004000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xc}, {0xffff, 0xffff}, {0x8, 0xd}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xca72}, @TCA_FQ_PIE_ECN={0x8}]}}]}, 0x44}}, 0x68000)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r0, 0xe, &(0x7f00000002c0)={0x274ac000, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)=""/59, 0x3b}, {&(0x7f0000000080)=""/7, 0x7}, {&(0x7f00000000c0)=""/59, 0x3b}, {&(0x7f0000000100)=""/43, 0x2b}, {&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f0000000340)=""/221, 0xdd}], &(0x7f0000000280)=[0x74, 0x2], 0x6}, 0x20)
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r11, &(0x7f0000000300)=[{&(0x7f0000000540)='0', 0x1}, {&(0x7f0000000080)}], 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904"], 0x0)

8m5.879060369s ago: executing program 2 (id=2047):
r0 = fsopen(&(0x7f0000000280)='hugetlbfs\x00', 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'comedi_test\x00', [0x6, 0x7ff, 0x1, 0x0, 0x0, 0xccc, 0x8, 0xb, 0xa, 0xfc, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000007, 0x100, 0x2, 0xf27, 0x6, 0xb, 0x8, 0x5, 0x7, 0x4, 0x10000, 0x6]})
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r0, 0x0, 0x0)
recvfrom$ax25(r2, &(0x7f0000000040)=""/6, 0x6, 0x10003, &(0x7f0000000080)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6}, [@bcast, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @default]}, 0xfffffeab)
fchdir(r2)
fcntl$setpipe(r2, 0x407, 0x7fff)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x7)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5c114b6e, 0x40010, r5, 0xfffff000)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x14, 0x4, 0x4})
r6 = inotify_init1(0x80000)
r7 = syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setown(r6, 0x8, r7)
fcntl$getownex(r6, 0x10, &(0x7f0000000140))
sendmmsg$inet6(r4, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r8 = openat$sndseq(0xffffff9c, &(0x7f00000000c0), 0x123400)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r8, 0xc0505350, &(0x7f0000000700)={{}, {0x78, 0x3}, 0x3, 0x0, 0x80})
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r9, &(0x7f0000000100)={0xa, 0x4e23, 0x4, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r9, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8)
syz_io_uring_setup(0x2768, &(0x7f00000002c0)={0x0, 0x1477, 0x400, 0x1, 0x378, 0x0, r5}, &(0x7f00000001c0), &(0x7f0000000080))

8m5.756576659s ago: executing program 2 (id=2048):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x10001, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}, 0x1c)
socket$inet_sctp(0x2, 0x1, 0x84)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000)={0x3, [0x3, 0x5, 0xdd91]}, &(0x7f0000000240)=0xa)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fgetxattr(r1, 0x0, &(0x7f00000003c0)=""/67, 0x43)
syz_io_uring_setup(0x8d2, &(0x7f0000000500)={0x0, 0xd80e, 0x3010, 0xfffffffc}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_setup(0x5fdc, &(0x7f0000000240)={0x0, 0x1007732, 0x0, 0x40040003, 0x147}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, <r5=>0x0})
ptrace$getregset(0x4205, r5, 0x6, &(0x7f0000000140)={0x0})
r6 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)
shmctl$SHM_LOCK(r6, 0xb)
shmat(r6, &(0x7f0000437000/0x1000)=nil, 0xd000)
shmctl$SHM_UNLOCK(r6, 0xc)
shmctl$SHM_STAT_ANY(r6, 0xf, 0x0)
r7 = socket$igmp6(0xa, 0x3, 0x2)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x14008045, 0x1})

8m4.848593274s ago: executing program 2 (id=2051):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES64=0x0], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x15, 0x7, &(0x7f0000000140)=@framed={{0x18, 0x7}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x85ffffff}, @exit={0x95, 0x0, 0x7b00}, @call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000040)='GPL\x00', 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@ipv4_newrule={0x30, 0x1e, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7}, [@FRA_DST={0x8, 0x1, @empty}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x200}]}, 0x30}, 0x1, 0x0, 0x0, 0x2}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000000c0)={'syz1\x00', {0xfff7, 0xc, 0x100, 0x81}, 0x1d, [0x7b, 0xb7e2, 0x3, 0x8, 0x100, 0x3, 0x1, 0x7, 0x5, 0x3, 0x7, 0xa, 0x3, 0x0, 0x7f, 0xd, 0x7fff, 0x6, 0x6, 0x5, 0x6, 0x6, 0xb1, 0x6, 0xff, 0x2, 0xa5f2b87a, 0x409, 0x0, 0xfc75, 0x8, 0x9, 0x4, 0x5, 0xffffffff, 0x81, 0xfffff765, 0x2, 0x3, 0x6, 0xa, 0x2, 0x5, 0x0, 0x3ff, 0x6, 0x7, 0x8000, 0xfffffffd, 0x80, 0x8, 0x8, 0x9, 0x7, 0x101, 0xc3c, 0x1733, 0x7fff, 0x7ffc, 0x1, 0x6, 0x5, 0x1, 0x10000004], [0x8, 0x3, 0x8, 0x8, 0x0, 0x8, 0x4, 0x239ce46f, 0x25, 0x50, 0x8, 0x7, 0x8, 0xe62, 0xffffff73, 0x1000, 0x6, 0x13e5, 0x3, 0x3, 0x1, 0x7, 0x1, 0x3b40, 0x4, 0x1000, 0x5, 0x9, 0x8, 0x5a, 0xffff2503, 0x8001, 0x6995, 0x3, 0x80000000, 0x8, 0xdab, 0x7, 0x0, 0x76c4, 0x6, 0x5, 0x4, 0x10000, 0xd, 0xfffffffe, 0x9, 0x3, 0x4000e, 0x9, 0x7, 0xa, 0x9, 0x3, 0x8001, 0x3, 0x2, 0x3a6, 0x0, 0x5, 0xfffffffd, 0x9, 0xc, 0xfffffffb], [0x3, 0x6, 0x6, 0x9, 0x1000, 0x0, 0x80000000, 0x5, 0x7f, 0xa, 0x102, 0x1000, 0xf1, 0x6, 0xc, 0x10000, 0x72, 0xc, 0x633, 0xd, 0x7, 0x6, 0x80000000, 0x6, 0x80000001, 0x7, 0x8, 0x2ef3adcb, 0x10, 0x2, 0x8, 0x8, 0x74, 0x1, 0x6, 0x7ff, 0xfffffff2, 0x63, 0x7, 0x9, 0x3, 0x3, 0x20a7fd9a, 0x3, 0xafdab97, 0xa1, 0x0, 0x9d, 0x7, 0x2000a8a, 0x2, 0x10001, 0x77, 0x8, 0x40, 0x7, 0x7, 0x2, 0x0, 0x2, 0x8, 0x2, 0x3, 0x5], [0x4, 0x4, 0x5, 0x8000, 0x493e, 0x2, 0x35ff4447, 0x7, 0x5, 0x5, 0x5d3a, 0x2, 0x5, 0x3ff, 0xb892, 0xffff0000, 0x9, 0x3, 0x2, 0x10, 0x8, 0x2, 0xff, 0x6, 0x4, 0x4, 0x200, 0x0, 0x7, 0x4e6, 0x8, 0x40000000, 0x3, 0x7ffe, 0xc, 0x41, 0x400, 0x1, 0x5, 0x0, 0x9a8, 0x99f, 0x231, 0x3ff, 0x8, 0x1, 0x7, 0x1, 0x1, 0x10, 0x8, 0x5396, 0x6161, 0x9, 0x101, 0x202, 0x8, 0x431, 0x6, 0x5, 0x4, 0x7b, 0x7fc, 0x9]}, 0x45c)
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042)
write$binfmt_aout(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4"], 0x125)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000500)={0xa, 0x4e22, 0xc, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}, 0x1c)
r3 = fcntl$dupfd(r2, 0x406, r2)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000380)=0x10, 0x1c)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x20000, 0x0, 0x2c, 0x0, 0x0, 0x0)
r5 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x3c3f, 0x10100}, &(0x7f0000002000)=<r6=>0x0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r5, 0x48e9, 0x0, 0x2, 0x0, 0x0)
sendmsg$AUDIT_DEL_RULE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[], 0x420}, 0x1, 0x0, 0x0, 0x4810}, 0x400c890)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[], 0x56c}, 0x1, 0x0, 0x0, 0x200440d1}, 0x800e885)
syz_genetlink_get_family_id$devlink(&(0x7f00000012c0), r3)
syz_clone3(&(0x7f00000005c0)={0x8001000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000300), {0x20}, &(0x7f00000003c0)=""/67, 0x43, 0x0, &(0x7f0000000440)=[r4], 0x1, {r3}}, 0x58)
read$FUSE(r3, &(0x7f00000036c0)={0x2020}, 0x2020)
shutdown(r3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0)

8m4.754766993s ago: executing program 2 (id=2052):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) (async)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) (async)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x20200, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000001, 0x12, r2, 0x0) (async)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x20880)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000080)=0x4) (async)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240)=[0x2], 0x0, 0x9}}, 0x40) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r0, 0x0)

7m49.223715088s ago: executing program 32 (id=2052):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) (async)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) (async)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x20200, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000001, 0x12, r2, 0x0) (async)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x20880)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000080)=0x4) (async)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240)=[0x2], 0x0, 0x9}}, 0x40) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r0, 0x0)

35.399846265s ago: executing program 1 (id=3688):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="aa4342aeb4703ac6fac2a3ed9a65950623", @ANYRESOCT=r0, @ANYRESHEX=r0], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000080)=[0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0xa, 0x0, &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140), 0x0, 0x76, &(0x7f00000001c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000003c0), &(0x7f00000004c0), 0x8, 0x17, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r1, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r2, 0x25, 0x0, @void}, 0x10)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000200)={'vxcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000000)={0x1d, r5}, 0x18)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r6, 0x4b4a, &(0x7f0000000080)=""/159)
r7 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r7, 0x0, &(0x7f0000000f80)={0x24, 0x0, 0x0, 0x0, &(0x7f0000000e40)={0x20, 0x80, 0x1c, {0x1, 0x2, 0x5, 0x5, 0xaac6, 0x6, 0x1ff, 0x4, 0x856f, 0x1, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0})
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r8, 0x80015b12, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000001000000000200000000000000000000000000000a03000000000000000000001302"], 0x0, 0x56}, 0x28)
sendmsg$can_j1939(r4, 0x0, 0x10)
syz_emit_ethernet(0x1e, &(0x7f0000000200)=ANY=[], 0x0)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r10 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r10, 0xc0184800, &(0x7f0000000100)={0x4, <r11=>r9})
ioctl$DMA_BUF_SET_NAME_A(r11, 0x40086203, 0x0)

32.387143664s ago: executing program 1 (id=3695):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@ipv4_delroute={0x28, 0x19, 0x1, 0x70bd2d, 0x25dfdbf8, {0x2, 0x20, 0x20, 0x0, 0xff, 0x2, 0xff, 0x2, 0x1a00}, [@RTA_MULTIPATH={0xc, 0x9, {0x8, 0x28, 0x10}}]}, 0x28}, 0x1, 0x0, 0x0, 0x448d0}, 0x1000) (fail_nth: 8)

32.24157991s ago: executing program 1 (id=3696):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f00000003c0)={0x13, 0x10, 0xfa00, {0x0, r2, 0x3}}, 0x18)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x41, 0x0)
write$binfmt_misc(r3, 0x0, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f00000002c0)={0x12, 0x10, 0xfa00, {&(0x7f00000001c0), r2, r3}}, 0x18)
syz_emit_ethernet(0x4e, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd61b341af001800fffe880000000000000000000000000101fc00cc00000000000000000000000003ff0207"], 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000180)=r4)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r6}, 0x18)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r9, 0xc0285700, &(0x7f0000000040)={0x4, "d2c4924d08b1e00000000000000000f3f70000000400000000fcff00", <r10=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r10, 0x40103e05, &(0x7f00000001c0)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r8)
sendmsg$IEEE802154_ASSOCIATE_REQ(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000001", @ANYRES16=r11, @ANYBLOB="08002dbd7000fedbdf25010000000500070008000000000011001000000000001100c000000000001d001e0000000000080047f60000"], 0x55}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000881)
r12 = openat$vcsa(0xffffff9c, &(0x7f0000000040), 0x10482, 0x0)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r12, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x8, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x14000800}, 0x800)

32.034114046s ago: executing program 1 (id=3697):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0)
timer_create(0x1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
dup2(r0, r0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) (async)
prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0) (async)
timer_create(0x1, 0x0, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async)
dup2(r0, r0) (async)

31.96291986s ago: executing program 1 (id=3698):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000340)=0x3, 0xd, 0x901, 0x0, 0x0, 0x0)
r1 = openat$comedi(0xffffff9c, &(0x7f0000000200)='/dev/comedi4\x00', 0x181202, 0x0)
ioctl$COMEDI_CMDTEST(r1, 0x8040640a, &(0x7f0000000100)={0x0, 0x20000, 0x100, 0x800, 0x0, 0xa, 0x80, 0x6, 0x7ffffff9, 0x0, 0xffffffff, 0x9c3, &(0x7f0000000140)=[0x3], 0x1, 0x0})
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x180)
chdir(&(0x7f0000000140)='./file0/file0\x00')
setpgid(r0, r0)
setpgid(0x0, r0)
r2 = syz_open_dev$usbfs(0x0, 0xb, 0x101301)
ioctl$USBDEVFS_ALLOW_SUSPEND(r2, 0x5522)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e23, 0xb9, @loopback}, 0x1c)
listen(r3, 0x5)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r4, &(0x7f0000000400)="ea", 0xfef4, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0x9}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r5)
shmctl$IPC_INFO(0x0, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ptrace$getsig(0x4202, r5, 0x40000003, &(0x7f0000000480))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
socket$alg(0x26, 0x5, 0x0)

31.054181622s ago: executing program 1 (id=3703):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x88)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
chdir(&(0x7f0000000540)='./cgroup\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x115)
getdents(r0, &(0x7f0000000040)=""/61, 0x3d)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ENDIAN(r2, 0x4008af13, &(0x7f0000000640)={0x1, 0x9})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCDELRT(r3, 0x890c, &(0x7f0000000180)={0x0, @sco, @hci={0x1f, 0x2, 0x3}, @nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x80000}, 0xceba, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)='wlan0\x00', 0x55dc, 0x2, 0x3})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x8, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xc82d19c8fde7e7ec, 0xffff}, {0x0, 0xfff3}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r8, {0xf000, 0xffff}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0xe, 0xf}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

16.063073399s ago: executing program 33 (id=3703):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x88)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
chdir(&(0x7f0000000540)='./cgroup\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x115)
getdents(r0, &(0x7f0000000040)=""/61, 0x3d)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ENDIAN(r2, 0x4008af13, &(0x7f0000000640)={0x1, 0x9})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCDELRT(r3, 0x890c, &(0x7f0000000180)={0x0, @sco, @hci={0x1f, 0x2, 0x3}, @nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x80000}, 0xceba, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)='wlan0\x00', 0x55dc, 0x2, 0x3})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x8, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xc82d19c8fde7e7ec, 0xffff}, {0x0, 0xfff3}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r8, {0xf000, 0xffff}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0xe, 0xf}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

5.980661064s ago: executing program 5 (id=3806):
r0 = openat$binderfs(0xffffff9c, &(0x7f0000000000)='./binderfs/custom0\x00', 0x1400, 0x0)
r1 = io_uring_setup(0x4b36, &(0x7f0000000040)={0x0, 0xac94, 0x2086, 0x3, 0x118})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x1010, r1, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f00000000c0)={0xfffff191, 0xffffff1f})
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x1)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r2, 0x80dc5521, &(0x7f0000000140)=""/218)
write$binfmt_misc(r2, &(0x7f0000000240)="ca8b6d5ef6224d245f93181a1e3a07fd4c474f5c7fc529d5573b5235751a7ac90d47786d81e84f40589ebe9192f1abaf84d9a367d9c03ab613fdaa446f33bd83e3df33cdc14c4f74f47676860bd19642eaf82b52df487d5f3d32b5abb2a420c4fd5f914e30daa2629b73fae76d2be8e4f51aed84ae49e1c0", 0x78)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
ftruncate(r2, 0x2)
r3 = openat$sysfs(0xffffff9c, &(0x7f0000000300)='/sys/kernel/vmcoreinfo', 0x200000, 0x5c)
fcntl$setpipe(r3, 0x407, 0xd)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000003c0)={'syztnl2\x00', &(0x7f0000000340)={'ip6_vti0\x00', <r5=>0x0, 0x4, 0x8, 0x72, 0x3, 0x60, @private1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x20, 0x40, 0x8, 0x8}})
ioctl$sock_inet6_SIOCDELRT(r4, 0x890c, &(0x7f0000000400)={@rand_addr=' \x01\x00', @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5, 0x5, 0x8000, 0x400, 0x5, 0xff7768b722a84632, r5})
r6 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000480)="30d9de134559255dbfc2d64045aabb7081a1024f288be16afc16aa9e42289a0902768157f608a408d5f8613dfbd149d97871e6b69f7cd0b778225c5d8063eb7adace9eef891bf3be67eed5a7d314fa524e73a941de69d94a4d752e08a747506f94db60b40f8ce95d50db16b14892c5d9d5f223bd244d3e7d23c052dd9b7123df3a6f971aa9ea5b41d37ca8b569d1f2572059554603b42b09130fe270d39e5d655042c5c2118c4d3001d3", 0xaa)
io_uring_register$IORING_REGISTER_CLOCK(r3, 0x1d, &(0x7f0000000540), 0x0)
write$P9_RREADDIR(r3, &(0x7f0000000580)={0x83e, 0x29, 0x2, {0x3, [{{0x31, 0x4, 0x3}, 0x7, 0x62, 0x7, './file0'}, {{0x0, 0x3}, 0x2, 0x2, 0x7fc, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}]}}, 0x83e)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, &(0x7f0000000dc0), &(0x7f0000000e00)=0xc)
openat$vga_arbiter(0xffffff9c, &(0x7f0000000e40), 0x82081, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(r3, 0x80049367, &(0x7f0000000e80)=0x6144)
bind$alg(r6, &(0x7f0000000ec0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000fc0)={'syztnl0\x00', &(0x7f0000000f40)={'syztnl0\x00', r5, 0x4, 0x8, 0xbf, 0xf848, 0x30, @empty, @mcast2, 0x0, 0x1, 0x5, 0x4}})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r7, &(0x7f0000001140)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001100)={&(0x7f0000001040)={0x90, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x2}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x2}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x4b}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0xe}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x9}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xb}]}, 0x90}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
r8 = openat$dir(0xffffff9c, &(0x7f0000001180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10c00, 0x2e)
fspick(r8, &(0x7f0000001980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$SNDCTL_TMR_SELECT(r2, 0x40045408)
ioctl$DRM_IOCTL_AUTH_MAGIC(r2, 0x40046411, &(0x7f0000002180)=0x6)

5.920477178s ago: executing program 5 (id=3807):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0xa0380, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000000)=r3)
write$cgroup_devices(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="1e03063abc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

3.749866543s ago: executing program 0 (id=3818):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="00000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.650308727s ago: executing program 0 (id=3819):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000100)={0x7, @raw_data="8a93a9bca2e7a34fd42cad7a27db2244182edb88bfb1f531061fff7f8e2167ccf1cb11a2bc849e7071c7dc5809a0e1e7a322fb50414f35f9a64a7a24e6eac6339fe77f834b71d14670185f2b582edd96ac12667b94ce5d1dab41c7702b0dd2df2800fe8ca0eb607aace9f42c6f82b97820cb0686ff8279996467f64732144e6d8a36e8848dcbc0be0fe8c515128a63995eba99cf70e5db63cb5a10703d334e05c4fcbf9910e795abe501acb4bc4ae4b30c5e2679214f982efdb31aed3ae4392d31b7177aee45dd8c"})

3.64994095s ago: executing program 0 (id=3820):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = io_uring_setup(0x3c91, &(0x7f0000000900)={0x0, 0x1246, 0x0, 0x1, 0x60})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r3)
r4 = fcntl$dupfd(r2, 0x0, r2)
read$snapshot(r4, 0x0, 0xffffffbf)
inotify_init1(0x80800)
r5 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r5, 0x48e9, 0x0, 0x2, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r1, 0x40044146, &(0x7f0000000040)=0xaac)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r9, 0x40089413, &(0x7f0000000000)=0x5)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'erspan0\x00', <r10=>0x0})
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000838500000004000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xc}, {0xffff, 0xffff}, {0x8, 0xd}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xca72}, @TCA_FQ_PIE_ECN={0x8}]}}]}, 0x44}}, 0x68000)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r0, 0xe, &(0x7f00000002c0)={0x274ac000, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)=""/59, 0x3b}, {0x0}, {&(0x7f00000000c0)=""/59, 0x3b}, {&(0x7f0000000100)=""/43, 0x2b}, {&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f0000000340)=""/221, 0xdd}], &(0x7f0000000280)=[0x74, 0x2], 0x6}, 0x20)
r12 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r12, &(0x7f0000000300)=[{&(0x7f0000000540)='0', 0x1}, {&(0x7f0000000080)}], 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904"], 0x0)

3.449347812s ago: executing program 5 (id=3821):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r0=>0x0, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000380)={0x50, 0x0, r0, {0x7, 0x28, 0x7fffffff, 0x4069a064, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffec}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f000000a280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004f00)={&(0x7f0000000540)=@kern={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000bc0)=[{&(0x7f00000006c0)={0xc8, 0x42, 0x200, 0x70bd25, 0x25dfdbfc, "", [@typed={0x8, 0x13b, 0x0, 0x0, @u32=0x1000}, @typed={0x8, 0x113, 0x0, 0x0, @fd}, @typed={0x4, 0x9a}, @generic="17f4ba62cf83ba6209b62f31f785c331cfb56f3866cf98bc61d490677a65accde48aca653b3aa71d3dab53a1bacfe0bda0ce0b6a40217b7540102268fd6cad341397b48f0d619fb9686994ef488a7991afcabd", @nested={0x4d, 0x61, 0x0, 0x1, [@generic="dd89b9b13d3cb48a1bd136e465c9f5f7bb740b1e87af2793ee1963b4dbfbbb9a36493599f6aeb7af25d074a0a56835c69ded61cb1845b0c9a8ae15a8f3", @typed={0x8, 0xbf, 0x0, 0x0, @uid}, @nested={0x4, 0xc3}]}]}, 0xc8}, {&(0x7f00000007c0)={0x30, 0x2d, 0x300, 0x70bd29, 0x25dfdbff, "", [@generic="017b4d7f9862aa34d74802065e7871382a1d5925f41356bb88ce0d56f87f"]}, 0x30}, {&(0x7f0000000940)={0x268, 0x3d, 0x300, 0x70bd28, 0x25dfdbff, "", [@nested={0x12e, 0x13f, 0x0, 0x1, [@typed={0x8, 0xa6, 0x0, 0x0, @uid}, @generic="3a31243aaa61be6eb0d0849635cad3c1e36d651e82d90ea1e392d6d31047f3e42ed556b979a05529d5888be4d2b7d81ffa0a92ff0941259fa34a80f43c377db87b3b948fd622269a92a71ca94dd57b14a190b3a8cdc51c0a17edd429689e725ec515d670509e4db47cdf2ba47962e76a042ae8f51a1e2fa807539c04071ffa7a2252d657944debf1e5a05242d88d382820d937b0dd5f7fb1d8edae4712d9c8098f21f2", @generic="d0e259cb51ff0260a8ef0e738049b126a388b1b0d64b34e03e64cf756284341aefbf03bb943850e0615ba419b1e59d01c405372922ad786913e5f3a027db31f6ac76833aa8e23f39b3154a4013bff29a2db54c79a1a250335660d18d5ea3d7327e2664a55560762d33a4808787fe3d72461aa5", @typed={0xc, 0x2f, 0x0, 0x0, @u64=0x7fff}]}, @generic="7dea362a49e01abbd6a36d16ae37f213c618483d52abfcf57f61ea4effa7779e33f17ca5b13f1f9248c6bab35ddce3ddb45af91c3dbc0ea683a99d9ee6efa14b17220464104a60264e459b6981021b99a740df7310eb54130dd14994bf7b2a1902d27a6a45aeb0a0cde05ced7921c3d11fce91e7d6aed31f57402274e5ff3b9322d5d2bc62a68879d5fbede6bf7f8dd5bab2827ab76218d2649b658320c249e56ced24f6d5f69e4adce6003af5e608b4969d32ba3ea30049dd5f02d37ead95964730", @typed={0x61, 0x8, 0x0, 0x0, @binary="3b2f62c9d9756a277276b853d71913895d73baf68271fa93ba4c34ba9dd454ef604cb5493e743bf5b87ad9a87bf288c772226411b1e069acccb3bb26bc9178abbb2c8ac5a3b10e47c56f017bac4057991d3815bcaa83770108e9921911"}]}, 0x268}], 0x3, &(0x7f0000004e80)=[@cred={{0x18}}, @cred={{0x18}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, r1}}}], 0x48, 0xc001}, 0x4)
openat$ttyS3(0xffffff9c, 0x0, 0x131040, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_clone(0x800c0100, &(0x7f00000004c0)="4e62cd22f319bc78b88adb0961972fe6eaa2fe755f36f73916f9affd190f6d7ddae0f83beeb6207f0ac74f74fd8d5bba31ceb9f291ebed39fa10a9c469509c06b364d66222331f32d60bc665197079b29b085d42607d355d2bfc9c5d8a11b53013aff21a1579fb96415954c355b70acd6d651b2a463fc2446f1d0ddfae", 0x7d, &(0x7f0000000280), 0xfffffffffffffffe, &(0x7f00000003c0)="ae913a44cb6bf6bcfa1515f63aa34d2ec132d7d470644abd2ba0d4a4056736380257cd27edd7fd1d510b23c0f71524c01a527225ecb9accf39e5ba9b2f614536")
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = dup(r5)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
sendmsg$inet6(r5, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1, 0x0, 0x11}, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x3, 0xfffc, 0xe652, 0x2, 0x85, 0x8, 0xff}, 0x9c)

2.364376077s ago: executing program 3 (id=3828):
r0 = openat$fuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={<r2=>0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e23, 0x9, @mcast1, 0xffff}]}, &(0x7f0000000180)=0xc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYRES16=r0, @ANYRESDEC=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004000}, 0xc000)
r4 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r4, &(0x7f0000000380)={0x28, 0x0, 0xffffffff}, 0x10)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000340)={'ip6tnl0\x00', {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}})
listen(r4, 0x5)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r6, 0xff, 0x1, 0x0, &(0x7f00000001c0)=0xfffffffffffffe95)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8b30, &(0x7f0000000040)={'wlan0\x00'})
r8 = socket(0x28, 0x5, 0x0)
r9 = socket(0x2, 0x3, 0xff)
bind$inet(r9, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendto$inet(r9, 0x0, 0x50, 0x1005c850, &(0x7f0000000000)={0x2, 0x4e22, @multicast1}, 0x10)
connect$vsock_stream(r8, &(0x7f0000000080), 0x10)
r10 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r10, 0x40186f40, &(0x7f0000000040))
write$binfmt_aout(r10, &(0x7f0000000240)={{0xcc, 0x4, 0xfc, 0x102, 0x1b3, 0x5, 0x3e, 0x1000}, "137d7a4415d01bbf360d068f6abd9f155b8c2cef64865792093d9e802d36131312"}, 0x41)
sendmmsg(r8, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x4002d}], 0x1}}], 0x1, 0x24008094)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000080)={r2, @in6={{0xa, 0x4e24, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}}, 0x5, 0x0, 0x80000003, 0x104, 0x0, 0x7, 0x6}, 0x9c)
fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, <r11=>0x0})
r12 = syz_open_procfs(r11, &(0x7f0000000200)='stack\x00')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000002000000000000000200000d000000000b000000000000000900000005000000031000002aa33b4fe08d"], 0x0, 0x36, 0x0, 0x1}, 0x28)
lseek(r12, 0xffffff61, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r12, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x7, 0x4, 0x3e4, 0x1f8, 0x1f8, 0x10c, 0x304, 0x304, 0x304, 0x4, &(0x7f0000000300), {[{{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local, @private=0xa010102, @empty, 0x2, 0xffffffff}}}, {{@arp={@rand_addr=0x64010100, @empty, 0xffffffff, 0x0, 0x7, 0x5, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, {@empty, {[0xff]}}, 0x6, 0x2, 0x7c7, 0x7f, 0x0, 0xfff9, 'wg1\x00', 'bond0\x00', {0xff}, {0xff}, 0x0, 0x35a}, 0xbc, 0xec}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x5a675289, 0x7, 0x9}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @multicast2, @multicast1, 0xf}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x430)
bind$inet6(r12, &(0x7f0000000000)={0xa, 0x4e24, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c)

2.318550934s ago: executing program 3 (id=3829):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = syz_open_dev$vbi(&(0x7f00000002c0), 0x3, 0x2)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000100)={0x7, @raw_data="8a93a9bca2e7a34fd42cad7a27db2244182edb88bfb1f531061fff7f8e2167ccf1cb11a2bc849e7071c7dc5809a0e1e7a322fb50414f35f9a64a7a24e6eac6339fe77f834b71d14670185f2b582edd96ac12667b94ce5d1dab41c7702b0dd2df2800fe8ca0eb607aace9f42c6f82b97820cb0686ff8279996467f64732144e6d8a36e8848dcbc0be0fe8c515128a63995eba99cf70e5db63cb5a10703d334e05c4fcbf9910e795abe501acb4bc4ae4b30c5e2679214f982efdb31aed3ae4392d31b7177aee45dd8c"})

2.317869547s ago: executing program 3 (id=3830):
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000040)={0x1, 0xc, {<r0=>0x0}, {0xee01}, 0x10})
r1 = syz_open_procfs(r0, &(0x7f0000000080)='loginuid\x00')
write$cgroup_pressure(r1, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000005, 0x6031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4006, &(0x7f0000000000)=0x4, 0x5, 0x2)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3, 0x2, @thr={&(0x7f00000000c0)="ad93d9f96ef6757045545895226e296288b73ad414a3cd6722644270dc628f56cebf0a429793b16104aeb9ed628de627bfa4", &(0x7f0000000100)="8f2f94b93b1cd4d9066815d595bb65c7e1aa215bf4f23cee0bfe02a2cc5ce6a1bb7a8d"}}, &(0x7f0000000180)=<r2=>0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = fsopen(&(0x7f0000000200)='affs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
timer_getoverrun(r2)
recvmmsg(0xffffffffffffffff, &(0x7f0000000800)=[{{&(0x7f0000000300)=@isdn, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000500)=""/124, 0x7c}, {&(0x7f0000000580)=""/226, 0xe2}, {&(0x7f0000000280)=""/42, 0x2a}, {&(0x7f0000000680)=""/210, 0xd2}, {&(0x7f0000000900)=""/245, 0xf5}, {&(0x7f0000000a00)=""/213, 0xd5}, {&(0x7f0000000b00)=""/193, 0xc1}, {&(0x7f00000003c0)=""/32, 0x20}, {&(0x7f0000000440)=""/51, 0x33}, {&(0x7f0000000780)=""/118, 0x76}], 0xa, &(0x7f0000000c80)=""/195, 0xc3}, 0x1}], 0x1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat(r1, &(0x7f0000000dc0)='./file0\x00', 0x206404, 0x80)

2.080268892s ago: executing program 3 (id=3832):
r0 = syz_io_uring_setup(0x10b, &(0x7f00000003c0)={0x0, 0x334b, 0x80, 0x3, 0x805}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4) (async)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE_FIXED={0x5, 0x7a, 0x6000, @fd_index=0x9, 0x6f, 0x100, 0xc, 0x2, 0x1, {0x0, r3}})
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xc600c7, 0x0) (async)
io_uring_enter(r0, 0xbbc, 0xd582, 0x0, 0x0, 0x0) (async)
r5 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
fcntl$notify(r4, 0x402, 0x5) (async)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000073d000/0x3000)=nil) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xb, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="180200000200e2ffffffffffffff000085000000a00000000900000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r7 = openat$dsp(0xffffff9c, &(0x7f0000000140), 0x400000, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r7, 0x40246608, &(0x7f0000000180)={0x1, 0x4, 0x1, 0x0, 0x1, 0xc81})
ioctl$FS_IOC_SETFLAGS(r0, 0x40046602, &(0x7f0000000100)=0x80) (async)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000380)={0x1, 0x0, &(0x7f0000000340)=[<r8=>0x0]})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r6, 0xc05064a7, &(0x7f0000000580)={&(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[{}], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], 0x1, 0x5, 0x8, 0x0, r8})

1.913191733s ago: executing program 4 (id=3833):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000079b6900000008000300", @ANYRES32=r3], 0x38}}, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe(&(0x7f00000000c0)={<r7=>0xffffffffffffffff})
mkdirat(r7, &(0x7f0000000040)='./file1\x00', 0x26)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_off}]})
chdir(&(0x7f0000000100)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000008f000000000000000100000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000054000001b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000c3090000f1000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0xd}, 0x94)
rename(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040)='./bus\x00')
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r6, 0x89f4, &(0x7f0000000000))
r9 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r9, 0x40103d0b, &(0x7f0000000080)={0x3, 0x1})
bind$netlink(r5, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r5, 0x0, &(0x7f0000000080))
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r10=>r0})
ioctl$DMA_BUF_SET_NAME_A(r10, 0x40086203, 0x0)

1.797900355s ago: executing program 3 (id=3834):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x7000000, &(0x7f0000000340)={&(0x7f0000000380)={0x2, 0x2, 0x0, 0x2, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0xc0000000}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @local}}]}, 0x50}, 0x1, 0x7}, 0x0)

1.797256916s ago: executing program 4 (id=3835):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
syz_usbip_server_init(0x6) (async)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$netlink(0x10, 0x3, 0x15) (async)
socket(0x2, 0x3, 0xfc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) (async)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) (async)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000300)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x8000}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f00000001c0)='mm_shrink_slab_start\x00', r3, 0x0, 0x5f}, 0x18) (async)
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0xffffffffffffffa1) (async)
r6 = memfd_create(&(0x7f0000000280)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\x86\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x1)
write$binfmt_misc(r6, &(0x7f0000000180)="e5", 0x1)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) (async)
write$FUSE_INIT(r4, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x29, 0x8, 0x55610518, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4}}, 0x50)
lchown(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)

1.797010109s ago: executing program 3 (id=3836):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="aa4342aeb4703ac6fac2a3ed9a65950623", @ANYRESOCT=r0, @ANYRESHEX=r0], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000080)=[0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0xa, 0x0, &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140), 0x0, 0x76, &(0x7f00000001c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000003c0), &(0x7f00000004c0), 0x8, 0x17, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r1, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vxcan0\x00'})
r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, &(0x7f0000000f80)={0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r3, 0x80015b12, 0x0)

1.639645031s ago: executing program 5 (id=3837):
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "64f9ff", 0x0, 0x3b, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2}}}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @multicast1}}, 0x100000, 0x7f, 0x0, 0x2, 0x36, 0x200}, 0x9c)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_CAP_HYPERV_SYNIC2(r3, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x40000083, 0x0, 0xfff}]})
openat$kvm(0xffffff9c, &(0x7f0000000040), 0x180, 0x0)

1.369980249s ago: executing program 4 (id=3838):
r0 = syz_open_dev$vbi(&(0x7f00000002c0), 0x3, 0x2)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000100)={0x7, @raw_data="8a93a9bca2e7a34fd42cad7a27db2244182edb88bfb1f531061fff7f8e2167ccf1cb11a2bc849e7071c7dc5809a0e1e7a322fb50414f35f9a64a7a24e6eac6339fe77f834b71d14670185f2b582edd96ac12667b94ce5d1dab41c7702b0dd2df2800fe8ca0eb607aace9f42c6f82b97820cb0686ff8279996467f64732144e6d8a36e8848dcbc0be0fe8c515128a63995eba99cf70e5db63cb5a10703d334e05c4fcbf9910e795abe501acb4bc4ae4b30c5e2679214f982efdb31aed3ae4392d31b7177aee45dd8c"})

1.369534316s ago: executing program 4 (id=3839):
prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000000000/0x3000)=nil)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd26, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x6c, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffc, 0x0, 0x3}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$pptp(0x18, 0x1, 0x2)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000100)={0x30, r4, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x40000007fff}]}, 0x30}}, 0x20000000)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010027bd7000000000001400000018000180140002006e657464657673696d3000000000000005000c000300000008001600ffffffff080003000d0000"], 0x5c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', 0x0, 0x0, 0x0)
syz_80211_join_ibss(&(0x7f0000000300)='wlan0\x00', &(0x7f00000001c0)=@random="856f410d7e02b3b4", 0x8, 0x2)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x4e23, 0x4, @local}, 0x1c, 0x0}}], 0x2, 0x0)

1.369337636s ago: executing program 5 (id=3840):
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f725616b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633b72fad6265a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329dffafc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
r0 = syz_open_procfs(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000001900)={0x1, 0x7f})
setsockopt$RXRPC_SECURITY_KEYRING(0xffffffffffffffff, 0x110, 0x2, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000001a80)=ANY=[@ANYBLOB="14220000", @ANYRES16=0x0, @ANYRESHEX=r0], 0x14}, 0x1, 0x0, 0x0, 0x15}, 0x20000806)
r2 = socket$inet6(0xa, 0x2, 0x0)
openat(r0, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x6b)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0xe0100, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r5 = fsopen(&(0x7f0000001a40)='ufs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000140)='\x00\x00\x00\x00\xbb3', &(0x7f0000000180)='#:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, 0x0, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r3}, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001e80)={&(0x7f0000001900)=ANY=[], 0x0, 0x1a, 0x0, 0x1, 0x4, 0x10000, @value=r0}, 0x28)
madvise(&(0x7f00004e3000/0x3000)=nil, 0x3000, 0x12)
r6 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
getsockopt$inet_sctp_SCTP_RTOINFO(r6, 0x84, 0x0, &(0x7f0000001e00)={<r7=>0x0, 0x0, 0x9, 0x2}, &(0x7f0000001940)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000001980)={r7, @in={{0x2, 0x4e20, @private=0xa010101}}, 0x0, 0xfff}, 0x88)
writev(r6, &(0x7f0000001d40)=[{&(0x7f0000001ac0)="f3bfd126d6e1a56385d81f600876be71b80a6e3d8fd5ae34f6421b055707c8460d93f4ea03eb0e3ae731c4738ae507e4728f04619a6844e0b071ad2a74e4b0d0e6ce2f4c2000648d235cd8fe5afed5ff3f7e499d564599766e4aacc382c8e1a570eb07d8b1cdb4b6648f39d19fbecdb4ba81b1b477f3395bc2b4aa3c3163736696deee5da5c9d0dea6b01702050e76b63f3c0a7a3c3138df2c32868128ce4c290d1aea31fe9e00000000000000", 0xad}, {&(0x7f0000000900)="cf4bccba8ec137a37338dea760f0d9619d30fa0f56bdaabc21a8e1eb7563ef8326e2d188d155ad5f45138ad2ada7c0d5a73ee4eaf5c18b37386ca7e5bacf2d5aab122d750513dcc1cc11c16297df221ba5427ba4ec8939272ab5d5968acce50d721162748e311641dd7234b6d4890c6eab1cb610ad11f91d819ec36912b78d1ab3419ee7e97167ccafabeb34c754571b1b787647d0377d61e59bc77ab49c6ae9620d13daa65ead3ef998250a1db5b04c3dd6801850088f4222d7bb18096d63f79679f34c2422c58bbbcc8fdf6ab6f343f794f01079b674ef315ea56ac1b4bdaef4b81a8363635634422f782d52122466ffaaf79661f8881a663fbf9ddf035cf8cf46a716d3efd32cdbd585f312d3e2d081dcea489191b1673270839f02b4c8eca9661f2745eb81c45a6b54273cfe6065a4fc434ba1a68c1cb7ab194e2ec431a4f90a99b45d2449a4b57092b09a664ad91bb093700cecbfe5dc8688441495b3f4d67cf9a9acbd257fee4c3ca7be45e776b1541895e4d493abd2429b8fcead1b152df7ba1378515aca3a5b18b39227f115c95a81fe484e5767a0e2f8cf16ab690b12dfa92a5b0c62ab50b94ec65bda7bb73c3fb26166df4219c73d4060f1daa02627b369f2501f1fa267d459664041373dc612ccd530aa36ab16d9d8651a52597976c29189d19188ed09d3a65bda32ca5207585eae4f2f3d17253bc024c7844068504d568e0d046a2878ea07adbc203a45f57d0b99866de1d1013d6a3c6096bd0ecd0d08852daba0eef659fbe4e9a6497ac2ee944415b8e6db2e24258e3826fd12f30f99fc57f30915af1c1d55f971b9f1568b069bf4ba25aa9c3807e226b0a01925e86b21314490331dba2de834eef75124d18b506757794727d037b20badc80d5982dce9ea9233d9be5d1449368e82c35411e2b0d404889236e240d282c0819d28f6d0871125102478624490af38c70f4e8d8495b495348d612550d99241e7eec89fb341927d201f8cfbf415e9fe484b43dec317034a3da0402b3e6c1ece5beb7e65fab5469877e657020e9fb9716d74f2ed0a61c04ff26e88d14d5af7451c2d601a33040cfd6d37b04b46ddda77d17d3ed065a7979c478cff3403101b2018d1bfe9ca30bb4cf89c9d911cd5f353dab5a2bd1d813ca29bd14c9bc4bc98a7543d32dc72f8a86ced290aa65278a05c8dfdbceaa5fbf4e00e6f546fbafc5956698837fda1da8ac7e6007f222c19b5088022f50f31fcb3e2abc2a4a15a309dfcdaa1b744f8d03be81bd3b27cf773b06b136c0a9ccd7d8f77aeea84d8ac420d68327ccdedc640d51ea93e03c993db39cd9a9d4dbb66dd74d10aecaa01a65925632d9e8b48373153da1523d99dcd0e1e7ab79942e03498152628f262278bc2c204147643fdf23c685d1478fc58ded09310e32446006342039eff18c850d2244b237d7f549b17666d23fb4328d698a93572fc596c127c99e44f173574f0ab38b87a9ef931a8c2b6c6b73fae60599b4451535ddee38bbefbdaf1f70f7676f737274ccd51773446ef12c48fa5a4f2f69eef63f95c96918bc227e5831364cbcb19fce0c5dd4a1379b3ff5f08865a5c1d761d939b5f06439727476c99e83eea5e8cb072174d2ffd955fa853d1a11c9f8544d6e7779d904c890e8922c349f8d80a2f9aae7d067ca3992571998c5d06a12ea5b3c6598907d488bafafac845770aabb98bd9e6bf86b8dd9821040528a7d7eada471db4516f16989f88cd213df31050d9bce688101b1fca1f2a48ffe7507770c15045c8688826adc640f1f04a5b3c2b619115ad0b1b1687746813c2787a0ce0825c1232cb0dd831cbfca2b05c6878af2aea1d60c5f820530e16046fa3306906953601c6e1d8f4bfc60004577fda9fc5b912ad3edb43de40049352d84f128415b0a994c0bf3e8295073f05321877f24deee30b905977c99597c0951c335eaba9a590cd5e03aeb0ba105046eb08bb5d6c389736645a48d0735273400837795abf51e08a27ba0b4d7fd10244251d3ce05b1eeb2b24aa790345317a764ccef04b51ab8c27ac3af1219e8d057f09e1ccc09e88fb1d4f9187a9ae1382e1fa4868a32460c20cfbdccfb7b5917accc6a9ca010887d722bf6c9668e7d487a4a1d4b9eb840145cf5392ade99d5a96d83383c0fcb97e2a83c295554e6683e4e930f313ee17642e2bb2fac781f3fb4673006c79206506e58ab0bd14450a84a611c58afa3686cea4a1b6a3a62cb868353ef6d1cabb2bc8994a7809dfca302823147c54d8b96f59c9f5d184dca72144a2926aa09fe4a861d42614155a55e9032b3a485aef0f9b8261e065fc6cf3627ae7d7ca91240ae361202ec78fac716781c78ff54c6256a1be8cf41448e506cb4e446b507fad7192e69daddb9fee523d919692eac910337e4a82e587bb3b05c56d16fe89b199bc644d8b5104f64d6ad59dec0e06633de937bc1b977c55d51ed1f67f1cca3832c62fd4d2d95a2bda64175ee44b6de2485046de6e4fbf4fb91f7770f74bed99adc31a1eb0c3d6d035460f0ef323363a25eea16d44840dc96ade09617dad2fa7febea7a33e15ea39b3a51a15ff4b9ca74464fbad239adb20d4ace49351c74eb89b4a0f43b52db2d2c2704ce2b1342647483b7d7c0e61b200308d90711a145fd791041a006e7601ed9b631c8958650be4ac7f66057306f221ee8c21e5a5dc97b1d29e3a859fc1a65d1dc002797e567afbfa2a9f1963e6109f846b3767851f0ecfeb2710b46bcad05827260b5ea11dba6203c3223b7b5e6d1a22835a7d97c8aa61bb5d216256123ffe84d19d85023331e75c4362f51be955b3a7087b25e4d816c2c1a922cef280f1c5254971443788534493f118105ffa936679593619a20a69aac3a46f320993f93952ff50f1e6431adee4fe6fa7455cfdc7f1d4d4148efd0403fac3769d8b9415947319f28c4378f5984a231e6ab03af2b9f1693694e1c6f466a94cebd2cfe2077289bc816b37f29c07a31f4b541309bf5fbb60cbe2bbe4b8e64302b9a700d0f7084f9610755b4a0873c5a868492c2171c96f8f5f62fc58d2850512854c8f24c40666f810c7f66b6691e7596ddf2755654c8ad52937b8752845b726f33963dbf0ef69b4945b7c0173e7885b81daaa3d4fac00486aaef10bbd5946ab24f6628f73c86f0b8785b8df22997057df8343bb0facf1e74b845ccdc455f13fa48224e37901240e8942b4d92478196367aec307c9d7cbf198b6b0870700b526d8b6bd3b9982b8b6ebccab8cd379de42eef117914e353e176c67f070f4b49a494cfaf94a534b32c772c023956041ed327f923408e9ebb3441072a80db1275f7af7f1440a65cc1e08c71be04fa93db6ef2b5a228f32c191002c78b7248c49cbbe3efb17e9d9f5a5cb6ebe05f21fddd5e470fe2b0d9a62e659f88d228bf206316d4ca75f165a256e89a45fae980016e900c0a9e66b4599b34b8b628f442301dcf69c220cd92728bdd6b8da6bdebc708034a2019b16dc207cfa26ae6fdcd904eba35cf051ab2aeb101cd1c213fdef6ad9adb198fd54b1615491f02d614f90f538abdc7f44e9192c6cf360c9dbd7c8bf80905808683482fd6d5b760e62c3a910a02918d3799360f0fdd65039d36ae90bc4d76154152a55bb061233829456ee8fd600a44504578fd306db9d6f9b215750f7fc3e68e44ffdfa53adec56993a5822eb0f01721326cd0f34248947fafb514519778a57ebd771de2654226a254afa6ce1262134ed1bc884c0e2f213bcd10371483a66845815b0cbc97ae0fdbb0af519a14c82fb9241a20d7bd9e53b0618233c2950d7fde151d04c8ea51d8625a3ffa963d5d3908beeddce5534b6c2552b4cc721284bb02bcc39e38888b874bf23c4ff733adca3d2921e2bb78c7081f9774f9fad54ed8811c275997a707fce1ae582f57d5ffa40bcc15b185a6459e698c7e1784fa58a04d5aa35a302952a183f031c80e573c9bce35824ebb202b7f310d5aa326b2203c210c83f60396785424491c430b7e8cdc3e389f3c4c78d98ec62b7ef5fe7b683e801130380ba5260fa3c6077498f9c7e634b5d512109dcefa130bdb2718653bec479dcfe9901cddb39ce02fc066bf22e4892855a29951120cdf6f9c3d8aed01739c53c51079c2c49e283b0859dbb943560ceab60e2923b3a03931c4be24c21deb7047c2d55528b4b8e48b73f82b721421b08471eef5456c0fed5cfe0b6998e2ff51fbdaf6fcf82ac6ee7e27517865f24639904c1dfaef747be66de019ae4e33808b16df50585af1a920ceb7e810cfafb4c9f6ce8e3221fcf2d671afc6cf53d08e1ac025b0e63e6c7e92bbcc9be6fecc896defcd2f379ba7096f7fb739db5887565d2c079a0e6d8b026cfeada96d6c712546e3ab4507d0b2a983f34fb9dde6880ca1895eb4756b7bbf93bf3ad270ac435c8d11a406f741a1c3bd1051ff7dae8a4e797cd5bbe7d80eb5264dace539a9e263757d9cdfc6f5106aea4b80ec0ddcd464373e741603cc994b524e58999d953151b90550f57e2399be404db017d99fafc19afcca6b4907e92d43deb3f37f24e93f1ddd18b6179dbd3468a9afc59fa42792ef37926444376c0e548d03bc1dcbbc31d11e8426f51c2966840ea53bd52ece37c794ad08a598ef503c85bf8a2e666dfcb4a537b70de6beb20aa3028a8d1e4f7dc9e70b8778840a5f5d066c45f41c8cd94cf89d1b1431aa81c157784eae6ba9cf36217e05b7b322f30b9bbfbe6d7912c48f7f0eb302d565aa99e1e8988eac34f2317e3d42ec0fcd9447ec22978fcd8a93d8c73ae45acb09e53c11d6bfccd94c80a7207be43059f335b3eee85056ba4a48840bbb90dc03474fc280f0c39759e613600973a0763f5944b3f69e9c5a9ab902acc66ac08eed4b5f76c1344704f5c3b172f93d6c9aa4334d8457b259119185d477700eeb091801fc292f05cc68ab0120ccedc6a8c2e5415a14986a0684b288b0bb34ea2bb566444b7de0ca8ea91f3f4895962efde9c9ba41a19c6880f51874cb228da2d62c694928820143e45c3c41ee34877a8cdfc29f934d7eab2e0ca1400ff23bc5f0dcd493f7bc4b01c5eed70bdec527ef8a033f08990fe8a8f0a4a0b1e35f823f68f52c3f1950eba56dfca109addb5edf671df47e966951da09683e510ee9000c7f64e902a405f7a2e1fb505b9553fe882122b7399ca108adbdbe8952ba60745fa38fe75352a57b28b3a8de1097648b95c9fe5715b43e602a6e20188f2cf71b4e7b7128d8dd47f3b06c72d2976a9c0b7ae02c0a9cef1ea193b4e3485250c3270034ae3c67e06dd64730079bd00f515d2be6b317cd2849c6043f764b1e86ae69cd8dade3503b95a57477e35916bfff2f5aedf85eb19689c67a5823da70e85de68b9d2183780a8f61a4322094ea0fc7ece8ebde05868cf745f4c309356b6fcb5d3d921a9cf6f83ced443ac224342f4784a01a3838e2e874b0072f819b18ecfd594ee4a63ca58c97b5248e1f72d879780c8ae4f1e47c6b9f0075d3c46a9dbe530305dd4dccb679396bdc5727a7ac2ae5f48775037f385fba724da70e7839988df1099c52dd490ae429474c29584898dbee7a0766a2da5efe6529963ccb929016734e989f53f1bf9626f8b90a651ac0ab245e3a8b4ebd20c96a9b303a0d767031d6efd5ab25ffd8f0e561508e2fc8f9814f0b309e91721bdf4626adfa41d4540b1cedf7fa0a579fa94a999b995c5e7e80120a33ccf72804323431cf02ac6bc38659efd9cb43be2867ce0d8f5df78be3e19b43264154c10c5241bab5c3b669617fc6d7f1f", 0x1000}, {&(0x7f0000001b80)="e13b6ba5f345ae5308e172924dbaafafe1286ddb370ab9270f88864a16860db125d45c7ef2a6b6cc1e879d0e9aa4a54aa20af1a42c3a2607650d1833b0bc085349ffa85307f4959d40ecd35b55abc72760839ea8a04bb32152e384f31da435bad4b3f22965725fbcecf7bf939c4d3b7edba1ea875f86753d42e4e9d52696482f7ccd6e3c06297ee71371bcb3", 0x8c}, {&(0x7f0000001c40)="e4da182a34690da718666717ca5a4dc39e58ef2ad7a3b97c281fda5fd6d58afd42fa04c00f0f8db8932553e42061ee580a263deb65b16783844e98db747c4a812eb7aeecece26ef0993980da0a7588eb2b31fa8b6af23817c569fc13fbbf80b22037c3e8f847d18c58cf384dd6cb49e861a214e10f902de514a86d82ad1650d59286c6eb9143fbcf9e5743df70b19289e6c3a336c7a5081961ccf1b1c9fa3fe18d81f45f305628565150974ba83d8a21a6f04b12c19c8528f0bf8e2ca068719b7bf98ce370869fa4c73b52c73b225a907c0c315bccdfcdd57bed8fd51efca8dd40cc412c5251c6", 0x91}], 0x4)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x480b82)

578.509625ms ago: executing program 0 (id=3841):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (fail_nth: 6)

367.611905ms ago: executing program 5 (id=3842):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042)
r2 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io$hid(r2, 0x0, &(0x7f0000000380)={0x18, &(0x7f00000002c0)={0x0, 0xf}, 0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r3, 0x40015b13, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad0000", @ANYRES64], 0x125)
keyctl$read(0xb, r0, &(0x7f0000000340)=""/111, 0x6f)

79.79791ms ago: executing program 4 (id=3843):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r3, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0xeffe, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0xa, 0x0, 0x0, @mcast2, 0x5}, 0x0, {[0x3, 0x1, 0x4, 0xfffdfffe, 0x0, 0x0, 0x0, 0xfffffffd]}}, 0x5c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'veth0_vlan\x00'})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="370056450f769846a179171fa3d80dfb44396813723e0791716354f82ef4bd3bbf1670dec39558314cf4ff7b2885c2cd8034fe5ced99d81225bbf770dde6bfb3a5599a57c2282a4635d602fea1c2635eadd24ef0e0191424eef688ce12c545e06e67b96cd8ab2a3c191ecfea687792de560eb52eb41ab3c4a6"], 0x4c}, 0x1, 0x0, 0x0, 0x4008040}, 0x20000004)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r3)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x10, 0x4, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="c707000000fb7e6ca268fffd32d26100850827", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r2, @ANYBLOB="28000e0080000000ffffffffffff0802110000000802110000000000000000000000000064000100080026006c09000008000c006400000008000d00000000000a0034000202020202020000080035000000000004000501"], 0x74}}, 0x0)

79.527588ms ago: executing program 0 (id=3844):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x6, 0x88482)
syz_open_dev$vbi(&(0x7f0000000140), 0x3, 0x2)
r1 = syz_open_dev$swradio(&(0x7f0000000440), 0x1, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r1, 0xc0405665, &(0x7f0000000280)={0xf5, 0x2, 0x2, 0x0, 0x0, 0x0, 0xe})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYRES16=0x0, @ANYRESDEC=r0], 0x28}}, 0x44000)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcd9)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
syz_open_dev$sndmidi(&(0x7f00000001c0), 0xfff, 0x11be02)
keyctl$get_keyring_id(0x0, 0x0, 0x110001)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$usbmon(&(0x7f0000000240), 0x4, 0x11000)
r2 = syz_open_procfs(0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x800, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route(r3, 0x0, 0x200080c1)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1)
socket(0x11, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f00000003c0)={'wlan1\x00', {0x2, 0x0, @broadcast}})
r6 = creat(&(0x7f0000000580)='./file0\x00', 0x0)
r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x6b6703, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1f, 0x0, &(0x7f0000000300)=ANY=[@ANYRES16=r2], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x70, '\x00', r5, @fallback=0x14, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

67.004522ms ago: executing program 0 (id=3845):
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f0000000080)={0x3, 0x40, 0x4})
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x7, @loopback, 0x8}, 0x1c)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0) (async)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r3, &(0x7f0000000340), 0x8)
setxattr$system_posix_acl(0x0, &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000000"], 0x24, 0x0)
mkdir(0x0, 0x0) (async)
mkdir(0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40)=ANY=[@ANYBLOB="0200000000000000000000000400"], 0x24, 0x0) (async)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40)=ANY=[@ANYBLOB="0200000000000000000000000400"], 0x24, 0x0)
rmdir(&(0x7f0000000040)='./bus\x00') (async)
rmdir(&(0x7f0000000040)='./bus\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32=0x1, @ANYBLOB], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) (async)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000540)={'c6xdigio\x00', [0x1, 0x80008000, 0x86c, 0xa, 0x0, 0x0, 0x1, 0x12, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x1, 0x1138fce9, 0x6, 0xffffffa7, 0x2000001, 0xfffffffd, 0x65c, 0x3ff, 0x10004, 0x800, 0xe2df, 0x9, 0x6, 0x4, 0x3, 0x7, 0x5, 0x5]})
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, 0x12, r1, 0xfae76000)
socket(0x5, 0x1, 0xf9d5) (async)
socket(0x5, 0x1, 0xf9d5)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@mpls_delroute={0x24, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_TTL_PROPAGATE={0x5, 0x1a, 0x8}]}, 0x24}}, 0x24040810)
sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="020a0b020500000025bd7000fcdbdf2502201700db0000000200"/40], 0x28}}, 0x20008004)

0s ago: executing program 4 (id=3846):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x1000, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140), 0x20080, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r1, 0x40046103, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r2, 0xc004562f, &(0x7f0000000000)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x0, 0xdd9f83, 0x1, 0x9, 0xf3, 0x2, 0x5, 0x722, 0x13, 0x7, 0x7f, 0x3f, 0xb763599953cb091d, {0x0, 0x6fd8e84b}, 0x3, 0xed}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000440)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x2)
connect$inet6(r0, 0x0, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x5)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r5, 0xc0145b0d, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

2kB active_file:56kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:0kB free_cma:0kB
[  997.381639][T21827] lowmem_reserve[]: 0 290 290 290 290
[  997.381661][T21827] Node 0 DMA32 free:22016kB boost:14336kB min:27668kB low:31000kB high:34332kB reserved_highatomic:2048KB free_highatomic:52KB active_anon:44kB inactive_anon:160kB active_file:12kB inactive_file:88kB unevictable:3536kB writepending:0kB zspages:944kB present:1032196kB managed:297632kB mlocked:0kB bounce:0kB free_pcp:884kB local_pcp:0kB free_cma:0kB
[  997.381693][T21827] lowmem_reserve[]: 0 0 0 0 0
[  997.381713][T21827] Node 1 DMA32 free:88616kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:32KB active_anon:42072kB inactive_anon:4712kB active_file:19812kB inactive_file:36496kB unevictable:3536kB writepending:544kB zspages:3692kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:28760kB local_pcp:1240kB free_cma:0kB
[  997.381749][T21827] lowmem_reserve[]: 0 0 0 0 0
[  997.381769][T21827] Node 0 DMA: 37*4kB (U) 17*8kB (UM) 6*16kB (UM) 19*32kB (UM) 1*64kB (M) 1*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 1948kB
[  997.381852][T21827] Node 0 DMA32: 698*4kB (UMEH) 241*8kB (UMEH) 83*16kB (UME) 161*32kB (UM) 75*64kB (UM) 35*128kB (UM) 6*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22016kB
[  997.381932][T21827] Node 1 DMA32: 976*4kB (UME) 698*8kB (UMEH) 836*16kB (UEH) 73*32kB (UME) 48*64kB (UME) 217*128kB (UE) 83*256kB (UM) 20*512kB (UM) 1*1024kB (M) 0*2048kB 0*4096kB = 88560kB
[  997.382018][T21827] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  997.382027][T21827] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  997.382036][T21827] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  997.382045][T21827] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  997.382053][T21827] 27273 total pagecache pages
[  997.382058][T21827] 1079 pages in swap cache
[  997.382062][T21827] Free swap  = 90996kB
[  997.382066][T21827] Total swap = 124996kB
[  997.382071][T21827] 524155 pages RAM
[  997.382075][T21827] 0 pages HighMem/MovableOnly
[  997.382079][T21827] 208854 pages reserved
[  997.382083][T21827] 0 pages cma reserved
[  997.451882][T21831] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  997.455100][   T24] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 61728, setting to 1024
[  997.455646][T21831] overlayfs: missing 'lowerdir'
[  997.578948][   T24] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  997.584143][   T24] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  997.589579][   T24] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  997.595699][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  997.692602][T21835] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  997.765089][T21835] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  997.806002][   T24] usb 6-1: usb_control_msg returned -32
[  997.807990][   T24] usbtmc 6-1:16.0: can't read capabilities
[  997.814304][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  997.836686][T21835] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  997.929741][T21835] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  997.981365][ T5987] usb 5-1: USB disconnect, device number 7
[  998.050041][ T6113] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  998.057473][ T1141] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  998.064422][ T1141] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  998.070695][ T1141] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  998.208429][T21848] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3596'.
[  998.212791][T21848] netlink: 277 bytes leftover after parsing attributes in process `syz.0.3596'.
[  998.216083][T21848] netlink: 277 bytes leftover after parsing attributes in process `syz.0.3596'.
[  998.219692][T21848] FAULT_INJECTION: forcing a failure.
[  998.219692][T21848] name failslab, interval 1, probability 0, space 0, times 0
[  998.225044][T21848] CPU: 3 UID: 0 PID: 21848 Comm: syz.0.3596 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  998.225065][T21848] Tainted: [L]=SOFTLOCKUP
[  998.225069][T21848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  998.225075][T21848] Call Trace:
[  998.225080][T21848]  <TASK>
[  998.225085][T21848]  dump_stack_lvl+0x16c/0x1f0
[  998.225106][T21848]  should_fail_ex+0x512/0x640
[  998.225125][T21848]  should_failslab+0xc2/0x120
[  998.225140][T21848]  kmem_cache_alloc_node_noprof+0x86/0x800
[  998.225152][T21848]  ? __alloc_skb+0x156/0x410
[  998.225172][T21848]  ? __alloc_skb+0x156/0x410
[  998.225187][T21848]  __alloc_skb+0x156/0x410
[  998.225203][T21848]  ? __alloc_skb+0x35d/0x410
[  998.225219][T21848]  ? __pfx___alloc_skb+0x10/0x10
[  998.225236][T21848]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  998.225250][T21848]  ? pfkey_xfrm_policy2msg_size+0x20c/0x260
[  998.225266][T21848]  pfkey_send_policy_notify+0x444/0x930
[  998.225281][T21848]  ? __pfx_pfkey_send_policy_notify+0x10/0x10
[  998.225296][T21848]  km_policy_notify+0xb3/0x240
[  998.225313][T21848]  xfrm_get_policy+0xa5f/0xd40
[  998.225326][T21848]  ? __pfx_xfrm_get_policy+0x10/0x10
[  998.225342][T21848]  ? find_held_lock+0x2b/0x80
[  998.225361][T21848]  ? __nla_parse+0x40/0x60
[  998.225372][T21848]  ? __pfx_xfrm_get_policy+0x10/0x10
[  998.225383][T21848]  xfrm_user_rcv_msg+0x4fe/0xb60
[  998.225401][T21848]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  998.225417][T21848]  ? kfree_skbmem+0x1a4/0x1f0
[  998.225431][T21848]  ? kfree_skbmem+0x1a4/0x1f0
[  998.225445][T21848]  ? consume_skb+0xcc/0x100
[  998.225459][T21848]  ? find_held_lock+0x2b/0x80
[  998.225487][T21848]  ? rcu_is_watching+0x12/0xc0
[  998.225499][T21848]  ? trace_contention_end+0xdd/0x110
[  998.225512][T21848]  ? __mutex_lock+0x27b/0x1b10
[  998.225525][T21848]  netlink_rcv_skb+0x158/0x420
[  998.225539][T21848]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  998.225556][T21848]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  998.225579][T21848]  xfrm_netlink_rcv+0x71/0x90
[  998.225593][T21848]  netlink_unicast+0x5aa/0x870
[  998.225609][T21848]  ? __pfx_netlink_unicast+0x10/0x10
[  998.225629][T21848]  netlink_sendmsg+0x8c8/0xdd0
[  998.225645][T21848]  ? __pfx_netlink_sendmsg+0x10/0x10
[  998.225661][T21848]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  998.225678][T21848]  ____sys_sendmsg+0xa5d/0xc30
[  998.225694][T21848]  ? __pfx_____sys_sendmsg+0x10/0x10
[  998.225708][T21848]  ? get_compat_msghdr+0x11a/0x170
[  998.225726][T21848]  ___sys_sendmsg+0x134/0x1d0
[  998.225738][T21848]  ? __pfx____sys_sendmsg+0x10/0x10
[  998.225756][T21848]  ? find_held_lock+0x2b/0x80
[  998.225781][T21848]  __sys_sendmsg+0x16d/0x220
[  998.225798][T21848]  ? __pfx___sys_sendmsg+0x10/0x10
[  998.225818][T21848]  __do_fast_syscall_32+0xe8/0x680
[  998.225830][T21848]  do_fast_syscall_32+0x32/0x80
[  998.225840][T21848]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  998.225853][T21848] RIP: 0023:0xf701d579
[  998.225863][T21848] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  998.225873][T21848] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  998.225883][T21848] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000480
[  998.225890][T21848] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  998.225896][T21848] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  998.225902][T21848] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  998.225908][T21848] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  998.225922][T21848]  </TASK>
[  999.076064][T21876] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3603'.
[  999.080366][T21876] netlink: 177 bytes leftover after parsing attributes in process `syz.0.3603'.
[  999.647523][T21880] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  999.846125][T21880] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  999.896320][T21880] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  999.919738][   T34] usb 6-1: USB disconnect, device number 7
[  999.952931][ T5947] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  999.955417][ T5947] Bluetooth: hci2: ACL packet for unknown connection handle 1907
[ 1000.019133][T21880] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1000.235190][ T1141] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1000.237669][T21892] FAULT_INJECTION: forcing a failure.
[ 1000.237669][T21892] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.243805][T21892] CPU: 2 UID: 0 PID: 21892 Comm: syz.3.3608 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1000.243824][T21892] Tainted: [L]=SOFTLOCKUP
[ 1000.243828][T21892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1000.243835][T21892] Call Trace:
[ 1000.243840][T21892]  <TASK>
[ 1000.243845][T21892]  dump_stack_lvl+0x16c/0x1f0
[ 1000.243866][T21892]  should_fail_ex+0x512/0x640
[ 1000.243882][T21892]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1000.243901][T21892]  should_failslab+0xc2/0x120
[ 1000.243917][T21892]  __kmalloc_cache_noprof+0x80/0x800
[ 1000.243934][T21892]  ? drm_atomic_helper_connector_duplicate_state+0x70/0xd0
[ 1000.243951][T21892]  ? drm_atomic_helper_connector_duplicate_state+0x70/0xd0
[ 1000.243964][T21892]  drm_atomic_helper_connector_duplicate_state+0x70/0xd0
[ 1000.243977][T21892]  drm_atomic_get_connector_state+0x3f8/0x900
[ 1000.243997][T21892]  drm_atomic_add_affected_connectors+0x2e0/0x3f0
[ 1000.244016][T21892]  ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10
[ 1000.244032][T21892]  ? ww_mutex_lock_interruptible+0x37/0x160
[ 1000.244050][T21892]  ? modeset_lock+0x114/0x6d0
[ 1000.244068][T21892]  __drm_atomic_helper_set_config+0x5ef/0xea0
[ 1000.244086][T21892]  ? drm_atomic_state_init+0x21a/0x540
[ 1000.244103][T21892]  ? __pfx___drm_atomic_helper_set_config+0x10/0x10
[ 1000.244121][T21892]  ? drm_atomic_state_init+0x2c4/0x540
[ 1000.244137][T21892]  ? kasan_save_track+0x14/0x30
[ 1000.244152][T21892]  drm_atomic_helper_set_config+0x98/0x1a0
[ 1000.244170][T21892]  drm_mode_setcrtc+0xe21/0x1de0
[ 1000.244194][T21892]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[ 1000.244211][T21892]  ? __lock_acquire+0x433/0x22f0
[ 1000.244233][T21892]  ? drm_is_current_master+0x2c/0x40
[ 1000.244244][T21892]  ? do_raw_spin_unlock+0x172/0x230
[ 1000.244262][T21892]  drm_ioctl_kernel+0x1f4/0x3e0
[ 1000.244277][T21892]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[ 1000.244293][T21892]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[ 1000.244312][T21892]  drm_ioctl+0x5c9/0xc30
[ 1000.244330][T21892]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[ 1000.244346][T21892]  ? __pfx_drm_ioctl+0x10/0x10
[ 1000.244371][T21892]  drm_compat_ioctl+0x327/0x460
[ 1000.244385][T21892]  ? __pfx_drm_compat_ioctl+0x10/0x10
[ 1000.244397][T21892]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1000.244412][T21892]  __do_fast_syscall_32+0xe8/0x680
[ 1000.244424][T21892]  do_fast_syscall_32+0x32/0x80
[ 1000.244434][T21892]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1000.244448][T21892] RIP: 0023:0xf7f17579
[ 1000.244456][T21892] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1000.244466][T21892] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1000.244477][T21892] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c06864a2
[ 1000.244484][T21892] RDX: 0000000080000380 RSI: 0000000000000000 RDI: 0000000000000000
[ 1000.244490][T21892] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1000.244496][T21892] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1000.244502][T21892] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1000.244516][T21892]  </TASK>
[ 1000.253702][ T1141] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1000.434271][ T6113] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1000.437443][ T6113] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1000.631790][T21906] FAULT_INJECTION: forcing a failure.
[ 1000.631790][T21906] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.638329][T21906] CPU: 3 UID: 0 PID: 21906 Comm: syz.3.3614 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1000.638360][T21906] Tainted: [L]=SOFTLOCKUP
[ 1000.638366][T21906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1000.638378][T21906] Call Trace:
[ 1000.638384][T21906]  <TASK>
[ 1000.638392][T21906]  dump_stack_lvl+0x16c/0x1f0
[ 1000.638424][T21906]  should_fail_ex+0x512/0x640
[ 1000.638450][T21906]  ? __kvmalloc_node_noprof+0x129/0xa40
[ 1000.638472][T21906]  should_failslab+0xc2/0x120
[ 1000.638493][T21906]  __kvmalloc_node_noprof+0x14a/0xa40
[ 1000.638515][T21906]  ? __nf_hook_entries_try_shrink+0x164/0x400
[ 1000.638563][T21906]  ? __nf_hook_entries_try_shrink+0x164/0x400
[ 1000.638585][T21906]  __nf_hook_entries_try_shrink+0x164/0x400
[ 1000.638612][T21906]  __nf_unregister_net_hook+0x2af/0x660
[ 1000.638639][T21906]  nf_unregister_net_hooks+0x11b/0x160
[ 1000.638663][T21906]  nf_ct_netns_do_put+0x196/0x2f0
[ 1000.638688][T21906]  nf_ct_netns_put+0x71/0x80
[ 1000.638734][T21906]  nft_connlimit_destroy+0x68/0xe0
[ 1000.638758][T21906]  nft_add_set_elem+0x74f/0x3d70
[ 1000.638779][T21906]  ? __pfx_nft_connlimit_destroy+0x10/0x10
[ 1000.638805][T21906]  ? is_bpf_text_address+0x8a/0x1a0
[ 1000.638823][T21906]  ? bpf_ksym_find+0x124/0x1c0
[ 1000.638847][T21906]  ? __pfx_nft_add_set_elem+0x10/0x10
[ 1000.638868][T21906]  ? is_bpf_text_address+0x94/0x1a0
[ 1000.638884][T21906]  ? kernel_text_address+0x8d/0x100
[ 1000.638907][T21906]  ? __kernel_text_address+0xd/0x40
[ 1000.638929][T21906]  ? unwind_get_return_address+0x59/0xa0
[ 1000.638975][T21906]  ? __pfx_stack_trace_save+0x10/0x10
[ 1000.638997][T21906]  ? stack_depot_save_flags+0x29/0x9b0
[ 1000.639039][T21906]  ? __nla_validate_parse+0x600/0x2880
[ 1000.639075][T21906]  ? nla_strcmp+0xff/0x130
[ 1000.639095][T21906]  ? nft_set_lookup_global+0x164/0x390
[ 1000.639123][T21906]  nf_tables_newsetelem+0x5ff/0xa70
[ 1000.639150][T21906]  ? __pfx_nf_tables_newsetelem+0x10/0x10
[ 1000.639179][T21906]  ? __nla_parse+0x40/0x60
[ 1000.639219][T21906]  nfnetlink_rcv_batch+0x190d/0x2350
[ 1000.639251][T21906]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[ 1000.639273][T21906]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1000.639298][T21906]  ? __dev_queue_xmit+0x782/0x4650
[ 1000.639323][T21906]  ? __local_bh_enable_ip+0xa4/0x120
[ 1000.639376][T21906]  ? __nla_parse+0x40/0x60
[ 1000.639399][T21906]  nfnetlink_rcv+0x3c1/0x430
[ 1000.639416][T21906]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1000.639439][T21906]  netlink_unicast+0x5aa/0x870
[ 1000.639466][T21906]  ? __pfx_netlink_unicast+0x10/0x10
[ 1000.639488][T21906]  ? __pfx___might_resched+0x10/0x10
[ 1000.639514][T21906]  netlink_sendmsg+0x8c8/0xdd0
[ 1000.639538][T21906]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1000.639563][T21906]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1000.639590][T21906]  ____sys_sendmsg+0xa5d/0xc30
[ 1000.639616][T21906]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1000.639638][T21906]  ? get_compat_msghdr+0x11a/0x170
[ 1000.639669][T21906]  ___sys_sendmsg+0x134/0x1d0
[ 1000.639690][T21906]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1000.639723][T21906]  ? find_held_lock+0x2b/0x80
[ 1000.639768][T21906]  __sys_sendmsg+0x16d/0x220
[ 1000.639788][T21906]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1000.639826][T21906]  __do_fast_syscall_32+0xe8/0x680
[ 1000.639845][T21906]  do_fast_syscall_32+0x32/0x80
[ 1000.639862][T21906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1000.639884][T21906] RIP: 0023:0xf7f17579
[ 1000.639898][T21906] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1000.639914][T21906] RSP: 002b:00000000f53e555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1000.639932][T21906] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[ 1000.639948][T21906] RDX: 0000000040000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1000.639959][T21906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1000.639968][T21906] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1000.639978][T21906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1000.640004][T21906]  </TASK>
[ 1000.903426][T18932] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1001.053433][T18932] usb 5-1: Using ep0 maxpacket: 8
[ 1001.056511][T18932] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1001.059112][T18932] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1001.062496][T18932] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1001.065913][T18932] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 61728, setting to 1024
[ 1001.069406][T18932] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1001.072864][T18932] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1001.077567][T18932] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1001.080434][T18932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1001.286520][T18932] usb 5-1: usb_control_msg returned -32
[ 1001.288451][T18932] usbtmc 5-1:16.0: can't read capabilities
[ 1001.512739][T21911] syzkaller0: entered promiscuous mode
[ 1001.522753][T21911] syzkaller0: entered allmulticast mode
[ 1001.535366][T21913] QAT: failed to copy from user.
[ 1001.640619][T21914] vxcan0: tx address claim with dlc 0
[ 1001.783531][T18010] usb 9-1: new high-speed USB device number 48 using dummy_hcd
[ 1001.953495][T18010] usb 9-1: Using ep0 maxpacket: 8
[ 1001.958156][T18010] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1001.961941][T18010] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1001.965432][T18010] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1001.968502][T18010] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1001.972696][T18010] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1001.975754][T18010] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.187594][T18010] usb 9-1: usb_control_msg returned -32
[ 1002.189695][T18010] usbtmc 9-1:16.0: can't read capabilities
[ 1002.262088][T21929] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.327499][T21929] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.379987][T21929] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.439546][T21929] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.521578][ T9406] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.533300][ T9406] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.543479][ T9406] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.551128][ T9406] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.710990][   T40] audit: type=1326 audit(1765054734.576:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.736042][   T40] audit: type=1326 audit(1765054734.576:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.768631][   T40] audit: type=1326 audit(1765054734.576:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.786930][   T40] audit: type=1326 audit(1765054734.576:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.806297][   T40] audit: type=1326 audit(1765054734.576:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.810068][T21943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3624'.
[ 1002.819773][T21943] hsr_slave_0: left promiscuous mode
[ 1002.834756][   T40] audit: type=1326 audit(1765054734.576:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.841619][   T40] audit: type=1326 audit(1765054734.636:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.849215][   T40] audit: type=1326 audit(1765054734.636:1932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.856582][   T40] audit: type=1326 audit(1765054734.636:1933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.863171][   T40] audit: type=1326 audit(1765054734.636:1934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.3622" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1002.974514][T18932] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1003.146027][T18932] usb 8-1: config 1 has an invalid interface number: 7 but max is 0
[ 1003.148886][T18932] usb 8-1: config 1 has no interface number 0
[ 1003.151625][T18932] usb 8-1: config 1 interface 7 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 16
[ 1003.155906][T18932] usb 8-1: config 1 interface 7 altsetting 0 bulk endpoint 0xC has invalid maxpacket 16
[ 1003.159709][T18932] usb 8-1: config 1 interface 7 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 1003.165239][T18932] usb 8-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1003.168504][T18932] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1003.171501][T18932] usb 8-1: Product: syz
[ 1003.173149][T18932] usb 8-1: Manufacturer: syz
[ 1003.175442][T18932] usb 8-1: SerialNumber: syz
[ 1003.182158][T21938] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1003.184952][T21938] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1003.189010][T18932] usb 8-1: Expected 3 endpoints, found: 2
[ 1003.588401][T18010] usb 5-1: USB disconnect, device number 8
[ 1003.617276][T21945] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3625'.
[ 1003.620769][T21945] netlink: 277 bytes leftover after parsing attributes in process `syz.0.3625'.
[ 1003.623702][T21945] netlink: 277 bytes leftover after parsing attributes in process `syz.0.3625'.
[ 1003.843419][T21948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1003.848330][T21948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1004.639721][   T34] usb 9-1: USB disconnect, device number 48
[ 1005.081933][T21965] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3628'.
[ 1005.740507][ T7272] usb 8-1: USB disconnect, device number 9
[ 1006.199369][T21981] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1006.203265][T21981] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3629'.
[ 1006.608567][T21992] bond4: entered promiscuous mode
[ 1006.670630][T21992] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3632'.
[ 1006.801596][T22003] netlink: 136 bytes leftover after parsing attributes in process `syz.4.3635'.
[ 1006.811531][T22003] netlink: 'syz.4.3635': attribute type 4 has an invalid length.
[ 1009.488576][T22043] usb usb8: usbfs: process 22043 (syz.3.3644) did not claim interface 0 before use
[ 1009.559742][T22046] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3645'.
[ 1009.564432][   T24] IPVS: starting estimator thread 0...
[ 1009.658502][T22047] IPVS: using max 46 ests per chain, 110400 per kthread
[ 1009.681702][T22048] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3645'.
[ 1009.686582][T22048] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3645'.
[ 1011.228329][ T6031] usb 9-1: new high-speed USB device number 49 using dummy_hcd
[ 1011.398694][ T6031] usb 9-1: Using ep0 maxpacket: 8
[ 1011.402811][ T6031] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[ 1011.406285][ T6031] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1011.410918][ T6031] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1011.413940][ T6031] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 61728, setting to 1024
[ 1011.417431][ T6031] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1011.431242][ T6031] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1011.435368][ T6031] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1011.461755][ T6031] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1011.514596][T22077] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1011.519881][T22077] netlink: 188 bytes leftover after parsing attributes in process `syz.1.3649'.
[ 1011.739374][ T6031] usb 9-1: usb_control_msg returned -32
[ 1011.741308][ T6031] usbtmc 9-1:16.0: can't read capabilities
[ 1012.389752][   T24] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1012.610962][   T24] usb 5-1: Using ep0 maxpacket: 8
[ 1012.622524][   T24] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1012.625431][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1012.630411][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1012.633742][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1012.644964][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1012.676532][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1012.696899][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1012.943309][   T24] usb 5-1: usb_control_msg returned -32
[ 1012.945385][   T24] usbtmc 5-1:16.0: can't read capabilities
[ 1014.039406][ T5987] usb 9-1: USB disconnect, device number 49
[ 1014.479971][ T5987] usb 9-1: new high-speed USB device number 50 using dummy_hcd
[ 1014.680796][ T5987] usb 9-1: config 1 has an invalid interface number: 7 but max is 0
[ 1014.683362][ T5987] usb 9-1: config 1 has no interface number 0
[ 1014.690199][ T5987] usb 9-1: config 1 interface 7 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 16
[ 1014.693346][ T5987] usb 9-1: config 1 interface 7 altsetting 0 bulk endpoint 0xC has invalid maxpacket 16
[ 1014.697067][ T5987] usb 9-1: config 1 interface 7 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 1014.702145][ T5987] usb 9-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1014.707388][ T5987] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1014.710886][ T5987] usb 9-1: Product: syz
[ 1014.712223][ T5987] usb 9-1: Manufacturer: syz
[ 1014.713692][ T5987] usb 9-1: SerialNumber: syz
[ 1014.718120][T22119] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1014.721547][T22119] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1014.724776][ T5987] usb 9-1: Expected 3 endpoints, found: 2
[ 1015.106292][   T24] usb 5-1: USB disconnect, device number 9
[ 1015.186000][T22131] binder: 22130:22131 ioctl c028660f 80000080 returned -22
[ 1015.192675][T22133] netlink: 'syz.0.3658': attribute type 25 has an invalid length.
[ 1015.195948][T22133] netlink: 'syz.0.3658': attribute type 7 has an invalid length.
[ 1015.198956][T22133] netlink: 164 bytes leftover after parsing attributes in process `syz.0.3658'.
[ 1015.376086][T22137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1015.383199][T22137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1015.387956][T22140] binder: 22130:22140 ioctl c0306201 800001c0 returned -14
[ 1017.102867][   T34] usb 9-1: USB disconnect, device number 50
[ 1017.308184][T22172] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[ 1017.395973][T22172] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[ 1017.505140][T22172] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[ 1017.554656][T22172] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[ 1017.654006][ T1140] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[ 1017.665313][   T79] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[ 1017.672568][   T79] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[ 1017.685063][   T79] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[ 1018.001602][T12566] usb 9-1: new high-speed USB device number 51 using dummy_hcd
[ 1018.152152][T12566] usb 9-1: too many configurations: 9, using maximum allowed: 8
[ 1018.155462][T12566] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1018.158274][T12566] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1018.162446][T12566] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1018.165472][T12566] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1018.168355][T12566] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1018.173110][T12566] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1018.176143][T12566] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1018.179278][T12566] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1018.183873][T12566] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1018.186883][T12566] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1018.189801][T12566] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1018.194171][T12566] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1018.197230][T12566] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1018.200120][T12566] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1018.204513][T12566] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1018.207532][T12566] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1018.210377][T12566] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1018.214833][T12566] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1018.217979][T12566] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1018.220930][T12566] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1018.225498][T12566] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1018.228880][T12566] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1018.232613][T12566] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1018.236254][T12566] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1018.241958][T12566] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1018.245554][T12566] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1018.248702][T12566] usb 9-1: Product: syz
[ 1018.250090][T12566] usb 9-1: Manufacturer: syz
[ 1018.252137][T12566] usb 9-1: SerialNumber: syz
[ 1018.254734][T12566] usb 9-1: config 0 descriptor??
[ 1018.260523][T12566] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[ 1018.464020][T22178] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1018.467044][T22178] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1018.636052][ T1140] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1018.638229][ T1140] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1018.641128][T22192] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[ 1018.643300][T22192] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1018.646732][T22192] vhci_hcd vhci_hcd.0: Device attached
[ 1018.789971][    C3] usb 9-1: yurex_control_callback - control failed: -71
[ 1018.793287][T12566] usb 9-1: USB disconnect, device number 51
[ 1018.796303][T12566] yurex 9-1:0.0: USB YUREX #0 now disconnected
[ 1018.943519][ T6031] usb 44-1: SetAddress Request (22) to port 0
[ 1018.946134][ T6031] usb 44-1: new SuperSpeed USB device number 22 using vhci_hcd
[ 1019.112276][T12566] usb 9-1: new high-speed USB device number 52 using dummy_hcd
[ 1019.172059][T22209] XFS (nullb0): Invalid superblock magic number
[ 1019.272247][T12566] usb 9-1: Using ep0 maxpacket: 8
[ 1019.276124][T12566] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1019.279380][T12566] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1019.291509][T12566] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1019.304854][T12566] usb 9-1: config 0 descriptor??
[ 1019.307853][T12566] iowarrior 9-1:0.0: no interrupt-in endpoint found
[ 1019.459267][T22196] vhci_hcd: connection reset by peer
[ 1019.472352][ T1213] vhci_hcd: stop threads
[ 1019.474248][ T1213] vhci_hcd: release socket
[ 1019.476281][ T1213] vhci_hcd: disconnect device
[ 1019.481955][T12566] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 1019.667925][T12566] usb 5-1: config 1 has an invalid interface number: 7 but max is 0
[ 1019.670485][T12566] usb 5-1: config 1 has no interface number 0
[ 1019.672937][T12566] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 16
[ 1019.676046][T12566] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0xC has invalid maxpacket 16
[ 1019.689394][T12566] usb 5-1: config 1 interface 7 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 1019.694775][T12566] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1019.697751][T12566] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1019.710492][T12566] usb 5-1: Product: syz
[ 1019.712302][T12566] usb 5-1: Manufacturer: syz
[ 1019.713788][T12566] usb 5-1: SerialNumber: syz
[ 1019.716949][T22219] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1019.719341][T22219] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1019.733227][T12566] usb 5-1: Expected 3 endpoints, found: 2
[ 1020.304934][T22225] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1020.307759][T22225] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1020.702558][T17442] Bluetooth: hci3: command 0x1003 tx timeout
[ 1020.704305][ T5947] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1020.782446][T12566] usb 9-1: USB disconnect, device number 52
[ 1022.270194][   T24] usb 5-1: USB disconnect, device number 10
[ 1022.358193][T22250] FAULT_INJECTION: forcing a failure.
[ 1022.358193][T22250] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1022.378646][T22250] CPU: 3 UID: 0 PID: 22250 Comm: syz.0.3681 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1022.378666][T22250] Tainted: [L]=SOFTLOCKUP
[ 1022.378670][T22250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1022.378677][T22250] Call Trace:
[ 1022.378681][T22250]  <TASK>
[ 1022.378685][T22250]  dump_stack_lvl+0x16c/0x1f0
[ 1022.378706][T22250]  should_fail_ex+0x512/0x640
[ 1022.378725][T22250]  should_fail_alloc_page+0xe7/0x130
[ 1022.378741][T22250]  prepare_alloc_pages+0x401/0x670
[ 1022.378758][T22250]  __alloc_frozen_pages_noprof+0x18b/0x2430
[ 1022.378769][T22250]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1022.378785][T22250]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1022.378800][T22250]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1022.378820][T22250]  ? stack_depot_save_flags+0x3de/0x9b0
[ 1022.378840][T22250]  ? kasan_save_stack+0x42/0x60
[ 1022.378851][T22250]  ? kasan_save_stack+0x33/0x60
[ 1022.378863][T22250]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1022.378873][T22250]  ? alloc_vmap_area+0x66f/0x2a50
[ 1022.378885][T22250]  ? __vmalloc_node_range_noprof+0x247/0x16b0
[ 1022.378900][T22250]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1022.378916][T22250]  ? compat_table_info+0xb7/0x5f0
[ 1022.378932][T22250]  ? get_info+0x261/0x620
[ 1022.378947][T22250]  ? do_ip6t_get_ctl+0x169/0xa50
[ 1022.378955][T22250]  ? nf_getsockopt+0x7c/0xe0
[ 1022.378970][T22250]  ? ipv6_getsockopt+0x1f7/0x280
[ 1022.378986][T22250]  ? tcp_getsockopt+0xa1/0x100
[ 1022.378999][T22250]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1022.379016][T22250]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1022.379030][T22250]  ? policy_nodemask+0xea/0x4e0
[ 1022.379045][T22250]  alloc_pages_mpol+0x1fb/0x550
[ 1022.379060][T22250]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1022.379078][T22250]  alloc_pages_noprof+0x12d/0x180
[ 1022.379092][T22250]  get_free_pages_noprof+0x10/0xb0
[ 1022.379105][T22250]  __kasan_populate_vmalloc+0xa0/0x220
[ 1022.379127][T22250]  alloc_vmap_area+0x98d/0x2a50
[ 1022.379154][T22250]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1022.379181][T22250]  __get_vm_area_node+0x1ca/0x330
[ 1022.379208][T22250]  __vmalloc_node_range_noprof+0x247/0x16b0
[ 1022.379233][T22250]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1022.379256][T22250]  ? __pfx___might_resched+0x10/0x10
[ 1022.379267][T22250]  ? rcu_is_watching+0x12/0xc0
[ 1022.379280][T22250]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1022.379299][T22250]  ? __lock_acquire+0x433/0x22f0
[ 1022.379312][T22250]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1022.379327][T22250]  ? __pfx___mutex_lock+0x10/0x10
[ 1022.379337][T22250]  ? __lock_acquire+0x433/0x22f0
[ 1022.379354][T22250]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1022.379370][T22250]  __vmalloc_node_noprof+0xad/0xf0
[ 1022.379384][T22250]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1022.379402][T22250]  xt_compat_init_offsets+0xe6/0x1f0
[ 1022.379418][T22250]  ? __asan_memcpy+0x3c/0x60
[ 1022.379429][T22250]  compat_table_info+0xb7/0x5f0
[ 1022.379449][T22250]  get_info+0x261/0x620
[ 1022.379466][T22250]  ? __pfx_get_info+0x10/0x10
[ 1022.379482][T22250]  ? __might_fault+0xe3/0x190
[ 1022.379500][T22250]  ? lock_acquire+0x179/0x330
[ 1022.379520][T22250]  ? bpf_lsm_capable+0x9/0x10
[ 1022.379531][T22250]  ? security_capable+0x7e/0x260
[ 1022.379547][T22250]  do_ip6t_get_ctl+0x169/0xa50
[ 1022.379557][T22250]  ? __mutex_unlock_slowpath+0x161/0x790
[ 1022.379581][T22250]  ? __lock_acquire+0x433/0x22f0
[ 1022.379602][T22250]  ? __pfx_do_ip6t_get_ctl+0x10/0x10
[ 1022.379628][T22250]  ? nf_sockopt_find.constprop.0+0x222/0x290
[ 1022.379657][T22250]  nf_getsockopt+0x7c/0xe0
[ 1022.379678][T22250]  ipv6_getsockopt+0x1f7/0x280
[ 1022.379695][T22250]  ? __pfx_ipv6_getsockopt+0x10/0x10
[ 1022.379712][T22250]  ? __lock_acquire+0x433/0x22f0
[ 1022.379728][T22250]  tcp_getsockopt+0xa1/0x100
[ 1022.379741][T22250]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1022.379774][T22250]  do_sock_getsockopt+0x324/0x410
[ 1022.379789][T22250]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1022.379802][T22250]  ? __fget_files+0x204/0x3c0
[ 1022.379829][T22250]  __sys_getsockopt+0x123/0x1b0
[ 1022.379843][T22250]  __ia32_sys_getsockopt+0xbc/0x160
[ 1022.379853][T22250]  ? __do_fast_syscall_32+0x9a/0x680
[ 1022.379863][T22250]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1022.379879][T22250]  __do_fast_syscall_32+0xe8/0x680
[ 1022.379890][T22250]  do_fast_syscall_32+0x32/0x80
[ 1022.379900][T22250]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1022.379913][T22250] RIP: 0023:0xf701d579
[ 1022.379922][T22250] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1022.379932][T22250] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[ 1022.379943][T22250] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[ 1022.379950][T22250] RDX: 0000000000000040 RSI: 0000000080001300 RDI: 0000000080000140
[ 1022.379956][T22250] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1022.379962][T22250] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1022.379968][T22250] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1022.379983][T22250]  </TASK>
[ 1022.380043][T22250] syz.0.3681: vmalloc error: size 40, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1022.562522][T22250] CPU: 3 UID: 0 PID: 22250 Comm: syz.0.3681 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1022.562542][T22250] Tainted: [L]=SOFTLOCKUP
[ 1022.562546][T22250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1022.562553][T22250] Call Trace:
[ 1022.562557][T22250]  <TASK>
[ 1022.562562][T22250]  dump_stack_lvl+0x16c/0x1f0
[ 1022.562583][T22250]  warn_alloc+0x248/0x3a0
[ 1022.562595][T22250]  ? __pfx_warn_alloc+0x10/0x10
[ 1022.562605][T22250]  ? kfree+0x2f8/0x6e0
[ 1022.562621][T22250]  ? __get_vm_area_node+0x2cd/0x330
[ 1022.562638][T22250]  ? __get_vm_area_node+0x2cd/0x330
[ 1022.562650][T22250]  ? __get_vm_area_node+0x1dc/0x330
[ 1022.562663][T22250]  ? __get_vm_area_node+0x208/0x330
[ 1022.562680][T22250]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[ 1022.562696][T22250]  ? __pfx___might_resched+0x10/0x10
[ 1022.562708][T22250]  ? rcu_is_watching+0x12/0xc0
[ 1022.562720][T22250]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1022.562740][T22250]  ? __lock_acquire+0x433/0x22f0
[ 1022.562754][T22250]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1022.562769][T22250]  ? __pfx___mutex_lock+0x10/0x10
[ 1022.562779][T22250]  ? __lock_acquire+0x433/0x22f0
[ 1022.562796][T22250]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1022.562812][T22250]  __vmalloc_node_noprof+0xad/0xf0
[ 1022.562831][T22250]  ? xt_compat_init_offsets+0xe6/0x1f0
[ 1022.562849][T22250]  xt_compat_init_offsets+0xe6/0x1f0
[ 1022.562865][T22250]  ? __asan_memcpy+0x3c/0x60
[ 1022.562876][T22250]  compat_table_info+0xb7/0x5f0
[ 1022.562897][T22250]  get_info+0x261/0x620
[ 1022.562914][T22250]  ? __pfx_get_info+0x10/0x10
[ 1022.562929][T22250]  ? __might_fault+0xe3/0x190
[ 1022.562962][T22250]  ? lock_acquire+0x179/0x330
[ 1022.562982][T22250]  ? bpf_lsm_capable+0x9/0x10
[ 1022.562993][T22250]  ? security_capable+0x7e/0x260
[ 1022.563009][T22250]  do_ip6t_get_ctl+0x169/0xa50
[ 1022.563020][T22250]  ? __mutex_unlock_slowpath+0x161/0x790
[ 1022.563037][T22250]  ? __lock_acquire+0x433/0x22f0
[ 1022.563050][T22250]  ? __pfx_do_ip6t_get_ctl+0x10/0x10
[ 1022.563067][T22250]  ? nf_sockopt_find.constprop.0+0x222/0x290
[ 1022.563086][T22250]  nf_getsockopt+0x7c/0xe0
[ 1022.563102][T22250]  ipv6_getsockopt+0x1f7/0x280
[ 1022.563120][T22250]  ? __pfx_ipv6_getsockopt+0x10/0x10
[ 1022.563137][T22250]  ? __lock_acquire+0x433/0x22f0
[ 1022.563153][T22250]  tcp_getsockopt+0xa1/0x100
[ 1022.563167][T22250]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 1022.563182][T22250]  do_sock_getsockopt+0x324/0x410
[ 1022.563196][T22250]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1022.563210][T22250]  ? __fget_files+0x204/0x3c0
[ 1022.563232][T22250]  __sys_getsockopt+0x123/0x1b0
[ 1022.563246][T22250]  __ia32_sys_getsockopt+0xbc/0x160
[ 1022.563256][T22250]  ? __do_fast_syscall_32+0x9a/0x680
[ 1022.563266][T22250]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1022.563282][T22250]  __do_fast_syscall_32+0xe8/0x680
[ 1022.563293][T22250]  do_fast_syscall_32+0x32/0x80
[ 1022.563303][T22250]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1022.563317][T22250] RIP: 0023:0xf701d579
[ 1022.563326][T22250] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1022.563337][T22250] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[ 1022.563348][T22250] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[ 1022.563354][T22250] RDX: 0000000000000040 RSI: 0000000080001300 RDI: 0000000080000140
[ 1022.563361][T22250] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1022.563367][T22250] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1022.563373][T22250] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1022.563388][T22250]  </TASK>
[ 1022.679459][T22250] Mem-Info:
[ 1022.680563][T22250] active_anon:9330 inactive_anon:894 isolated_anon:0
[ 1022.680563][T22250]  active_file:4763 inactive_file:6331 isolated_file:0
[ 1022.680563][T22250]  unevictable:3816 dirty:81 writeback:0
[ 1022.680563][T22250]  slab_reclaimable:8030 slab_unreclaimable:69366
[ 1022.680563][T22250]  mapped:39412 shmem:12688 pagetables:1186
[ 1022.680563][T22250]  sec_pagetables:340 bounce:0
[ 1022.680563][T22250]  kernel_misc_reclaimable:0
[ 1022.680563][T22250]  free:32350 free_pcp:5088 free_cma:0
[ 1022.694926][T22250] Node 0 active_anon:228kB inactive_anon:8kB active_file:144kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1552kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8332kB pagetables:1580kB sec_pagetables:1180kB all_unreclaimable? yes Balloon:0kB
[ 1022.705273][T22250] Node 1 active_anon:39492kB inactive_anon:3568kB active_file:20708kB inactive_file:25324kB unevictable:11728kB isolated(anon):0kB isolated(file):0kB mapped:158296kB dirty:320kB writeback:0kB shmem:49416kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6124kB pagetables:3064kB sec_pagetables:180kB all_unreclaimable? no Balloon:0kB
[ 1022.715662][T22250] Node 0 DMA free:2000kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1022.725439][T22250] lowmem_reserve[]: 0 290 290 290 290
[ 1022.727225][T22250] Node 0 DMA32 free:21072kB boost:10240kB min:23572kB low:26904kB high:30236kB reserved_highatomic:0KB free_highatomic:0KB active_anon:196kB inactive_anon:8kB active_file:144kB inactive_file:0kB unevictable:3536kB writepending:4kB zspages:964kB present:1032196kB managed:297632kB mlocked:0kB bounce:0kB free_pcp:1192kB local_pcp:56kB free_cma:0kB
[ 1022.737972][T22250] lowmem_reserve[]: 0 0 0 0 0
[ 1022.739571][T22250] Node 1 DMA32 free:102228kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:42992kB inactive_anon:3568kB active_file:23508kB inactive_file:25324kB unevictable:11728kB writepending:320kB zspages:3780kB present:1048432kB managed:948212kB mlocked:8192kB bounce:0kB free_pcp:13316kB local_pcp:9020kB free_cma:0kB
[ 1022.750544][T22250] lowmem_reserve[]: 0 0 0 0 0
[ 1022.752223][T22250] Node 0 DMA: 30*4kB (UM) 21*8kB (UM) 7*16kB (UM) 20*32kB (UM) 1*64kB (M) 1*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2000kB
[ 1022.760374][T22250] Node 0 DMA32: 700*4kB (UME) 262*8kB (UME) 73*16kB (UM) 157*32kB (UM) 74*64kB (UM) 31*128kB (UM) 5*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21072kB
[ 1022.767144][T22250] Node 1 DMA32: 778*4kB (UE) 1170*8kB (UE) 732*16kB (UE) 54*32kB (UME) 29*64kB (UME) 206*128kB (UE) 102*256kB (UM) 26*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 95608kB
[ 1022.772695][T22250] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1022.778087][T22250] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1022.781369][T22250] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1022.785934][T22250] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1022.789031][T22250] 29074 total pagecache pages
[ 1022.790639][T22250] 909 pages in swap cache
[ 1022.792097][T22250] Free swap  = 90680kB
[ 1022.794870][T22250] Total swap = 124996kB
[ 1022.796347][T22250] 524155 pages RAM
[ 1022.797648][T22250] 0 pages HighMem/MovableOnly
[ 1022.799272][T22250] 208854 pages reserved
[ 1022.800700][T22250] 0 pages cma reserved
[ 1023.105026][   T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 1023.113678][   T34] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[ 1023.208788][T22266] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1023.272513][T22270] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3683'.
[ 1023.294604][   T34] usb 8-1: too many configurations: 9, using maximum allowed: 8
[ 1023.298601][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1023.301397][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1023.313332][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1023.317170][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1023.317938][T22266] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1023.320002][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1023.320020][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1023.324773][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1023.331613][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1023.353419][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1023.357311][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1023.360155][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1023.373378][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1023.376477][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1023.379352][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1023.382813][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1023.389336][T22266] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1023.396603][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1023.399384][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1023.402616][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1023.415513][   T24] usb 5-1: Using ep0 maxpacket: 8
[ 1023.419524][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1023.426668][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1023.427575][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1023.429533][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1023.429550][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1023.435015][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1023.435041][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1023.435055][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1023.436953][   T34] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1023.441183][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1023.442513][   T34] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1023.448406][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1023.463774][   T34] usb 8-1: Product: syz
[ 1023.467913][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1023.469784][   T34] usb 8-1: Manufacturer: syz
[ 1023.470763][T22266] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1023.471527][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.481222][   T34] usb 8-1: SerialNumber: syz
[ 1023.488384][   T34] usb 8-1: config 0 descriptor??
[ 1023.492512][   T34] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[ 1023.581433][ T1213] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1023.591191][ T1213] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1023.601000][ T1213] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1023.614994][ T1213] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1023.696669][T22264] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1023.700496][   T24] usb 5-1: usb_control_msg returned -32
[ 1023.702297][   T24] usbtmc 5-1:16.0: can't read capabilities
[ 1023.703688][T22264] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1023.984222][ T6031] usb 44-1: device descriptor read/8, error -110
[ 1024.056687][    C3] usb 8-1: yurex_control_callback - control failed: -71
[ 1024.059156][T12566] usb 8-1: USB disconnect, device number 10
[ 1024.062020][T12566] yurex 8-1:0.0: USB YUREX #0 now disconnected
[ 1024.063892][ T5987] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1024.104157][T22290] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1024.106995][T22290] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1024.223854][ T5987] usb 6-1: Using ep0 maxpacket: 8
[ 1024.226829][ T5987] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1024.229465][ T5987] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1024.232771][ T5987] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1024.237037][ T5987] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 61728, setting to 1024
[ 1024.241878][ T5987] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1024.249647][ T5987] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1024.254284][ T5987] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1024.257131][ T5987] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1024.364232][T12566] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 1024.404713][ T6031] usb usb44-port1: attempt power cycle
[ 1024.466745][ T5987] usb 6-1: usb_control_msg returned -32
[ 1024.468649][ T5987] usbtmc 6-1:16.0: can't read capabilities
[ 1024.514340][T12566] usb 8-1: Using ep0 maxpacket: 8
[ 1024.517243][T12566] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1024.520437][T12566] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1024.523526][T12566] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1024.527651][T12566] usb 8-1: config 0 descriptor??
[ 1024.530553][T12566] iowarrior 8-1:0.0: no interrupt-in endpoint found
[ 1024.965582][ T6031] usb usb44-port1: unable to enumerate USB device
[ 1025.074495][T15564] usb 9-1: new high-speed USB device number 53 using dummy_hcd
[ 1025.234881][T15564] usb 9-1: Using ep0 maxpacket: 8
[ 1025.237745][T15564] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[ 1025.240414][T15564] usb 9-1: config 0 has no interface number 0
[ 1025.242391][T15564] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1025.246437][T15564] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1025.250135][T15564] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1025.253705][T15564] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1025.258294][T15564] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1025.261224][T15564] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1025.265187][T15564] usb 9-1: config 0 descriptor??
[ 1025.269450][T15564] ldusb 9-1:0.55: LD USB Device #2 now attached to major 180 minor 2
[ 1025.886032][T12566] usb 5-1: USB disconnect, device number 11
[ 1025.892495][   T24] usb 8-1: USB disconnect, device number 11
[ 1025.940793][T22305] FAULT_INJECTION: forcing a failure.
[ 1025.940793][T22305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.946131][T22305] CPU: 1 UID: 0 PID: 22305 Comm: syz.3.3692 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1025.946153][T22305] Tainted: [L]=SOFTLOCKUP
[ 1025.946156][T22305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1025.946163][T22305] Call Trace:
[ 1025.946167][T22305]  <TASK>
[ 1025.946172][T22305]  dump_stack_lvl+0x16c/0x1f0
[ 1025.946192][T22305]  should_fail_ex+0x512/0x640
[ 1025.946212][T22305]  strncpy_from_user+0x3b/0x2e0
[ 1025.946229][T22305]  getname_flags.part.0+0x8f/0x550
[ 1025.946242][T22305]  getname_flags+0x93/0xf0
[ 1025.946257][T22305]  do_sys_openat2+0xb8/0x280
[ 1025.946269][T22305]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1025.946281][T22305]  ? __fget_files+0x20e/0x3c0
[ 1025.946295][T22305]  ? count_memcg_events_mm.constprop.0+0x90/0x2a0
[ 1025.946309][T22305]  __ia32_compat_sys_openat+0x16d/0x210
[ 1025.946322][T22305]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[ 1025.946334][T22305]  ? ksys_write+0x1ac/0x250
[ 1025.946353][T22305]  __do_fast_syscall_32+0xe8/0x680
[ 1025.946364][T22305]  do_fast_syscall_32+0x32/0x80
[ 1025.946374][T22305]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1025.946388][T22305] RIP: 0023:0xf7f17579
[ 1025.946397][T22305] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1025.946408][T22305] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[ 1025.946418][T22305] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040
[ 1025.946425][T22305] RDX: 0000000000183040 RSI: 0000000000000000 RDI: 0000000000000000
[ 1025.946432][T22305] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1025.946438][T22305] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1025.946444][T22305] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1025.946460][T22305]  </TASK>
[ 1026.249230][T22309] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[ 1026.251472][T22309] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1026.253934][T22309] vhci_hcd vhci_hcd.0: Device attached
[ 1026.496210][   T24] usb 37-1: new low-speed USB device number 3 using vhci_hcd
[ 1026.780590][T12566] usb 6-1: USB disconnect, device number 8
[ 1026.795431][T22314] vhci_hcd: connection reset by peer
[ 1026.797521][   T79] vhci_hcd: stop threads
[ 1026.799202][   T79] vhci_hcd: release socket
[ 1026.801959][   T79] vhci_hcd: disconnect device
[ 1026.833541][T22333] FAULT_INJECTION: forcing a failure.
[ 1026.833541][T22333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1026.838639][T22333] CPU: 3 UID: 0 PID: 22333 Comm: syz.1.3695 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1026.838661][T22333] Tainted: [L]=SOFTLOCKUP
[ 1026.838665][T22333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1026.838671][T22333] Call Trace:
[ 1026.838676][T22333]  <TASK>
[ 1026.838682][T22333]  dump_stack_lvl+0x16c/0x1f0
[ 1026.838703][T22333]  should_fail_ex+0x512/0x640
[ 1026.838723][T22333]  _copy_from_user+0x2e/0xd0
[ 1026.838741][T22333]  kstrtouint_from_user+0xd6/0x1d0
[ 1026.838755][T22333]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1026.838774][T22333]  proc_fail_nth_write+0x83/0x220
[ 1026.838786][T22333]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1026.838801][T22333]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1026.838810][T22333]  vfs_write+0x2a0/0x11d0
[ 1026.838826][T22333]  ? __pfx___mutex_lock+0x10/0x10
[ 1026.838838][T22333]  ? __pfx_vfs_write+0x10/0x10
[ 1026.838851][T22333]  ? find_held_lock+0x2b/0x80
[ 1026.838872][T22333]  ? __fget_files+0x20e/0x3c0
[ 1026.838891][T22333]  ksys_write+0x12a/0x250
[ 1026.838906][T22333]  ? __pfx_ksys_write+0x10/0x10
[ 1026.838924][T22333]  __do_fast_syscall_32+0xe8/0x680
[ 1026.838936][T22333]  do_fast_syscall_32+0x32/0x80
[ 1026.838946][T22333]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1026.838960][T22333] RIP: 0023:0xf703d579
[ 1026.838968][T22333] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1026.838979][T22333] RSP: 002b:00000000f542d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[ 1026.838990][T22333] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f542d620
[ 1026.838997][T22333] RDX: 0000000000000001 RSI: 00000000f73d6ff4 RDI: 0000000000000000
[ 1026.839003][T22333] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1026.839009][T22333] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1026.839015][T22333] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1026.839029][T22333]  </TASK>
[ 1027.109556][   T40] kauditd_printk_skb: 8 callbacks suppressed
[ 1027.109568][   T40] audit: type=1326 audit(1765054758.964:1943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.128383][   T40] audit: type=1326 audit(1765054758.984:1944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.137741][   T40] audit: type=1326 audit(1765054758.984:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.144655][   T40] audit: type=1326 audit(1765054758.984:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.152636][   T40] audit: type=1326 audit(1765054758.984:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.162026][   T40] audit: type=1326 audit(1765054758.984:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.171762][   T40] audit: type=1326 audit(1765054758.984:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.182262][   T40] audit: type=1326 audit(1765054758.984:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.192382][   T40] audit: type=1326 audit(1765054758.984:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.220703][   T40] audit: type=1326 audit(1765054758.984:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22337 comm="syz.1.3697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[ 1027.802647][T15564] usb 9-1: USB disconnect, device number 53
[ 1027.807168][T15564] ldusb 9-1:0.55: LD USB Device #2 now disconnected
[ 1027.951902][T22354] QAT: failed to copy from user.
[ 1028.258799][T22360] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.362192][T22360] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.389104][T15564] usb 9-1: new high-speed USB device number 54 using dummy_hcd
[ 1028.449843][T22360] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.500718][T22360] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.546477][T15564] usb 9-1: Using ep0 maxpacket: 8
[ 1028.557483][T15564] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1028.561969][T15564] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1028.578439][T22367] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1028.582585][T15564] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1028.586968][T15564] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1028.592252][T15564] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1028.596778][T15564] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1028.600821][ T1213] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.611000][T22367] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3705'.
[ 1028.682212][T22367] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1028.695138][ T1213] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.704112][ T1213] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.713208][ T1213] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1028.891393][T15564] usb 9-1: usb_control_msg returned -32
[ 1028.893290][T15564] usbtmc 9-1:16.0: can't read capabilities
[ 1028.993492][T22378] FAULT_INJECTION: forcing a failure.
[ 1028.993492][T22378] name failslab, interval 1, probability 0, space 0, times 0
[ 1029.000508][T22378] CPU: 2 UID: 0 PID: 22378 Comm: syz.0.3709 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1029.000529][T22378] Tainted: [L]=SOFTLOCKUP
[ 1029.000533][T22378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1029.000540][T22378] Call Trace:
[ 1029.000544][T22378]  <TASK>
[ 1029.000548][T22378]  dump_stack_lvl+0x16c/0x1f0
[ 1029.000569][T22378]  should_fail_ex+0x512/0x640
[ 1029.000586][T22378]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1029.000605][T22378]  should_failslab+0xc2/0x120
[ 1029.000620][T22378]  kmem_cache_alloc_noprof+0x83/0x770
[ 1029.000637][T22378]  ? ptlock_alloc+0x1f/0x70
[ 1029.000654][T22378]  ? ptlock_alloc+0x1f/0x70
[ 1029.000668][T22378]  ptlock_alloc+0x1f/0x70
[ 1029.000683][T22378]  pte_alloc_one+0x84/0x3d0
[ 1029.000701][T22378]  do_fault+0x8b8/0x1ce0
[ 1029.000712][T22378]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1029.000731][T22378]  __handle_mm_fault+0x1768/0x2cf0
[ 1029.000750][T22378]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1029.000776][T22378]  handle_mm_fault+0x3fe/0xad0
[ 1029.000794][T22378]  __get_user_pages+0x605/0x33a0
[ 1029.000812][T22378]  ? __pfx___get_user_pages+0x10/0x10
[ 1029.000829][T22378]  populate_vma_page_range+0x267/0x3f0
[ 1029.000843][T22378]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1029.000856][T22378]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1029.000869][T22378]  ? do_mmap+0x69c/0x1210
[ 1029.000882][T22378]  __mm_populate+0x1d8/0x380
[ 1029.000896][T22378]  ? __pfx___mm_populate+0x10/0x10
[ 1029.000910][T22378]  ? up_write+0x282/0x4e0
[ 1029.000926][T22378]  vm_mmap_pgoff+0x37f/0x470
[ 1029.000939][T22378]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1029.000953][T22378]  ? __fget_files+0x20e/0x3c0
[ 1029.000971][T22378]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1029.000983][T22378]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[ 1029.000996][T22378]  __do_fast_syscall_32+0xe8/0x680
[ 1029.001008][T22378]  do_fast_syscall_32+0x32/0x80
[ 1029.001018][T22378]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1029.001032][T22378] RIP: 0023:0xf701d579
[ 1029.001041][T22378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1029.001051][T22378] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[ 1029.001062][T22378] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600000
[ 1029.001069][T22378] RDX: 00000000027ffff7 RSI: 0000000004012011 RDI: 0000000000000005
[ 1029.001075][T22378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1029.001081][T22378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1029.001088][T22378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1029.001102][T22378]  </TASK>
[ 1029.543738][T22392] syzkaller0: entered promiscuous mode
[ 1029.545625][T22392] syzkaller0: entered allmulticast mode
[ 1029.564680][T22393] af_packet: tpacket_rcv: packet too big, clamped from 42 to 4294967286. macoff=82
[ 1030.968278][   T34] usb 9-1: USB disconnect, device number 54
[ 1031.586383][   T24] vhci_hcd: vhci_device speed not set
[ 1032.399636][T22413] FAULT_INJECTION: forcing a failure.
[ 1032.399636][T22413] name failslab, interval 1, probability 0, space 0, times 0
[ 1032.404834][T22413] CPU: 0 UID: 0 PID: 22413 Comm: syz.0.3720 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1032.404862][T22413] Tainted: [L]=SOFTLOCKUP
[ 1032.404868][T22413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1032.404878][T22413] Call Trace:
[ 1032.404886][T22413]  <TASK>
[ 1032.404894][T22413]  dump_stack_lvl+0x16c/0x1f0
[ 1032.404924][T22413]  should_fail_ex+0x512/0x640
[ 1032.404948][T22413]  ? __kmalloc_node_track_caller_noprof+0xcb/0x930
[ 1032.404970][T22413]  should_failslab+0xc2/0x120
[ 1032.404991][T22413]  __kmalloc_node_track_caller_noprof+0xec/0x930
[ 1032.405011][T22413]  ? xfrm_add_sa+0x2b3e/0x5fa0
[ 1032.405038][T22413]  ? kmemdup_noprof+0x29/0x60
[ 1032.405061][T22413]  kmemdup_noprof+0x29/0x60
[ 1032.405084][T22413]  xfrm_add_sa+0x2b3e/0x5fa0
[ 1032.405116][T22413]  ? __pfx_xfrm_add_sa+0x10/0x10
[ 1032.405141][T22413]  ? __nla_parse+0x40/0x60
[ 1032.405158][T22413]  ? __pfx_xfrm_add_sa+0x10/0x10
[ 1032.405181][T22413]  xfrm_user_rcv_msg+0x4fe/0xb60
[ 1032.405207][T22413]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1032.405229][T22413]  ? kfree_skbmem+0x1a4/0x1f0
[ 1032.405250][T22413]  ? kfree_skbmem+0x1a4/0x1f0
[ 1032.405270][T22413]  ? consume_skb+0xcc/0x100
[ 1032.405291][T22413]  ? find_held_lock+0x2b/0x80
[ 1032.405337][T22413]  ? rcu_is_watching+0x12/0xc0
[ 1032.405354][T22413]  ? trace_contention_end+0xdd/0x110
[ 1032.405374][T22413]  ? __mutex_lock+0x27b/0x1b10
[ 1032.405393][T22413]  netlink_rcv_skb+0x158/0x420
[ 1032.405414][T22413]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1032.405437][T22413]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1032.405475][T22413]  xfrm_netlink_rcv+0x71/0x90
[ 1032.405505][T22413]  netlink_unicast+0x5aa/0x870
[ 1032.405529][T22413]  ? __pfx_netlink_unicast+0x10/0x10
[ 1032.405558][T22413]  netlink_sendmsg+0x8c8/0xdd0
[ 1032.405582][T22413]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1032.405605][T22413]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1032.405631][T22413]  ____sys_sendmsg+0xa5d/0xc30
[ 1032.405655][T22413]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1032.405674][T22413]  ? get_compat_msghdr+0x11a/0x170
[ 1032.405703][T22413]  ___sys_sendmsg+0x134/0x1d0
[ 1032.405722][T22413]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1032.405750][T22413]  ? find_held_lock+0x2b/0x80
[ 1032.405790][T22413]  __sys_sendmsg+0x16d/0x220
[ 1032.405808][T22413]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1032.405842][T22413]  __do_fast_syscall_32+0xe8/0x680
[ 1032.405860][T22413]  do_fast_syscall_32+0x32/0x80
[ 1032.405875][T22413]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1032.405895][T22413] RIP: 0023:0xf701d579
[ 1032.405908][T22413] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1032.405924][T22413] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1032.405940][T22413] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1032.405951][T22413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1032.405960][T22413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1032.405969][T22413] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1032.405979][T22413] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1032.406003][T22413]  </TASK>
[ 1032.896058][T22419] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[ 1032.900003][T22419] UDF-fs: Scanning with blocksize 2048 failed
[ 1032.906189][T22419] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[ 1032.909239][T22419] UDF-fs: Scanning with blocksize 4096 failed
[ 1032.993382][ T5987] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[ 1033.139369][ T5987] usb 8-1: Using ep0 maxpacket: 8
[ 1033.143321][ T5987] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1033.146087][ T5987] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dc, bcdDevice= 0.00
[ 1033.149868][ T5987] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1033.154907][ T5987] usb 8-1: config 0 descriptor??
[ 1033.363647][ T5987] hid-generic 0003:04D8:00DC.0038: hidraw1: USB HID vff.ff Device [HID 04d8:00dc] on usb-dummy_hcd.3-1/input0
[ 1033.546026][T22423] QAT: failed to copy from user.
[ 1033.798461][   T34] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 1033.968474][   T34] usb 5-1: Using ep0 maxpacket: 8
[ 1033.971932][   T34] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1033.976427][   T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1033.981121][   T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1033.985206][   T34] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1033.991019][   T34] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1033.994697][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.214335][   T34] usb 5-1: usb_control_msg returned -32
[ 1034.216257][   T34] usbtmc 5-1:16.0: can't read capabilities
[ 1034.272091][T22427] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[ 1034.288025][T22427] netlink: 'syz.4.3725': attribute type 4 has an invalid length.
[ 1034.291559][T22427] netlink: 'syz.4.3725': attribute type 4 has an invalid length.
[ 1034.789357][T18494] usb 8-1: USB disconnect, device number 12
[ 1034.975728][ T5947] Bluetooth: hci4: unexpected cc 0x042d length: 63 > 7
[ 1034.978703][ T5947] Bluetooth: hci4: unexpected event for opcode 0x042d
[ 1035.068124][   T40] kauditd_printk_skb: 55 callbacks suppressed
[ 1035.068138][   T40] audit: type=1800 audit(1765054766.921:2008): pid=22435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3728" name="bus" dev="overlay" ino=1683 res=0 errno=0
[ 1035.959270][T22466] FAULT_INJECTION: forcing a failure.
[ 1035.959270][T22466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1035.963566][T22466] CPU: 0 UID: 0 PID: 22466 Comm: syz.4.3735 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1035.963585][T22466] Tainted: [L]=SOFTLOCKUP
[ 1035.963589][T22466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1035.963595][T22466] Call Trace:
[ 1035.963600][T22466]  <TASK>
[ 1035.963604][T22466]  dump_stack_lvl+0x16c/0x1f0
[ 1035.963624][T22466]  should_fail_ex+0x512/0x640
[ 1035.963643][T22466]  _copy_from_user+0x2e/0xd0
[ 1035.963659][T22466]  move_addr_to_kernel+0x65/0x170
[ 1035.963677][T22466]  __sys_sendto+0x1be/0x520
[ 1035.963687][T22466]  ? __pfx___sys_sendto+0x10/0x10
[ 1035.963708][T22466]  ? ksys_write+0x1ac/0x250
[ 1035.963723][T22466]  ? __pfx_ksys_write+0x10/0x10
[ 1035.963739][T22466]  __ia32_sys_sendto+0xdd/0x1b0
[ 1035.963748][T22466]  ? __do_fast_syscall_32+0x9a/0x680
[ 1035.963759][T22466]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1035.963774][T22466]  __do_fast_syscall_32+0xe8/0x680
[ 1035.963785][T22466]  do_fast_syscall_32+0x32/0x80
[ 1035.963795][T22466]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1035.963809][T22466] RIP: 0023:0xf7f57579
[ 1035.963817][T22466] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1035.963828][T22466] RSP: 002b:00000000f542555c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1035.963839][T22466] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800005c0
[ 1035.963846][T22466] RDX: 0000000000000012 RSI: 0000000000040051 RDI: 0000000080000080
[ 1035.963852][T22466] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[ 1035.963858][T22466] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1035.963865][T22466] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1035.963879][T22466]  </TASK>
[ 1036.439469][T22477] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3738'.
[ 1036.507733][T22481] tc_dump_action: action bad kind
[ 1036.547625][T22481] netlink: 'syz.4.3740': attribute type 1 has an invalid length.
[ 1036.562695][T18494] usb 5-1: USB disconnect, device number 12
[ 1036.981389][T22491] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 1036.983497][T22491] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1036.986067][T22491] vhci_hcd vhci_hcd.0: Device attached
[ 1036.992474][T22493] vhci_hcd: connection closed
[ 1036.992725][ T9406] vhci_hcd: stop threads
[ 1036.996670][ T9406] vhci_hcd: release socket
[ 1036.998529][ T9406] vhci_hcd: disconnect device
[ 1037.078798][T22496] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1038.080659][T15564] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1038.211292][T22507] ufs: You didn't specify the type of your ufs filesystem
[ 1038.211292][T22507] 
[ 1038.211292][T22507] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1038.211292][T22507] 
[ 1038.211292][T22507] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1038.221776][T22507] ufs: ufstype=old is supported read-only
[ 1038.231946][T22507] ufs: ufs_fill_super(): bad magic number
[ 1038.253568][T15564] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1038.257589][T15564] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1038.261814][T15564] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1038.265119][T15564] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1038.276570][T22503] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1038.287977][T15564] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1038.609745][T15564] usb 5-1: USB disconnect, device number 13
[ 1038.870866][T22514] QAT: failed to copy from user.
[ 1039.110563][ T5987] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[ 1039.270587][ T5987] usb 8-1: Using ep0 maxpacket: 8
[ 1039.276379][ T5987] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1039.280210][ T5987] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1039.283671][ T5987] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1039.286839][ T5987] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1039.291039][ T5987] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1039.293506][ T5987] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1039.462979][T22526] overlayfs: workdir and upperdir must reside under the same mount
[ 1039.508223][ T5987] usb 8-1: usb_control_msg returned -32
[ 1039.510326][ T5987] usbtmc 8-1:16.0: can't read capabilities
[ 1039.526901][ T5987] usb 8-1: USB disconnect, device number 13
[ 1039.945548][T22531] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[ 1039.948139][T22531] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1039.951782][T22531] vhci_hcd vhci_hcd.0: Device attached
[ 1040.065697][T22532] vhci_hcd: connection closed
[ 1040.075792][ T4270] vhci_hcd: stop threads
[ 1040.080843][ T4270] vhci_hcd: release socket
[ 1040.082320][ T4270] vhci_hcd: disconnect device
[ 1040.368305][ T5987] usb 9-1: new high-speed USB device number 55 using dummy_hcd
[ 1041.010666][   T40] audit: type=1326 audit(1765054772.858:2009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22543 comm="syz.3.3759" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x0
[ 1041.212741][ T5987] usb 9-1: config 1 has an invalid interface number: 7 but max is 0
[ 1041.215417][ T5987] usb 9-1: config 1 has no interface number 0
[ 1041.217450][ T5987] usb 9-1: config 1 interface 7 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 16
[ 1041.220408][ T5987] usb 9-1: config 1 interface 7 altsetting 0 bulk endpoint 0xC has invalid maxpacket 16
[ 1041.223704][ T5987] usb 9-1: config 1 interface 7 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 1041.231731][ T5987] usb 9-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1041.234812][ T5987] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1041.246790][ T5987] usb 9-1: Product: syz
[ 1041.248487][ T5987] usb 9-1: Manufacturer: syz
[ 1041.249922][ T5987] usb 9-1: SerialNumber: syz
[ 1041.253450][T22536] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1041.256066][T22536] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1041.260187][ T5987] usb 9-1: Expected 3 endpoints, found: 2
[ 1042.015236][T22554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1042.018505][T22554] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1042.172122][T22561] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3764'.
[ 1042.404112][T22571] random: crng reseeded on system resumption
[ 1043.057526][T16863] usb 9-1: USB disconnect, device number 55
[ 1043.343693][T17442] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1043.356607][T17442] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1043.359616][T17442] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1043.365952][T17442] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1043.368498][T17442] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1043.654720][T22579] chnl_net:caif_netlink_parms(): no params data found
[ 1043.730539][T22579] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1043.733390][T22579] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1043.736728][T22579] bridge_slave_0: entered allmulticast mode
[ 1043.740858][T22579] bridge_slave_0: entered promiscuous mode
[ 1043.748522][T22579] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1043.751613][T22579] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1043.756129][T22579] bridge_slave_1: entered allmulticast mode
[ 1043.760130][T22579] bridge_slave_1: entered promiscuous mode
[ 1043.793048][T22579] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1043.799745][T22579] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1043.850948][T22579] team0: Port device team_slave_0 added
[ 1043.854973][T22579] team0: Port device team_slave_1 added
[ 1043.870079][T22579] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1043.873217][T22579] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1043.881345][T22579] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1043.887086][T22579] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1043.889615][T22579] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1043.898251][T22579] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1043.937721][ T1202] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.014671][T22579] hsr_slave_0: entered promiscuous mode
[ 1044.017404][T22579] hsr_slave_1: entered promiscuous mode
[ 1044.019614][T22579] debugfs: 'hsr0' already exists in 'hsr'
[ 1044.021499][T22579] Cannot create hsr debugfs directory
[ 1044.060735][ T1202] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.283573][ T1202] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.315461][T22579] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1044.325043][T22579] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1044.329489][T22579] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1044.333872][T22579] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1044.339723][ T1202] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.360902][T22579] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1044.363206][T22579] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1044.365854][T22579] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1044.368296][T22579] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1044.401993][T22579] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1044.416853][ T9406] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1044.421651][ T9406] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.443965][T22579] 8021q: adding VLAN 0 to HW filter on device team0
[ 1044.450448][ T4270] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1044.452793][ T4270] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1044.468205][ T9406] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1044.470507][ T9406] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1044.539503][ T1202] bridge_slave_1: left allmulticast mode
[ 1044.541319][ T1202] bridge_slave_1: left promiscuous mode
[ 1044.544743][ T1202] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.552448][ T1202] bridge_slave_0: left allmulticast mode
[ 1044.555742][ T1202] bridge_slave_0: left promiscuous mode
[ 1044.557565][ T1202] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1045.048379][ T1202] bond2 (unregistering): (slave bridge1): Releasing backup interface
[ 1045.051185][ T1202] bridge1 (unregistering): left promiscuous mode
[ 1045.124780][ T1202] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1045.130226][ T1202] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1045.136278][ T1202] bond0 (unregistering): (slave bond1): Releasing backup interface
[ 1045.140070][ T1202] bond0 (unregistering): Released all slaves
[ 1045.272043][ T1202] bond1 (unregistering): Released all slaves
[ 1045.399232][ T1202] bond2 (unregistering): Released all slaves
[ 1045.433703][T17442] Bluetooth: hci3: command tx timeout
[ 1045.477108][ T1202] tipc: Left network mode
[ 1045.541868][T22579] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1045.884665][T16863] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1045.963884][T22626] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1045.977192][T22626] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3774'.
[ 1046.040264][T16863] usb 8-1: config 1 has an invalid interface number: 7 but max is 0
[ 1046.045371][T16863] usb 8-1: config 1 has no interface number 0
[ 1046.048294][T16863] usb 8-1: config 1 interface 7 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 16
[ 1046.052009][T16863] usb 8-1: config 1 interface 7 altsetting 0 bulk endpoint 0xC has invalid maxpacket 16
[ 1046.056187][T16863] usb 8-1: config 1 interface 7 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 1046.068265][T16863] usb 8-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1046.071695][T16863] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1046.075117][T16863] usb 8-1: Product: syz
[ 1046.076884][T16863] usb 8-1: Manufacturer: syz
[ 1046.078522][T16863] usb 8-1: SerialNumber: syz
[ 1046.092180][T22617] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1046.096316][T22617] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1046.105308][T16863] usb 8-1: Expected 3 endpoints, found: 2
[ 1046.138345][T22626] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1046.159582][T22626] 8021q: adding VLAN 0 to HW filter on device team0
[ 1046.167219][T22626] tipc: Resetting bearer <eth:team0>
[ 1046.172396][T22626] tipc: Resetting bearer <eth:team0>
[ 1046.184045][T22626] batman_adv: batadv0: Interface activated: dummy0
[ 1046.186724][T22626] batadv0: mtu less than device minimum
[ 1046.189840][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.194909][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.199852][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.204269][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.208956][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.213683][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.218639][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.223253][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.228562][T22626] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1046.367858][T22579] veth0_vlan: entered promiscuous mode
[ 1046.375287][T22579] veth1_vlan: entered promiscuous mode
[ 1046.425813][T22579] veth0_macvtap: entered promiscuous mode
[ 1046.435855][T22579] veth1_macvtap: entered promiscuous mode
[ 1046.465552][T22579] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1046.535600][T22579] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1046.558604][  T226] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1046.562554][  T226] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1046.569621][  T226] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1046.572905][  T226] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1046.602904][ T1202] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1046.615977][ T1202] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1046.625765][ T1202] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1046.628679][ T1202] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1046.676135][ T1202] veth1_macvtap: left promiscuous mode
[ 1046.678493][ T1202] veth0_macvtap: left promiscuous mode
[ 1046.682219][ T1202] veth1_vlan: left promiscuous mode
[ 1046.685348][ T1202] veth0_vlan: left promiscuous mode
[ 1046.766559][T22632] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1046.770319][T22632] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1046.864336][ T6031] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 1047.034503][ T6031] usb 5-1: Using ep0 maxpacket: 8
[ 1047.037764][ T6031] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1047.040829][ T6031] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1047.045027][ T6031] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1047.048348][ T6031] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 61728, setting to 1024
[ 1047.052720][ T6031] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1047.056233][ T6031] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1047.060346][ T6031] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1047.063679][ T6031] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1047.091598][ T1202] team0 (unregistering): Port device team_slave_1 removed
[ 1047.124857][ T1202] team0 (unregistering): Port device team_slave_0 removed
[ 1047.279829][ T6031] usb 5-1: usb_control_msg returned -32
[ 1047.282097][ T6031] usbtmc 5-1:16.0: can't read capabilities
[ 1047.526832][T17442] Bluetooth: hci3: command tx timeout
[ 1047.559611][  T226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1047.568332][  T226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1047.587374][ T4270] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1047.589860][ T4270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1047.650983][T17442] Bluetooth: hci3: unexpected cc 0x042d length: 63 > 7
[ 1048.630015][ T5987] usb 8-1: USB disconnect, device number 14
[ 1048.964726][T22654] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3782'.
[ 1049.002162][ T4270] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1049.006154][ T4270] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1049.150660][T22656] FAULT_INJECTION: forcing a failure.
[ 1049.150660][T22656] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1049.155381][T22656] CPU: 0 UID: 0 PID: 22656 Comm: syz.5.3783 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1049.155401][T22656] Tainted: [L]=SOFTLOCKUP
[ 1049.155405][T22656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1049.155412][T22656] Call Trace:
[ 1049.155416][T22656]  <TASK>
[ 1049.155421][T22656]  dump_stack_lvl+0x16c/0x1f0
[ 1049.155441][T22656]  should_fail_ex+0x512/0x640
[ 1049.155460][T22656]  _copy_from_user+0x2e/0xd0
[ 1049.155477][T22656]  move_addr_to_kernel+0x65/0x170
[ 1049.155494][T22656]  __sys_connect+0xb1/0x160
[ 1049.155511][T22656]  ? __pfx___sys_connect+0x10/0x10
[ 1049.155526][T22656]  ? count_memcg_events_mm.constprop.0+0x90/0x2a0
[ 1049.155543][T22656]  ? __pfx_ksys_write+0x10/0x10
[ 1049.155561][T22656]  __ia32_sys_connect+0x71/0xb0
[ 1049.155577][T22656]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1049.155593][T22656]  __do_fast_syscall_32+0xe8/0x680
[ 1049.155604][T22656]  do_fast_syscall_32+0x32/0x80
[ 1049.155614][T22656]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1049.155628][T22656] RIP: 0023:0xf701d579
[ 1049.155637][T22656] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1049.155647][T22656] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[ 1049.155658][T22656] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[ 1049.155665][T22656] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000000
[ 1049.155671][T22656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1049.155677][T22656] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1049.155683][T22656] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1049.155697][T22656]  </TASK>
[ 1049.594214][T16863] usb 5-1: USB disconnect, device number 14
[ 1049.666571][T22663] fuse: Bad value for 'fd'
[ 1049.680786][T17442] Bluetooth: hci3: command tx timeout
[ 1049.856836][T22668] fuse: Bad value for 'fd'
[ 1049.860012][T22668] FAULT_INJECTION: forcing a failure.
[ 1049.860012][T22668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1049.863991][T22668] CPU: 3 UID: 0 PID: 22668 Comm: syz.0.3789 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1049.864009][T22668] Tainted: [L]=SOFTLOCKUP
[ 1049.864013][T22668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1049.864019][T22668] Call Trace:
[ 1049.864024][T22668]  <TASK>
[ 1049.864028][T22668]  dump_stack_lvl+0x16c/0x1f0
[ 1049.864049][T22668]  should_fail_ex+0x512/0x640
[ 1049.864068][T22668]  strncpy_from_user+0x3b/0x2e0
[ 1049.864085][T22668]  getname_flags.part.0+0x8f/0x550
[ 1049.864100][T22668]  getname_flags+0x93/0xf0
[ 1049.864113][T22668]  do_sys_openat2+0xb8/0x280
[ 1049.864125][T22668]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1049.864138][T22668]  ? __fget_files+0x20e/0x3c0
[ 1049.864151][T22668]  ? count_memcg_events_mm.constprop.0+0x90/0x2a0
[ 1049.864166][T22668]  __ia32_compat_sys_openat+0x16d/0x210
[ 1049.864178][T22668]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[ 1049.864190][T22668]  ? ksys_write+0x1ac/0x250
[ 1049.864209][T22668]  __do_fast_syscall_32+0xe8/0x680
[ 1049.864220][T22668]  do_fast_syscall_32+0x32/0x80
[ 1049.864230][T22668]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1049.864244][T22668] RIP: 0023:0xf701d579
[ 1049.864252][T22668] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1049.864262][T22668] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[ 1049.864273][T22668] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000a80
[ 1049.864280][T22668] RDX: 000000000300000d RSI: 0000000000000001 RDI: 0000000000000000
[ 1049.864286][T22668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1049.864292][T22668] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1049.864298][T22668] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1049.864312][T22668]  </TASK>
[ 1050.130875][T22669] netlink: 220 bytes leftover after parsing attributes in process `syz.4.3786'.
[ 1050.137711][T22669] fuse: Bad value for 'user_id'
[ 1050.139265][T22669] fuse: Bad value for 'user_id'
[ 1050.406353][T16863] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1050.534606][T22685] fuse: Bad value for 'fd'
[ 1050.561422][T16863] usb 10-1: config 1 has an invalid interface number: 7 but max is 0
[ 1050.564359][T16863] usb 10-1: config 1 has no interface number 0
[ 1050.567799][T16863] usb 10-1: config 1 interface 7 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 16
[ 1050.571372][T16863] usb 10-1: config 1 interface 7 altsetting 0 bulk endpoint 0xC has invalid maxpacket 16
[ 1050.575189][T16863] usb 10-1: config 1 interface 7 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 1050.576249][T22683] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3794'.
[ 1050.582488][T16863] usb 10-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1050.586936][T16863] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1050.589641][T16863] usb 10-1: Product: syz
[ 1050.591039][T16863] usb 10-1: Manufacturer: syz
[ 1050.592541][T16863] usb 10-1: SerialNumber: syz
[ 1050.599987][T22673] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1050.602958][T22673] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1050.607971][T16863] usb 10-1: Expected 3 endpoints, found: 2
[ 1050.635599][T22688] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3794'.
[ 1050.987820][T16863] usb 9-1: new high-speed USB device number 56 using dummy_hcd
[ 1051.148649][T16863] usb 9-1: too many configurations: 9, using maximum allowed: 8
[ 1051.165180][T16863] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1051.170430][T16863] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1051.175182][T16863] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1051.179207][T22699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1051.179470][T22699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1051.191650][T16863] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1051.199302][T16863] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1051.203725][T16863] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1051.212368][T16863] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1051.218318][T16863] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1051.223624][T16863] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1051.231208][T16863] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1051.237679][T16863] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1051.241883][T16863] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1051.251910][T16863] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1051.257527][T16863] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1051.262365][T16863] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1051.271253][T16863] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1051.277449][T16863] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1051.281992][T16863] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1051.290868][T16863] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1051.294711][T16863] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1051.301438][T16863] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1051.310740][T16863] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1051.317173][T16863] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1051.321488][T16863] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1051.337473][T16863] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1051.341279][T16863] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1051.344727][T16863] usb 9-1: Product: syz
[ 1051.348465][T16863] usb 9-1: Manufacturer: syz
[ 1051.350428][T16863] usb 9-1: SerialNumber: syz
[ 1051.364938][T16863] usb 9-1: config 0 descriptor??
[ 1051.393396][T16863] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[ 1051.645046][T22695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1051.661782][T22695] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1051.756377][T17442] Bluetooth: hci3: command tx timeout
[ 1052.041339][    C2] usb 9-1: yurex_control_callback - control failed: -71
[ 1052.049111][T16863] usb 9-1: USB disconnect, device number 56
[ 1052.052518][T16863] yurex 9-1:0.0: USB YUREX #0 now disconnected
[ 1052.348027][T16863] usb 9-1: new high-speed USB device number 57 using dummy_hcd
[ 1052.497016][T16863] usb 9-1: Using ep0 maxpacket: 8
[ 1052.501509][T16863] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1052.505562][T16863] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1052.509632][T16863] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1052.514475][T16863] usb 9-1: config 0 descriptor??
[ 1052.519264][T16863] iowarrior 9-1:0.0: no interrupt-in endpoint found
[ 1053.166142][T18932] usb 10-1: USB disconnect, device number 2
[ 1053.293541][T22725] syzkaller0: entered promiscuous mode
[ 1053.295804][T22725] syzkaller0: entered allmulticast mode
[ 1053.531352][T22729] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3808'.
[ 1053.881693][T15564] usb 9-1: USB disconnect, device number 57
[ 1053.953030][T22737] bad cache= option: noneblocksize    : 8
[ 1053.953030][T22737] min keysize  : 5
[ 1053.953030][T22737] max keysize  : 16
[ 1053.953030][T22737] ivsize       : 8
[ 1053.953030][T22737] chunksize    : 8
[ 1053.953030][T22737] walksize     : 8
[ 1053.953030][T22737] statesize    : 0
[ 1053.953030][T22737] 
[ 1053.953030][T22737] name         : gcm(aes)
[ 1053.953030][T22737] driver       : gcm_base(ctr(aes-aesni)
[ 1053.953030][T22737] 
[ 1053.979137][T22737] CIFS: VFS: bad cache= option: noneblocksize    : 8
[ 1053.979137][T22737] min keysize  : 5
[ 1053.979137][T22737] max keysize  : 16
[ 1053.979137][T22737] ivsize       : 8
[ 1053.979137][T22737] chunksize    : 8
[ 1053.979137][T22737] walksize     : 8
[ 1053.979137][T22737] statesize    : 0
[ 1053.979137][T22737] 
[ 1053.979137][T22737] name         : gcm(aes)
[ 1053.979137][T22737] driver       : gcm_base(ctr(aes-aesni)
[ 1055.438717][T17442] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1055.634727][T22751] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1055.732696][T22751] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1055.817972][ T5987] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1055.881273][T22751] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1055.968412][ T5987] usb 5-1: too many configurations: 9, using maximum allowed: 8
[ 1055.972494][ T5987] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1055.975406][ T5987] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1055.979403][ T5987] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1055.982718][ T5987] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1055.985621][ T5987] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1055.989402][ T5987] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1055.992998][ T5987] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1055.996856][ T5987] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1056.001641][ T5987] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1056.005590][ T5987] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1056.008901][ T5987] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1056.012415][ T5987] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1056.015438][ T5987] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1056.018512][ T5987] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1056.022118][ T5987] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1056.025809][ T5987] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1056.028812][ T5987] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1056.032642][ T5987] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1056.036326][ T5987] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1056.039501][ T5987] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1056.043135][ T5987] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1056.046830][ T5987] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1056.049926][ T5987] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1056.053515][ T5987] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1056.057476][ T5987] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1056.060577][ T5987] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1056.063376][ T5987] usb 5-1: Product: syz
[ 1056.064732][ T5987] usb 5-1: Manufacturer: syz
[ 1056.066394][ T5987] usb 5-1: SerialNumber: syz
[ 1056.069176][ T5987] usb 5-1: config 0 descriptor??
[ 1056.073647][ T5987] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[ 1056.145959][T22751] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1056.244519][ T4270] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.255518][ T1213] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.266322][T19649] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.280570][T19649] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.285484][T22759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1056.289816][T22759] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1056.653340][    C0] usb 5-1: yurex_control_callback - control failed: -71
[ 1056.664729][ T5987] usb 5-1: USB disconnect, device number 15
[ 1056.668014][ T5987] yurex 5-1:0.0: USB YUREX #0 now disconnected
[ 1056.693976][T22775] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0)
[ 1056.700906][T22775] netlink: 'syz.3.3825': attribute type 23 has an invalid length.
[ 1056.703514][T22775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3825'.
[ 1056.750838][T22777] netlink: 'syz.3.3826': attribute type 11 has an invalid length.
[ 1056.753962][T22777] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3826'.
[ 1056.757735][T22777] netlink: 'syz.3.3826': attribute type 11 has an invalid length.
[ 1056.758075][T22779] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3826'.
[ 1056.958608][ T5987] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1057.049640][T22787] overlayfs: missing 'lowerdir'
[ 1057.052385][T22787] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1057.108148][ T5987] usb 5-1: Using ep0 maxpacket: 8
[ 1057.116198][ T5987] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1057.119953][ T5987] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1057.122964][ T5987] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.129034][ T5987] usb 5-1: config 0 descriptor??
[ 1057.136981][ T5987] iowarrior 5-1:0.0: no interrupt-in endpoint found
[ 1057.170337][T22790] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3831'.
[ 1057.231577][T22791] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3831'.
[ 1057.324823][T22798] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3833'.
[ 1057.333344][T22798] overlayfs: failed to resolve './file0': -2
[ 1057.522275][ T5947] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1057.749587][T16863] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[ 1057.899499][T16863] usb 8-1: Using ep0 maxpacket: 8
[ 1057.923424][T16863] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[ 1057.927901][T16863] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1057.937100][T16863] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1057.953896][T16863] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1057.966537][T16863] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1057.975410][T16863] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1057.979507][T16863] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1058.099295][T22820] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3839'.
[ 1058.133803][   T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1058.137047][   T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1058.215870][T16863] usb 8-1: usb_control_msg returned -32
[ 1058.217912][T16863] usbtmc 8-1:16.0: can't read capabilities
[ 1058.564249][ T5987] usb 5-1: USB disconnect, device number 16
[ 1058.602815][T22824] FAULT_INJECTION: forcing a failure.
[ 1058.602815][T22824] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1058.607300][T22824] CPU: 0 UID: 0 PID: 22824 Comm: syz.0.3841 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1058.607326][T22824] Tainted: [L]=SOFTLOCKUP
[ 1058.607332][T22824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1058.607344][T22824] Call Trace:
[ 1058.607353][T22824]  <TASK>
[ 1058.607376][T22824]  dump_stack_lvl+0x16c/0x1f0
[ 1058.607406][T22824]  should_fail_ex+0x512/0x640
[ 1058.607428][T22824]  should_fail_alloc_page+0xe7/0x130
[ 1058.607445][T22824]  prepare_alloc_pages+0x401/0x670
[ 1058.607464][T22824]  ? rcu_is_watching+0x12/0xc0
[ 1058.607477][T22824]  __alloc_frozen_pages_noprof+0x18b/0x2430
[ 1058.607492][T22824]  ? rcu_is_watching+0x12/0xc0
[ 1058.607502][T22824]  ? trace_mm_page_alloc+0x11b/0x180
[ 1058.607516][T22824]  ? __alloc_frozen_pages_noprof+0x292/0x2430
[ 1058.607528][T22824]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1058.607539][T22824]  ? stack_depot_save_flags+0x29/0x9b0
[ 1058.607556][T22824]  ? find_held_lock+0x2b/0x80
[ 1058.607576][T22824]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1058.607586][T22824]  ? alloc_vmap_area+0x66f/0x2a50
[ 1058.607598][T22824]  ? __vmalloc_node_range_noprof+0x247/0x16b0
[ 1058.607613][T22824]  ? __vmalloc_noprof+0xa3/0x120
[ 1058.607626][T22824]  ? bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.607643][T22824]  ? bpf_prog_alloc+0x3b/0x230
[ 1058.607658][T22824]  ? bpf_prog_load+0x19bc/0x2c70
[ 1058.607669][T22824]  ? __sys_bpf+0x3e72/0x4980
[ 1058.607681][T22824]  ? __ia32_sys_bpf+0x76/0xe0
[ 1058.607693][T22824]  ? __do_fast_syscall_32+0xe8/0x680
[ 1058.607708][T22824]  alloc_pages_bulk_noprof+0x77b/0x1010
[ 1058.607719][T22824]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1058.607732][T22824]  ? policy_nodemask+0xea/0x4e0
[ 1058.607748][T22824]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1058.607760][T22824]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1058.607776][T22824]  ? set_page_refcounted+0xbd/0x230
[ 1058.607791][T22824]  __kasan_populate_vmalloc+0xfb/0x220
[ 1058.607807][T22824]  alloc_vmap_area+0x98d/0x2a50
[ 1058.607826][T22824]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1058.607842][T22824]  __get_vm_area_node+0x1ca/0x330
[ 1058.607859][T22824]  __vmalloc_node_range_noprof+0x247/0x16b0
[ 1058.607875][T22824]  ? bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.607892][T22824]  ? post_alloc_hook+0x19e/0x220
[ 1058.607911][T22824]  ? bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.607931][T22824]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1058.607948][T22824]  ? should_fail_alloc_page+0xee/0x130
[ 1058.607965][T22824]  ? rcu_is_watching+0x12/0xc0
[ 1058.607981][T22824]  ? trace_mm_page_alloc+0x11b/0x180
[ 1058.608002][T22824]  ? bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.608028][T22824]  __vmalloc_node_noprof+0xad/0xf0
[ 1058.608051][T22824]  ? bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.608073][T22824]  __vmalloc_noprof+0xa3/0x120
[ 1058.608087][T22824]  ? __pfx___vmalloc_noprof+0x10/0x10
[ 1058.608101][T22824]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1058.608115][T22824]  ? is_bpf_text_address+0x94/0x1a0
[ 1058.608127][T22824]  ? apparmor_capable+0x1d7/0x4e0
[ 1058.608144][T22824]  bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.608160][T22824]  ? security_capable+0x7e/0x260
[ 1058.608175][T22824]  bpf_prog_alloc+0x3b/0x230
[ 1058.608190][T22824]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1058.608203][T22824]  bpf_prog_load+0x19bc/0x2c70
[ 1058.608216][T22824]  ? _parse_integer_limit+0x17f/0x1d0
[ 1058.608232][T22824]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1058.608247][T22824]  ? find_held_lock+0x2b/0x80
[ 1058.608275][T22824]  __sys_bpf+0x3e72/0x4980
[ 1058.608291][T22824]  ? __pfx___sys_bpf+0x10/0x10
[ 1058.608304][T22824]  ? find_held_lock+0x2b/0x80
[ 1058.608324][T22824]  ? find_held_lock+0x2b/0x80
[ 1058.608344][T22824]  ? __mutex_unlock_slowpath+0x161/0x790
[ 1058.608369][T22824]  ? fput+0x70/0xf0
[ 1058.608379][T22824]  ? ksys_write+0x1ac/0x250
[ 1058.608393][T22824]  ? __pfx_ksys_write+0x10/0x10
[ 1058.608410][T22824]  __ia32_sys_bpf+0x76/0xe0
[ 1058.608424][T22824]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1058.608445][T22824]  __do_fast_syscall_32+0xe8/0x680
[ 1058.608469][T22824]  do_fast_syscall_32+0x32/0x80
[ 1058.608486][T22824]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1058.608507][T22824] RIP: 0023:0xf701d579
[ 1058.608521][T22824] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1058.608532][T22824] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[ 1058.608543][T22824] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[ 1058.608550][T22824] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[ 1058.608556][T22824] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1058.608562][T22824] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1058.608568][T22824] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1058.608582][T22824]  </TASK>
[ 1058.608642][T22824] syz.0.3841: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1058.779379][T22824] CPU: 0 UID: 0 PID: 22824 Comm: syz.0.3841 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1058.779399][T22824] Tainted: [L]=SOFTLOCKUP
[ 1058.779403][T22824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1058.779409][T22824] Call Trace:
[ 1058.779413][T22824]  <TASK>
[ 1058.779418][T22824]  dump_stack_lvl+0x16c/0x1f0
[ 1058.779438][T22824]  warn_alloc+0x248/0x3a0
[ 1058.779450][T22824]  ? __pfx_warn_alloc+0x10/0x10
[ 1058.779465][T22824]  ? kfree+0x2f8/0x6e0
[ 1058.779480][T22824]  ? __get_vm_area_node+0x2cd/0x330
[ 1058.779497][T22824]  ? __get_vm_area_node+0x2cd/0x330
[ 1058.779510][T22824]  ? __get_vm_area_node+0x1dc/0x330
[ 1058.779522][T22824]  ? __get_vm_area_node+0x208/0x330
[ 1058.779539][T22824]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[ 1058.779555][T22824]  ? post_alloc_hook+0x19e/0x220
[ 1058.779574][T22824]  ? bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.779595][T22824]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1058.779611][T22824]  ? should_fail_alloc_page+0xee/0x130
[ 1058.779628][T22824]  ? rcu_is_watching+0x12/0xc0
[ 1058.779639][T22824]  ? trace_mm_page_alloc+0x11b/0x180
[ 1058.779653][T22824]  ? bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.779670][T22824]  __vmalloc_node_noprof+0xad/0xf0
[ 1058.779685][T22824]  ? bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.779703][T22824]  __vmalloc_noprof+0xa3/0x120
[ 1058.779718][T22824]  ? __pfx___vmalloc_noprof+0x10/0x10
[ 1058.779731][T22824]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1058.779745][T22824]  ? is_bpf_text_address+0x94/0x1a0
[ 1058.779757][T22824]  ? apparmor_capable+0x1d7/0x4e0
[ 1058.779773][T22824]  bpf_prog_alloc_no_stats+0x58/0x600
[ 1058.779789][T22824]  ? security_capable+0x7e/0x260
[ 1058.779804][T22824]  bpf_prog_alloc+0x3b/0x230
[ 1058.779820][T22824]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1058.779833][T22824]  bpf_prog_load+0x19bc/0x2c70
[ 1058.779844][T22824]  ? _parse_integer_limit+0x17f/0x1d0
[ 1058.779861][T22824]  ? __pfx_bpf_prog_load+0x10/0x10
[ 1058.779876][T22824]  ? find_held_lock+0x2b/0x80
[ 1058.779905][T22824]  __sys_bpf+0x3e72/0x4980
[ 1058.779920][T22824]  ? __pfx___sys_bpf+0x10/0x10
[ 1058.779933][T22824]  ? find_held_lock+0x2b/0x80
[ 1058.779952][T22824]  ? find_held_lock+0x2b/0x80
[ 1058.779972][T22824]  ? __mutex_unlock_slowpath+0x161/0x790
[ 1058.779997][T22824]  ? fput+0x70/0xf0
[ 1058.780006][T22824]  ? ksys_write+0x1ac/0x250
[ 1058.780020][T22824]  ? __pfx_ksys_write+0x10/0x10
[ 1058.780037][T22824]  __ia32_sys_bpf+0x76/0xe0
[ 1058.780050][T22824]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1058.780066][T22824]  __do_fast_syscall_32+0xe8/0x680
[ 1058.780077][T22824]  do_fast_syscall_32+0x32/0x80
[ 1058.780087][T22824]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1058.780100][T22824] RIP: 0023:0xf701d579
[ 1058.780110][T22824] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1058.780120][T22824] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[ 1058.780131][T22824] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[ 1058.780138][T22824] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[ 1058.780144][T22824] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1058.780150][T22824] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1058.780156][T22824] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1058.780170][T22824]  </TASK>
[ 1058.780174][T22824] Mem-Info:
[ 1058.898517][T22824] active_anon:3563 inactive_anon:681 isolated_anon:0
[ 1058.898517][T22824]  active_file:2589 inactive_file:600 isolated_file:0
[ 1058.898517][T22824]  unevictable:1768 dirty:76 writeback:0
[ 1058.898517][T22824]  slab_reclaimable:7075 slab_unreclaimable:70537
[ 1058.898517][T22824]  mapped:30097 shmem:4639 pagetables:1092
[ 1058.898517][T22824]  sec_pagetables:341 bounce:0
[ 1058.898517][T22824]  kernel_misc_reclaimable:0
[ 1058.898517][T22824]  free:41088 free_pcp:13198 free_cma:0
[ 1058.916210][T22824] Node 0 active_anon:68kB inactive_anon:208kB active_file:108kB inactive_file:176kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1044kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8096kB pagetables:1484kB sec_pagetables:1180kB all_unreclaimable? yes Balloon:0kB
[ 1058.926229][T22824] Node 1 active_anon:14184kB inactive_anon:2516kB active_file:10248kB inactive_file:2224kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:119344kB dirty:296kB writeback:0kB shmem:15020kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6436kB pagetables:2784kB sec_pagetables:184kB all_unreclaimable? no Balloon:0kB
[ 1058.936864][T22824] Node 0 DMA free:2016kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28kB inactive_anon:32kB active_file:108kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:296kB local_pcp:56kB free_cma:0kB
[ 1058.946886][T22824] lowmem_reserve[]: 0 290 290 290 290
[ 1058.948730][T22824] Node 0 DMA32 free:25852kB boost:10240kB min:23572kB low:26904kB high:30236kB reserved_highatomic:0KB free_highatomic:0KB active_anon:40kB inactive_anon:176kB active_file:0kB inactive_file:176kB unevictable:3536kB writepending:8kB zspages:984kB present:1032196kB managed:297632kB mlocked:0kB bounce:0kB free_pcp:500kB local_pcp:96kB free_cma:0kB
[ 1058.959153][T22824] lowmem_reserve[]: 0 0 0 0 0
[ 1058.961215][T22824] Node 1 DMA32 free:136256kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:14184kB inactive_anon:2516kB active_file:10248kB inactive_file:2224kB unevictable:3536kB writepending:296kB zspages:3748kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:52912kB local_pcp:13168kB free_cma:0kB
[ 1058.972855][T22824] lowmem_reserve[]: 0 0 0 0 0
[ 1058.974463][T22824] Node 0 DMA: 2*4kB (UM) 15*8kB (UM) 4*16kB (UM) 19*32kB (UM) 1*64kB (M) 1*128kB (M) 2*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2016kB
[ 1058.979512][T22824] Node 0 DMA32: 815*4kB (UME) 260*8kB (UME) 96*16kB (UM) 149*32kB (UME) 76*64kB (UM) 37*128kB (UM) 8*256kB (UM) 5*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 25852kB
[ 1058.984838][T22824] Node 1 DMA32: 72*4kB (ME) 870*8kB (UME) 893*16kB (UME) 95*32kB (UME) 140*64kB (UME) 306*128kB (UME) 214*256kB (U) 7*512kB (U) 5*1024kB (U) 0*2048kB 0*4096kB = 136192kB
[ 1058.990913][T22824] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1058.993921][T22824] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1058.996864][T22824] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1059.000278][T22824] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1059.019386][T22824] 8807 total pagecache pages
[ 1059.020925][T22824] 1055 pages in swap cache
[ 1059.022378][T22824] Free swap  = 91048kB
[ 1059.023700][T22824] Total swap = 124996kB
[ 1059.025041][T22824] 524155 pages RAM
[ 1059.026298][T22824] 0 pages HighMem/MovableOnly
[ 1059.027816][T22824] 208854 pages reserved
[ 1059.049585][T22824] 0 pages cma reserved
[ 1059.150558][T16863] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[ 1059.182443][T22836] QAT: failed to copy from user.
[ 1059.216249][T22833] comedi comedi0: c6xdigio: I/O port conflict (0x1,3)
[ 1059.218938][T22833] ------------[ cut here ]------------
[ 1059.222161][T22833] kernfs: can not remove 'bind', no directory
[ 1059.224419][T22833] WARNING: fs/kernfs/dir.c:1709 at 0x0, CPU#3: syz.0.3845/22833
[ 1059.226916][T22833] Modules linked in:
[ 1059.229784][T22833] CPU: 3 UID: 0 PID: 22833 Comm: syz.0.3845 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1059.233556][T22833] Tainted: [L]=SOFTLOCKUP
[ 1059.235041][T22833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1059.238586][T22833] RIP: 0010:kernfs_remove_by_name_ns+0xf8/0x100
[ 1059.240684][T22833] Code: 00 09 e8 ab da 55 ff 48 89 df 31 db e8 a1 a2 ff ff 48 89 ef e8 b9 54 30 ff eb b1 e8 92 da 55 ff 48 8d 3d eb 44 25 0e 4c 89 ee <67> 48 0f b9 3a eb ba 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1059.248411][T22833] RSP: 0018:ffffc90003e0f6f0 EFLAGS: 00010293
[ 1059.250759][T22833] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff85e03e72
[ 1059.253304][T22833] RDX: ffff88802681a4c0 RSI: ffffffff8c2118c0 RDI: ffffffff908d16b0
[ 1059.255899][T22833] RBP: ffffffff8f2ab780 R08: 0000000000000001 R09: 0000000000000000
SYZFAIL: failed to recv rpc
[ 1059.258515][T22833] R10: 0000000000000000 R11: 000000005ad536ec R12: 0000000000000000
[ 1059.262445][T22833] R13: ffffffff8c2118c0 R14: 0000000000000000 R15: ffff88804aa01800
[ 1059.265039][T22833] FS:  0000000000000000(0000) GS:ffff888097a5b000(0063) knlGS:00000000f53ecb40
[ 1059.267898][T22833] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1059.270480][T22833] CR2: 00000000f72e0bb4 CR3: 0000000071377000 CR4: 0000000000352ef0
[ 1059.273106][T22833] Call Trace:
[ 1059.274297][T22833]  <TASK>
[ 1059.275269][T22833]  driver_remove_file+0x4a/0x60
[ 1059.276911][T22833]  bus_remove_driver+0x224/0x2c0
[ 1059.278579][T22833]  driver_unregister+0x76/0xb0
[ 1059.283702][T22833]  comedi_device_detach_locked+0x12f/0xa50
[ 1059.285698][T22833]  comedi_device_detach+0x67/0xb0
[ 1059.287431][T22833]  comedi_device_attach+0x43d/0x900
[ 1059.289542][T22833]  do_devconfig_ioctl+0x1b1/0x710
[ 1059.289630][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[ 1059.291344][T22833]  ? comedi_unlocked_ioctl+0x167/0x2ee0
[ 1059.295818][T22833]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[ 1059.297611][T22833]  ? kasan_save_track+0x14/0x30
[ 1059.299966][T22833]  ? kasan_save_free_info+0x3b/0x60
[ 1059.301657][T22833]  ? __kasan_slab_free+0x5f/0x80
[ 1059.303252][T22833]  ? kfree+0x2f8/0x6e0
[ 1059.304562][T22833]  ? tomoyo_path_number_perm+0x470/0x580
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1059.306428][T22833]  ? security_file_ioctl_compat+0x9b/0x240
[ 1059.308398][T22833]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[ 1059.310579][T22833]  ? __do_fast_syscall_32+0xe8/0x680
[ 1059.312280][T22833]  comedi_unlocked_ioctl+0x165d/0x2ee0
[ 1059.314064][T22833]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1059.316011][T22833]  ? kasan_quarantine_put+0x10a/0x240
[ 1059.318564][T22833]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1059.320655][T22833]  ? find_held_lock+0x2b/0x80
[ 1059.322219][T22833]  ? tomoyo_path_number_perm+0x295/0x580
[ 1059.324001][T22833]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1059.325749][T22833]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1059.327683][T22833]  comedi_compat_ioctl+0x1d0/0x960
[ 1059.329727][T22833]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1059.331588][T22833]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1059.333489][T22833]  ? do_vfs_ioctl+0x128/0x14f0
[ 1059.335068][T22833]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1059.336733][T22833]  ? hook_file_ioctl_common+0x144/0x410
[ 1059.338554][T22833]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1059.340693][T22833]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1059.342437][T22833]  __do_fast_syscall_32+0xe8/0x680
[ 1059.344133][T22833]  do_fast_syscall_32+0x32/0x80
[ 1059.345727][T22833]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1059.347745][T22833] RIP: 0023:0xf701d579
[ 1059.349442][T22833] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1059.355525][T22833] RSP: 002b:00000000f53ec55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1059.358146][T22833] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040946400
[ 1059.361208][T22833] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000
[ 1059.363753][T22833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1059.366288][T22833] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1059.368794][T22833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1059.371865][T22833]  </TASK>
[ 1059.372864][T22833] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1059.375299][T22833] CPU: 3 UID: 0 PID: 22833 Comm: syz.0.3845 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1059.378863][T22833] Tainted: [L]=SOFTLOCKUP
[ 1059.380296][T22833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1059.383791][T22833] Call Trace:
[ 1059.384857][T22833]  <TASK>
[ 1059.385840][T22833]  dump_stack_lvl+0x3d/0x1f0
[ 1059.387343][T22833]  vpanic+0x640/0x6f0
[ 1059.388635][T22833]  panic+0xca/0xd0
[ 1059.389846][T22833]  ? __pfx_panic+0x10/0x10
[ 1059.391417][T22833]  ? check_panic_on_warn+0x1f/0xb0
[ 1059.393064][T22833]  check_panic_on_warn+0xab/0xb0
[ 1059.394674][T22833]  __warn+0x108/0x3c0
[ 1059.396030][T22833]  __report_bug+0x2a0/0x520
[ 1059.397456][T22833]  ? __pfx___report_bug+0x10/0x10
[ 1059.399099][T22833]  ? bus_remove_driver+0x92/0x2c0
[ 1059.400725][T22833]  report_bug_entry+0xb2/0x220
[ 1059.402269][T22833]  ? kernfs_remove_by_name_ns+0xf8/0x100
[ 1059.404043][T22833]  handle_bug+0x18a/0x260
[ 1059.405426][T22833]  exc_invalid_op+0x17/0x50
[ 1059.406927][T22833]  asm_exc_invalid_op+0x1a/0x20
[ 1059.408466][T22833] RIP: 0010:kernfs_remove_by_name_ns+0xf8/0x100
[ 1059.410426][T22833] Code: 00 09 e8 ab da 55 ff 48 89 df 31 db e8 a1 a2 ff ff 48 89 ef e8 b9 54 30 ff eb b1 e8 92 da 55 ff 48 8d 3d eb 44 25 0e 4c 89 ee <67> 48 0f b9 3a eb ba 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1059.416439][T22833] RSP: 0018:ffffc90003e0f6f0 EFLAGS: 00010293
[ 1059.418385][T22833] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff85e03e72
[ 1059.420900][T22833] RDX: ffff88802681a4c0 RSI: ffffffff8c2118c0 RDI: ffffffff908d16b0
[ 1059.423361][T22833] RBP: ffffffff8f2ab780 R08: 0000000000000001 R09: 0000000000000000
[ 1059.425828][T22833] R10: 0000000000000000 R11: 000000005ad536ec R12: 0000000000000000
[ 1059.428294][T22833] R13: ffffffff8c2118c0 R14: 0000000000000000 R15: ffff88804aa01800
[ 1059.430690][T22833]  ? bus_remove_driver+0x92/0x2c0
[ 1059.432283][T22833]  driver_remove_file+0x4a/0x60
[ 1059.433818][T22833]  bus_remove_driver+0x224/0x2c0
[ 1059.435379][T22833]  driver_unregister+0x76/0xb0
[ 1059.436928][T22833]  comedi_device_detach_locked+0x12f/0xa50
[ 1059.438757][T22833]  comedi_device_detach+0x67/0xb0
[ 1059.440296][T22833]  comedi_device_attach+0x43d/0x900
[ 1059.441905][T22833]  do_devconfig_ioctl+0x1b1/0x710
[ 1059.443452][T22833]  ? comedi_unlocked_ioctl+0x167/0x2ee0
[ 1059.445144][T22833]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[ 1059.446966][T22833]  ? kasan_save_track+0x14/0x30
[ 1059.448481][T22833]  ? kasan_save_free_info+0x3b/0x60
[ 1059.450074][T22833]  ? __kasan_slab_free+0x5f/0x80
[ 1059.451620][T22833]  ? kfree+0x2f8/0x6e0
[ 1059.452877][T22833]  ? tomoyo_path_number_perm+0x470/0x580
[ 1059.454621][T22833]  ? security_file_ioctl_compat+0x9b/0x240
[ 1059.456476][T22833]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[ 1059.458273][T22833]  ? __do_fast_syscall_32+0xe8/0x680
[ 1059.460001][T22833]  comedi_unlocked_ioctl+0x165d/0x2ee0
[ 1059.461814][T22833]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1059.463760][T22833]  ? kasan_quarantine_put+0x10a/0x240
[ 1059.465451][T22833]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1059.467138][T22833]  ? find_held_lock+0x2b/0x80
[ 1059.468627][T22833]  ? tomoyo_path_number_perm+0x295/0x580
[ 1059.470382][T22833]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1059.472139][T22833]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1059.474016][T22833]  comedi_compat_ioctl+0x1d0/0x960
[ 1059.475644][T22833]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1059.477369][T22833]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1059.479221][T22833]  ? do_vfs_ioctl+0x128/0x14f0
[ 1059.480713][T22833]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1059.482381][T22833]  ? hook_file_ioctl_common+0x144/0x410
[ 1059.484086][T22833]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[ 1059.485863][T22833]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1059.487568][T22833]  __do_fast_syscall_32+0xe8/0x680
[ 1059.489147][T22833]  do_fast_syscall_32+0x32/0x80
[ 1059.490679][T22833]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1059.492653][T22833] RIP: 0023:0xf701d579
[ 1059.493934][T22833] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1059.499851][T22833] RSP: 002b:00000000f53ec55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1059.502415][T22833] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040946400
[ 1059.504825][T22833] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000
[ 1059.507293][T22833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1059.509693][T22833] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1059.512062][T22833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1059.514538][T22833]  </TASK>
[ 1059.516267][T22833] Kernel Offset: disabled
[ 1059.517643][T22833] Rebooting in 86400 seconds..