last executing test programs:

3m54.322018482s ago: executing program 1 (id=4740):
r0 = syz_clone3(&(0x7f0000000080)={0x180801400, &(0x7f0000000000), 0x0, 0x0, {0x3d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
setpriority(0x1, r0, 0x4)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x2})
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000300)={0x0, 'veth0_to_bridge\x00', {0x2}})
socket$kcm(0x2, 0xa, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
r4 = dup2(r3, r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCDELRT(r4, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x3f00, 0x590043, r5})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xb, 0x1c, &(0x7f0000000500)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x1, 0x10, 0x5, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x2, &(0x7f00000006c0)=[0xffffffffffffffff], &(0x7f0000000700)=[{0x5, 0x1, 0x5, 0x9}, {0x0, 0x3, 0xf, 0x7}], 0x10, 0x7fff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x17, 0x13, &(0x7f0000000940)=@raw=[@cb_func={0x18, 0x6, 0x4, 0x0, 0x80000003}, @ringbuf_query, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback=0x11, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x2, 0xb, 0x1, 0x3ff}, 0x10, 0x0, r6, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt(0xffffffffffffffff, 0x114, 0x271f, 0x0, 0x0)
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000080)={0x6, 0x4, 0x5})
socket(0x15, 0x5, 0x0)

3m54.215121666s ago: executing program 1 (id=4741):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r2)
mount(0x0, 0x0, &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r1, &(0x7f0000000100)='smaps\x00')
syz_usb_disconnect(0xffffffffffffffff)
close_range(r0, 0xffffffffffffffff, 0x0)

3m53.467239914s ago: executing program 1 (id=4747):
r0 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x4206, r0)
ptrace(0x4207, r0)

3m52.526739296s ago: executing program 1 (id=4753):
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
listen(0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
recvmmsg(r0, &(0x7f0000001e80), 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x93, 0x9, 0x0, 0xfffffe0000000001, 0xfa4f, 0x2}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a010800000000000000000100000b0900030073797a32000000000900010073797a300000000060000000060a010400000000000000000100000008000b40000000000900010073797a300000000038000480340001800a0001006d61746368000000240002800c000300b07346e358c219250b0001006367726f757000000800"], 0xd4}}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
io_uring_setup(0x549c, &(0x7f0000000000)={0x0, 0x70e6, 0x2, 0x0, 0x1ca})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000080)=ANY=[@ANYBLOB="f572c10000a88c43c226f0a6380778c72739a0", @ANYRESOCT=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
mmap$snddsp(&(0x7f00001fe000/0x2000)=nil, 0x2000, 0x300000a, 0x80010, r2, 0xd000)
unshare(0x6a040000)
mmap(&(0x7f00005f7000/0x1000)=nil, 0x1000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110e22fff6)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0x4004743d, 0x110e22fff6)
io_setup(0x81, &(0x7f0000001440)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x800, r5, 0x0, 0x0, 0x0, 0x0, 0x2}])
close_range(r3, 0xffffffffffffffff, 0x0)
openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)

3m49.673649058s ago: executing program 1 (id=4759):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c0003c3bfa30000000000000703000020feffff7a0bf0fff8ffffff71a4f0ff000000006c040000000000006d400500000000003400000001ed00007b030000000000001d440000000000007a0a00fe00ffffffc303000041000000b7000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd5ef5681b36a30c6471a4bc4d82e4fee5bef7af9aa0d7f300c095199fe3ff31e9883a2a98e64e39732c9cc00eec363e4a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe3326a404000000000000006d31cb467600ade7ee63e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62f84f3a10746443d64364c82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49e7e383dc5049036b98fb685123b2731514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59601894183a0f95b72df859d5cf25a02a9f6ebb047b96d338666590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c0200a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d14017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744dccc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19fa367256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08c63b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a9245f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31cb6b9ce97f03ca91a01ba2c60ca99e8ebc15ece1ff1675767999d146aef7799738b292fd64bbca48568304b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c655a22d490300800a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d99000518a130f9d01c4b45294fbba468df3e1b393cb4e62e7545010000000000000094bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58588cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d9953243e2bb42b197cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1021829f1a57d3f18f4edaeb5d37918e6fddc785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db6019037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2b8100000000000000f5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f3366bca2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6e0e0d383ffce01881a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e140792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c71411c928d8b894d9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f24b72edcff33a40c1b791830ac2478734c8dc0c40ad4072c08dbcfbbb8dc071897d76a410dab1dc7d2aa509b9ef21ac2b2389c2aac7048addbac53cedba2c20fbe18acd5b546102e3e3af296681b0db7ce9b878024bcd504480de0a65df48ae310633c9f7accfa2a5527af3df8cdbc2817cae9b6ff827ea5f850a23fc0f46650d99eaad66119015ef840893fc3348d4fbce1b6b6906bcddff1e825d923b64fd383b1e776a566f2b702f2f4a464ecf3408ed97ffe8b1c813713f1712c48be3ebe6ad7c24c7467c7474c589a08f883a5e7bda74fc0c741eb2bc408a4a9b0b66bec9bee32d7f620942258a7f5cafa2e3bd7b2197c3c77df319e494ef46dfc4eae680d219536f0aa8b1ba291eb2abb0adf8154e00000000000000000000000000000000000046cb14b77f134ec5857b2e683fe6d5cccbf99508e8c8404863528c24da235923f18de34b48e89125a20a216836f6bcd1efc1dd74ac924d8ecfa6fe5f40d4ee50"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
pipe(&(0x7f00000045c0)={<r2=>0xffffffffffffffff})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
splice(r2, 0x0, r4, 0x0, 0x66, 0xc)
write$tun(r2, &(0x7f0000001040)=ANY=[@ANYRES16=r4, @ANYBLOB="fccbaf15a27e85d4d6d0e1704ff1897e6c1255f9673fddb32139214dbc70cc2565454842290092b2152bb5fe50a7181d4898a11d8533a58d88dbe86d21fae89438b4bf397391a43bf23e9edf8ecbd2cadbe215ff1796e0b8dc353b62650dcec0566808a75e3bcfc151543d01eb0ea89172b8a54de6b8abd6b8aa42c06cd3adbf5a4dddd15d453aa319f8", @ANYRESHEX=r1, @ANYRES8=r4, @ANYRES64=r4, @ANYRES64, @ANYBLOB="f750fbcb40be5f893d29659085b57c5ac52be154a2f7580fe3b9ee1446343e82fdd865042e5875d4b01985139be828233e7019dddb6be27b7810daf64eb9ffb75ed026611bfd32d1121d1323c3c57514359c239bd4289d68c45accb7048f5f87850819fb78022510d2cb6605adb7270bfd70dd0bd7"], 0x36)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r5 = open(&(0x7f00000002c0)='.\x00', 0x80000, 0x128)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x1c4)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r7 = syz_open_procfs(0x0, &(0x7f0000000080)='net/sctp\x00')
r8 = open_tree(r7, &(0x7f0000000640)='\x00', 0x89901)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000640)=0x15)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r10=>0x0})
r11 = getuid()
r12 = openat$tun(0xffffff9c, &(0x7f0000001180), 0x200900, 0x0)
ioctl$TUNSETSTEERINGEBPF(r12, 0x800454e0, &(0x7f00000011c0)=r5)
setsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x11, &(0x7f0000000f40)={{{@in=@loopback, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e23, 0x5, 0x4e21, 0x0, 0xa, 0x1a0, 0x20, 0x2c, r10, r11}, {0xfffffffffffffffe, 0xb268, 0x8, 0x3, 0x8, 0x8, 0x8, 0x9}, {0x7, 0xd76, 0xffffffffffff1dac, 0xffffffffffffffff}, 0xe, 0x6e6bb6, 0x2, 0x0, 0x0, 0x3}, {{@in=@local, 0x4d4, 0x32}, 0x2, @in=@remote, 0x3501, 0x4, 0x3, 0x15, 0xd6, 0x0, 0x46}}, 0xe4)
move_mount(r8, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r5, 0x40049366, 0x0)

3m48.620760019s ago: executing program 1 (id=4761):
r0 = socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x6d}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xc4}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
memfd_create(&(0x7f0000000040)='\x00\x00@Z\x82\x1f\xd7\xdc\xe8\x01\x17\xf4\xd6z\xfeJ\xd4k\x01\x00\x00\x00\xb4\xa4\xc4\x85s\xedz\xef\x96\xe4:\xec\xb4ZB\x9elG\xfa+q\xa2w\x8d\x991\xc7\xef\x91\xcbZ\xd4\x0f\"U\xbc\x02k\xf4m\x9fXr\x1a\xb9\xc3\xfdaf\xec\xa7\xc2W]\xd8\x1d\xdel\x94\xfd\xd7\xde\x84\xf1n\xc5G\x89\x0e\xa1$6\x06*\x16\xc7\xf6i\xd6r\xcb\xe7Z\xdc\x82\x97\x89\xd3\x80i\xc00\x90\xee\xd6\xc4%,\xaa\f\xf0ra\x98\xca\xc6\x87\xb3\x85\xcc\xe3\x06\xc9\xcc\xe7do\xd8 8\x04\xe1\xa9R\xa0\xe1M\x10\xaa4!\x8f\xcez\x81F\x81\xcd\xdd\x1b\xa7\x85\b\xad)3s\x9f\x90\x85\x82\x1d\xc7\x80h\x87\xa2N\x80\xbf\xf5\xfe\xb9\'QC\xe7d\xc1\x16$\xb1\xd6\x85\xb9[\x16!\xf7{r\x01\x00\x00\x00\x00\x00\x00\x00\xb9#\xe0\xe0\r\x84\xa5\xb5\xe3U\xb3B\x84-\xce\x18!z\xe7\xcd\x93\x9e\xb9#\x8d\x8d\r\x1bD\x05#\xf3$A\xd1\xf5i\x87\x05\xedCo\x92\x84\xfe\x11$p\xab\xbb\n\x19\xe4\xf5t-x\xf3\a\x05n\x13\xe3X\x03\xe2\x04Y9/br\xb0\\\xdcDY\xd9\r\n\xe3Y}\x97,G\xf2\tC\xf3*\x9e\x8c]\x03\x9bt\x85{v3\xdd\x9f\xbc\a\x9eo5\xa2\xe3%\xcd\x19C\xbd*\xdb\xd8\xfe\x9f\xf2%~\xafH\v\x7fh\x88P?\xb8\x94\x8f\x9a\x87\x1c\xfb\x10\x032\xec\x0e\"\xc9\x89\xbd*\xf7\xfd\x17\xbb!\xebN\xe5\x17\xc4\xc7$\x11\xf0\x00G4\n\f\x95\x04\xae}\x81\xc5d\x17\xe4)\xd8\x12\xe6; ,\x0e7\xc1\x81lx', 0x1)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b2b, &(0x7f0000000040)={'dummy0\x00', @random="008000"})
ioctl(r0, 0x8b2a, &(0x7f0000000040))
prctl$PR_SET_THP_DISABLE(0x29, 0x1)

3m32.603502694s ago: executing program 32 (id=4761):
r0 = socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x6d}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xc4}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
memfd_create(&(0x7f0000000040)='\x00\x00@Z\x82\x1f\xd7\xdc\xe8\x01\x17\xf4\xd6z\xfeJ\xd4k\x01\x00\x00\x00\xb4\xa4\xc4\x85s\xedz\xef\x96\xe4:\xec\xb4ZB\x9elG\xfa+q\xa2w\x8d\x991\xc7\xef\x91\xcbZ\xd4\x0f\"U\xbc\x02k\xf4m\x9fXr\x1a\xb9\xc3\xfdaf\xec\xa7\xc2W]\xd8\x1d\xdel\x94\xfd\xd7\xde\x84\xf1n\xc5G\x89\x0e\xa1$6\x06*\x16\xc7\xf6i\xd6r\xcb\xe7Z\xdc\x82\x97\x89\xd3\x80i\xc00\x90\xee\xd6\xc4%,\xaa\f\xf0ra\x98\xca\xc6\x87\xb3\x85\xcc\xe3\x06\xc9\xcc\xe7do\xd8 8\x04\xe1\xa9R\xa0\xe1M\x10\xaa4!\x8f\xcez\x81F\x81\xcd\xdd\x1b\xa7\x85\b\xad)3s\x9f\x90\x85\x82\x1d\xc7\x80h\x87\xa2N\x80\xbf\xf5\xfe\xb9\'QC\xe7d\xc1\x16$\xb1\xd6\x85\xb9[\x16!\xf7{r\x01\x00\x00\x00\x00\x00\x00\x00\xb9#\xe0\xe0\r\x84\xa5\xb5\xe3U\xb3B\x84-\xce\x18!z\xe7\xcd\x93\x9e\xb9#\x8d\x8d\r\x1bD\x05#\xf3$A\xd1\xf5i\x87\x05\xedCo\x92\x84\xfe\x11$p\xab\xbb\n\x19\xe4\xf5t-x\xf3\a\x05n\x13\xe3X\x03\xe2\x04Y9/br\xb0\\\xdcDY\xd9\r\n\xe3Y}\x97,G\xf2\tC\xf3*\x9e\x8c]\x03\x9bt\x85{v3\xdd\x9f\xbc\a\x9eo5\xa2\xe3%\xcd\x19C\xbd*\xdb\xd8\xfe\x9f\xf2%~\xafH\v\x7fh\x88P?\xb8\x94\x8f\x9a\x87\x1c\xfb\x10\x032\xec\x0e\"\xc9\x89\xbd*\xf7\xfd\x17\xbb!\xebN\xe5\x17\xc4\xc7$\x11\xf0\x00G4\n\f\x95\x04\xae}\x81\xc5d\x17\xe4)\xd8\x12\xe6; ,\x0e7\xc1\x81lx', 0x1)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b2b, &(0x7f0000000040)={'dummy0\x00', @random="008000"})
ioctl(r0, 0x8b2a, &(0x7f0000000040))
prctl$PR_SET_THP_DISABLE(0x29, 0x1)

2m56.930933797s ago: executing program 0 (id=4979):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1900"], 0x50)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x300, 0x3f, 0x32, 0x1, 0x0, 0x0, {0x700, 0xfd}, {}, {}, {0x0, 0x0, 0xfffffffc}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, 0x0, 0xe07, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x3})

2m56.348733329s ago: executing program 0 (id=4984):
r0 = socket(0x10, 0x3, 0x0)
r1 = syz_open_dev$dvb_frontend(&(0x7f0000000040), 0x0, 0x0)
ioctl$FE_SET_PROPERTY(r1, 0x40086f52, &(0x7f0000000180)={0xe, &(0x7f00000001c0)=[{0x15, '\x00', @st={0x4, [{0x3, @svalue=0x1}, {0x0, @uvalue=0xff}, {0x1, @uvalue=0x5}, {0x0, @svalue=0x7}]}, 0x9}, {0x24, '\x00', @data, 0x80000001}]})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0x4}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x5}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x4000010)

2m56.231696421s ago: executing program 0 (id=4985):
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x140)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x439, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048001}, 0x4029044)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000900)=@mangle={'mangle\x00', 0x64, 0x6, 0x5e8, 0x3f8, 0x3f8, 0x2b8, 0xc8, 0x3f8, 0x550, 0x550, 0x550, 0x550, 0x550, 0x6, 0x0, {[{{@uncond, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@ipv6={@mcast1, @local, [0x0, 0xff], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa4, 0xe0}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@empty, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00', {}, {}, 0x0, 0x0, 0x1}, 0x0, 0xd0, 0x110, 0x0, {}, [@common=@unspec=@connmark={{0x2c}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0xfe, 0x1d, "a459ae9219ba8fc556fd8157057c848f07e377990d4f4a32e458bde7de8b"}}}, {{@uncond, 0x0, 0xec, 0x110, 0x0, {}, [@common=@hbh={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}}]}, @inet=@DSCP={0x24, 'DSCP\x00', 0x0, {0xfd}}}, {{@uncond, 0x0, 0x11c, 0x158, 0x0, {}, [@common=@ah={{0x30}, {[0x4d6, 0x4d4], 0x2, 0x8, 0x2}}, @common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x1}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x644)
socket$inet_tcp(0x2, 0x1, 0x0)
ptrace$ARCH_SET_GS(0x1e, r2, 0x0, 0x1001)
r6 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2)
ioctl$VIDIOC_G_FMT(r6, 0xc0cc5604, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
write$P9_RVERSION(r0, &(0x7f0000000c40)=ANY=[], 0x13)
socket(0x2, 0x80805, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000200)={<r8=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r7, 0x84, 0x7a, &(0x7f0000000240)={r8, @in={{0x2, 0x4e20, @empty}}}, &(0x7f0000000040)=0x84)

2m52.777611859s ago: executing program 0 (id=4993):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x2125099, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x1)
r0 = openat$vicodec0(0xffffff9c, &(0x7f0000000600), 0x2, 0x0)
r1 = openat2(0xffffffffffffffff, &(0x7f0000000640)='./file0/../file0\x00', &(0x7f0000000680)={0x143e02, 0xc0, 0x19}, 0x18)
r2 = openat$null(0xffffff9c, &(0x7f00000006c0), 0xc0480, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000700), 0x9, 0x2001)
r5 = getpid()
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000180), 0x4, 0x2000000000000357, 0x0, r5}}, 0x3c)
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x38, 0x1403, 0x1, 0xffffffff, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0xff8f, 0x33, 'vlan1\x00'}}]}, 0x38}, 0x1, 0x1000000, 0x0, 0x800}, 0x20000000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000740)={{0x1, 0x1, 0x18, <r8=>0xffffffffffffffff}, './file0\x00'})
r9 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000780), 0x81, 0x0)
r10 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r11 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r11, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r12, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r13 = dup3(r12, r11, 0x0)
ioctl$BINDER_WRITE_READ(r13, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r13, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f00000005c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000019200)={@flat=@binder={0x73622a85, 0xb, 0x2}, @fd={0x66642a85, 0x0, r11}, @ptr={0x70742a85, 0x0, &(0x7f0000019140)=""/171, 0xab, 0x1, 0xa}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000840)=[{{&(0x7f0000000140)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000580)=[{&(0x7f0000000400)="f8814a22d56fae2df2fbda7e0d13259f70185b24b189db2155252dfa7687c89517f2b10b61787689ad629b267fe7a5810947f54d5cae5d25567b4469dd1860e217335815b4c51a20eab2dc88fe0c0ef2bd73b107cb86a17a4f1fa3501e86090bd588f6529f25c4eadd75caf74b619917f133f8e7e7349e9d695da698d63ee9869ec2da57fa8b6a889d2ab7782968110ab71db74af5c1e5ade5d4fa", 0x9b}, {&(0x7f00000004c0)="68737ac985a40ec644937a7ae8235190e38276816932fd6096ca71ae9bb369f1a478f4d5fbf23a43868c9bb1e85da0dceb9d7f6544c460c98e94d52faf9352f9bb38ab45db91f80c29c4a8d9f8e55d854749da7b2cb8cf1db3ac738b92fcbbe0e726b25566cfb00b33a033a9ef452d5b6a397bd13d184783e2c6f852352257d75d82a6c795d94f1d18dde957647e545e6e14fcb766930c9e8869c929cba0a197f5d2e61d6abdef", 0xa7}], 0x2, &(0x7f00000007c0)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r0, r1, 0xffffffffffffffff, r2, r3, 0xffffffffffffffff, 0xffffffffffffffff, r4]}}, @rights={{0x24, 0x1, 0x1, [r6, r7, r8, r9, r10, r13]}}], 0x54, 0x8010}}], 0x1, 0x4)

2m52.469638294s ago: executing program 0 (id=4997):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{}]}]}}, 0x0, 0x2e}, 0x28)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)=""/237, 0xed)

2m51.976812605s ago: executing program 0 (id=5001):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90) (async)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8b2b, &(0x7f0000000040)={'bond_slave_1\x00', @random}) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
setresuid(0xee01, 0xee01, 0xee00) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4f}, 0x94) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2m51.827298665s ago: executing program 33 (id=5001):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90) (async)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8b2b, &(0x7f0000000040)={'bond_slave_1\x00', @random}) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
setresuid(0xee01, 0xee01, 0xee00) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4f}, 0x94) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

5.550875097s ago: executing program 3 (id=5963):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x6f, &(0x7f0000000100)={@local, @random="d7f95018e7e5", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x61, 0xfffc, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x8, 0x10, 0x0, 0x0, 0x2d9, {[@timestamp={0x8, 0xa, 0x29, 0xac}]}}, {"b269434705169a0e7f47e0e358ee0d29135d5a92b6415d74e7514d2bdea37352a6cbe05bb9bbc713cbcb58ef21"}}}}}}, 0x0)

5.497295121s ago: executing program 3 (id=5964):
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x52)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, 0x0, &(0x7f0000000280))
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x200000, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f0000006300), 0x2000, &(0x7f00000041c0)={&(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x22110039, 0x1000, 0x0, 0x7ff, 0x58, 0x0, 0x0, 0x6, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004300)="d5c2280baf4e05cfa1d1112770cf43a123827586f0f2675b130041ff58ba6533ea7947f2f65b1d458fe88a96133ea3927f41fa6976fad8c967c88679769ee674b80debcd1ec6ce1eb490888bd66a52141fa82f51882b22a8e36ff462b51560307cd0048156800ad137f359719a9c5d6ad6a8c999984f22461c4ca6614ca4cbbd5e9103a3459228e3bd35e3c1cd5f2a83fbefafe7c5a39617ba1d856f37977da077ffcf4d52f5bb3feffa9e100b0279cb635a61ae9f5f4491bb1c9f04c041818a1ae9a25cbca38c4b4754a8be4f52db20ca464b3b4faf0ea8ff193b414e7b7a4ec8aec2e77adc43d09c62d37fc0aa6296a56a9445f264a245d41e77de43c2694cc5885ebd454a3b78b60172e3e6a2fd79efa8b5fbbe827512aa0656920858da51616244ad32e53ed039a270c042662bc966a8fa05e23a51c76585a6f753e57c63b5a1dd11c4ce8773702c5c759471b79ee9bed600d99853afda9b675f071bdf6ff4eb99cb1ae0128ac1f8132f9b7bef82221276395e59f1323c9f9f6bb937a9db0bc2088670ffc3e6233ba73d4e324df7bc866e84e82ab707ab8aadd593913dd3533cddb396e804a63155ad6911962bc49bad21faba90b5570b62d98eb5328214a7198b36ea6df9a72dc248311040e01539112e1d6bcb4ed9d7fb70d22768ec6603e4727b6ed2616eb9108524985ccd70f1361f68b1fb7088829acdd59ec5af9e84409737f0d852a3c55993cb7398b5640c458bc036115b86de7b8e68f1cff882ee5707040571c3e5c9602c773459cfecad4917d8ba2902bd64a676e2c6e507d06dbc806c13c0fd18175087440ce7d7300dfe745b8e98ac63b400e449a3f2518c6112c9864fde68f580ebc2d72e4bbd03f16a7289be813c258f02f76ce901afdafc69046c947c9e801ac635b2a95cca291c052c7f8149c92aaeaab41edb34a70604a7538c4bb6486b983416843fe6a65d7b828d66deb991e71526b7627e71c6a795a02e787bc561ec4b65d4742a129c59bc71b323850cb416f3d32494d6dbfe3ea73cb473b093ae0b0ebbbd3e3251ece756b3cc381f05ea1b8c3f7fbcbb16fc446fc084725e6c3a608221aad8d8179112f9e5ee3697346a0dc0645e530df523cf4daea14764c25da2da863adebaccefc2c83a9257b3131ac2fe04a27bf3aea8979b6f3091b4fef99e203725368d297bad3b020273d0b606d2368e2ecb0776349cb86bbcbaa5c910636527e3cbeca06b4135170d8808c5f113fcd77ecb2f099d1e663617a46ffc5275c8fcc339d315ca1583f66fe7a7e6430405c0be889826c07fcafa17f04e08bc39570a1f499092d390c5dba82d259f652307ff941e9f1f569a48144da846f14452df295553de6ef4e9ba0cd98dd16cf89d8bead08eacd4eea71cc5f8232349f2d8519b1172c724d3bbc415c19c9e679b5a96bc9051cf6f243f243366622023ab1b7039a89152e7db97f291bb3f0213c445c25caf5f0a5a2b382c841cd8a490dc97d008966e94ed0b5ce07bcc0c13b39c349e4b596147a633f3a73ab6012a1582d3d283293bd7c01f99cdbad8e18d24867c39ed0dc3fc3cc800edd23af24b225acb2cca5aa264bcda40e1432cf2cc0050efdff48fd49ae4225a983d1b12facbaaba73294eb225fff64a677d0ed2cd71bab61b3fde8a1fdae638d2036283a8a4ff5a548d05cb706f56ce7e3f55a688fa6c70393c53c33be11f34a38f61f80c8e94e50fc9d7c3695d234705bb9e0b2a8316cf54d7963f548d49f153bf796d0970ed1264c19d79eb77fd0aad4844796cec73a08206b9eca76f2ad76318a20d52e7d3338eac40d03775cca0c2b29a451cb10bc141289c2703198e7137200a360463000fab97d0da72a7b4e8aadfa8a2e559a7d06bf49d6d4a932cb29994ef7ca0c1beabf05b898bb2338e89a67373d50614300f13523fe451d4058e5a522d364ec884099ee3c6e6db8d4ec1e5dc08d127b6301a308a1d6798878c28ef828b91b529a22b7519d249a189a7eb942b94ce26148ea8bf16a44261cd9691ba980ec2d0c710dbee41756cb39b88213ad5763239ae7636e983580c41a40b0f3a3af9fa6f995ed1981d073f63a623554bb01869bdfda190bc8d9507cc067b897e1c5f0d087cf8dfcb171169541fa3cce7c3a620544c74f2d3234935a0acf6c804c43992812925cbaaa24f497e7a00efb20c45c7acb80adb3322cbe0f08d1015b40f5ae1366003ebea977b7b95f803487d10aedca3fd018cfa7b267dae604ed0ada202cbebd731f86b7c6764911d4ff0c75a318ee43b1b556781a149bbe392cb2d6bf72015912f4a120e47654d42d14107c67b4502b5ad62044d0022c7f8b255a3e46da4bb8f9e44515e4076ce7b1aefd57c4e264b2cbee4a9e8612ce8517b028067644c927a9ce7564449c8fb0471a87b9b76f374c7c2559379a3004326bdc91be5ec52672dc5fac0883ec527f2a1248601bb9267c3123568b815b90b40ba06c250e3068dee2d7fc232141eaaa130443a5775d049464ec454a7c980d9eebaa4f67a75075a6bc28ded9a5f07fe658a2b9eafa37f14055155409d1aa50be6343d13d515d0531b84644d2f58c280d6d008dee95607f67eb74c900f664d97f411f4ac6afc18f11b6fb75e78b3ff25680ed3bbf5b20969678475b86faa02a751e4cec87735645753f245047371c9e6e2e7ab5a9ea3182b4c96934a21b9df3628b478f5ef705aeda49a0609d4b8f5bf34424581557d029438306002fd4e9cff5a2d4e7d5e23c2992032d314b8fbb46ccda250070fc1b679c9c8646c5fe22d8fe2e0fff73d8153fc46ef7885aeaa2d1eabbe455544d46fdef8e3ef9debfe589870942bcc7196e62736e927c311782b5e4da2889d530a7c1550bff4909d2055941655cbcc5c924a477c80fc3b8a904cd9e62f5fb005b5b00154db5becbe327c0f3ec8314ef3fb53977ec24ff7d15aa83a13b23ab99c5332306023005d2dfb70d3ea2aefababd019ae16d304c083e38997cc94bdeb746fc151849c98dc2a23554e6fe789d3aba8bf4e31133c7f93a3cdcd884271dfdd2c45be398a5349ef5d08456178dfafa31cb4c607f09394d71b3405b3d615c7c59c125db88f72380140345d24c56094711dd833221d6b7c5864d049585605c1301c31982d19e403b601b797fe99d0bbfe30d647a913da72b4c5306f6123e7c572828308a9a8f4c686d07125d0006229c2e890ff7d3c354dde61ccd3b26069a81a98e112e61a930f253d607cda5023f002a09df6b1371638d9661c5a06bed166434f07120ad21476de8ad47296af4b449d581cddc74f9be42a84596fb0634f330a856216a9b32b080c8b66e9f51a758b9ca2e1215ddfe633714ca512032f6547217b1a60fcdb27ac8a04bc7851718b38607bc92c13118a323c3221bad99a8639762abcc4a08654da9938aeb301c55546f5ae7f61439dd883a1b2dede156a57c805ab12337d5381a2fb25b32916a8827fc4de8e2ecc70eeebeb01659d6bf88055477b863fb897d5db275a0c222d261e7df7b096858b721e57747fe8997faaf36f5f175b23dd3c5efb2b93fb5824da18d635cd7027a3b0b1c87e7c90a5681682b8a7c47dc82fdd3f329c7b60270100dec8ccdd310245b92f4b0bd9a92e1f2a5733b1b91966be15a4761b06f6fe3b05b60ee7964b4d028257c2210ca88031db0590190d3714c1b6ec86e2821dca03db2fc0c9f0ad9800d1773c8037e9b38c7eb7c99618b731e0526f8453c7e1bb67cffcc2d96cc297e1f917b13dd7dda2a8b12191ed107c1e076ffd4965b9415f830be97935cac23a87f07e26354273c2663c7ef19a27dfe08543fa057e1285c909051602981f5929078214058684bc80bed493f6ef853012cb654d180e414fd484f5cb2cfd06c9b753f417697ff42794649e05fcaa3d53ad0fdfbb0db57dc549115e59978b14dd621370d136176098af2f39a2de72482a29b616e8b308b3d9b46ac9abf3d57ff89fe59b5a97966cc4b97d06c20ee4fd765e1c2abce54dc271a7c7efe656648800c27a9988583b4b76572222cb28916b9ff5f6f649de93923179809405c879a90cb450f604cbe8af55cf2a6d844a59ab0393b394e09c79e1b3c403af6eba69330f6969f78a49eb7022e77a39363f11e07fcc69f670f63c11497352f3f5bfea0aee446da35428cebe28f1c2d23ef3ff97e16ceeb2f88ab19b2b69dcdcc81b947b483cc06c776c52232489f86f4c377eb38056042e2e9e0943fc0ef1490df472b9b244235598894a2ffc296f0a2e4257baca6a3ea8cfb1a22ea8295ab9e5faaa2a9e964ae7625dbf945cdbb369265f429d475ab69413cc5bcb89af57b1b966bd0076f799a401d4b46e5045aceb1ef36e5bbfb037bb7681f2a38ef1df9b84baa3598201d13a813165355bf052bb5e456dc0abdefed995b4eb37a39b313af800f6029243a6a7bec75a23389a90034cac8df6713b919028a14649d756d0093550278aad494de2dfeb76220fd3ee5be31f73839ace7f0d6da650e26f5ded30471ed55d2e814fc1b89102e5917b4e58840ecc211eaffa5a2937abeb882ccdf29308e3ac30e23d66ee79c29b4fb7e793a55e344cac298e30f1ca3333df8b58f43126a3404a61501ce06b75e6e6a4bf13dbfb05efd7b9b4219efd428c8f7f345884640d19f5515abcce05f315f00e65d9aa8022890a23da45ede06f455d66e0c96bbf7e9cc74eddca999a51174b4784eba8a9ebed13415de6bd0f160443d43b78181cfa381313a54e25f6751a38f290e5972ff7f70692e18c4737af2a7f6d4eac52ea594a22be4fd00fac1484e6d2d4d3196b49212b49598f5bc77b34d8a3633cf7212c869557d6eb27bf0d0a02555d9318194e9de9c9730ac72daee7cad6c2d4b248a8744515670766a8f1c739917fb859d98974532477989f4c24345f120f5320fdb8d8d56fa6ff2511e701bab399513cecb3e740e3761d02685a765f5267554d0f9243b51620197adc3b561b59c58f334307220db357c1121d7dbf593898b5d2c505f333445c084a6cbc6a7e5252724c83fcee85e304534780a01e7ecceb2ef53ffb6bc6cb9051b1400493ce55d62c01e972fff3cc7d0b68a2dd4d263c9191df1b629e323797f570083f122db3df6abb6fd6c4a351bb7500c7241e4392ac76e04259968e517a43e907cb0b0533d6750b9587a1a5d852639c6b789d333e848e3ad66cbf19c5ee5a641036cb7a858f822f657dec36cc134d6c1a629cfce1f1e24dbb73d09fba04f53b2c6309d71d92211a1f08535244eefcbb52e095626bcc78b950db1cb8facc3660fa705dceef155b00aef3291367ffcea06b5abe588bbdcea2637761308dc65509798b6a494dae4a75c1922c1234248dbfcabfaab3088a0dad09a135a45d75105314020f3ba8901dc39ee624a32e9f863ff55844974b44e57b30302cd0c349f3cc091befd5665f918c298ba89454fb811ce573e41f27490853a52abd6144e85d77de88c3f2e5506c8de40a3957e65936f3b294ce92610b63cec888cb16fe0e8a7af3dd142da96b57f602cc64ba69966724584c2872e5fc42348a324ff082a3ecfded82c3e5b7292d3726c4800176acab6a7a1479a0b5fea79f299e90ffdb1b389acb7e48adf760801145b3796380474c2ceb57e27726c9e50b746a2b12a214fea9cfd6c668363fe6e402710665118928fedb2f4900322b0c7d2c348881ea52278dae765c14b51fd5e8f000602aa3978d83b76056410c2260931e35d841793c8a36b191f93c33c0e4e6367ef45a1cf5145d774861224afbb11a7b77bb94492ec49827f713f8309d80d22e17701046e04c5b277f7b423cbbada01e6d40beb56e755e583b8f3de4b67c4b5ac83771b805fa7af49de2fc8b9a223293d83e7eb4eea3a3af1d1221e5d458e7cab60eaf1b51550a1b125ce018d76096f16d922f4aba48a728ec1b7d4812fe2ca789261b6d8e0c8edb3ba9007649084899c4f6b7986c1cb4a98d412c801fb91675ee42e2bb511bff6700772d3c03a7cb6adb41cbddc33053f8f65c164e9bd47b931510046506b169216d0a04edc479bc51c28acc536ced3834a7a9ce8fb55b72fa186a559437bf41f04b733e05986c915bc19f1b2f99d3bae6c13873d32e3c809b71881c3075f8dd1746f36409ac7934c25236ee2752560fcdd5175037a6fc5f0da58a229418ce30f3e64f9eb6ff3fe4498f47fdd69ceac5e792c8c9f087316f334b7f75e3432d3f1d03ee97c8f16485ec906c94e6c9580f7d03d98a8da85ec118b77c6c1d3b2e99fbf4b45e66cb4f8817f786d1f90e1e5e250be8c240a9648a219a02e62acbd72d1b0c0b42c75065a35664ea6a03cb05ea179f2e8e50e3d7ed53d31cdc10cf5fce48781fa338e3ee819f410540f045cb0edd7b2d219993faaa97cf95aa6144e889a02069421291d05eade30693a751039fece452c22d1afba081d1c40178fed7684cae475fcc365484118a184670cd7aa2758bdb01058ea9b244d5241f627bc5be11c9395e3cb839b0eac7842a312e1fc8b4ddae2aa4ef907ca5c9b847785051323e16d5497c4424289496277475bba67da750fa05bd8be730e4aabaeb94641fa2263dd3d4eb511b4fa40b8cf8b16d7aded1163f2258add79b04e1eb888afa27d057de2523863fc2da38d44cc69ae2d455900eede5fce69d7e9f8707cdb2456a45dda14d257eee4982f86259b855a0293068aa4aeff9439bc06c8ed5a370fe46fa88fa9bb92872166ac69152d1cbb4720eec5b9a057890cbb838aef12091454fe721395b46f9fa29ec1829fedf65aaec1176bb9eb15511bd77e7d4fe7321b3e0dfda95e5c90c3663956477885d6d94b280f58edbc77e864dca73536cd4988bcde2a3edb91704ad59148d85a001e393cebdb56ee088fa1033cdc6fbcbea30e2974035bfe29cee1eace13e30950bb4658886dae7e565ffd7b71e41feecbcac35fd97c81a8fff9d2a1d43f183c6e984671e06645eb0a60228d1b6c12c28bc6eaa4b9125c57b48ced2e199ed3acf12dbe10af4a56f2f5dca829fd07fc3f7e0de6913c73be0ada3e43bcbe70de784de699d0b51d7a56a3eacaf5d7dcd77d73cfb82e04633574213e05dc98850d822bc6dc90dc3fd6184296287342e2243fe6f0cf94e6d02a1b900d0c718e2afbe7fea2fafa375f209fb9cef5d844b861a1029aa3dd7081e81fe6501bbb413dcd23e013f279ef87e082335ade324b7688054992ccc63fbf9153213ab6d07ed0b79945d19639aaa5dd10e53aafe57f1e323300246cb1d6ede1eb1f319ca6fe1b0cc8e733b34818425888110b6eabe2db302310d0a8bcdd5342146b29c535cc9a95a455c8926d77323a31b948d47dc611815a329654a252fd09dbcec5f3cd8bc7e465759eb8e72ff6fd4ef1f375e4e8762a58148622d14480b7bb9aca2eeab3367a7376c9c85e6ba1735e56a2fcc6baf92c8d21942883f318eab7a568fc7ff01885a7089aa7661b15d73799bc0b8f8ce6a3b61adb6949965a223850b6825616c036e099952e04fde7cf086b5e76d45b86ab78b322f9af580173f2e798a39df7cade0d365c9d46d3fb36970f8a99d7b20a1b275afff852126f21ac24ca8c34deb49ba511f4d9edb4f56941aaaa477253f9bfc9a25a2694bbbe3b917074dd4eb6f1be20395ac33dd932a7ccf0604d64257b5af3faf271c145c190a528e471a7f23a53b5f9ea1bd0cc36410e9c538e91dd01d162edde856087b60dcba2042e65b6ae7b81787bd3308db9eb025b6fd930a9eb74a30883b83cfa8be5270dd3ee3408db7f7b136adebb3ee30f0e0b8835a0ded325363e4a2991cafd4a73483954c0f5d3358b25780608fa48f3f527c7e617ec12eb017df33f5088676d8bc476da251e608394e3d8fc0883fd4d1804f8e07f5e12ffa4ee80365a88abf29936bf1b255539fef95f5cf3bebcd26817edb28e7b6adf4851dcfe8aa1aa097f67c51557326ccf9c46ee2780d491e87774324d4dcf26f2e472a5e199b0cdef01094ea72bd5ad5fe1be6c9d545df3dc5de550665d220718a2c0baed2833cfb1428e2d1c2b9ea1e29f4b07fd6c51492643d4000716cd1e8a4f9d58b6b04b805d8962495323fd62949b17348418201664c6f2f651f99d73f8d17bb5e52dba2e6f94fa33f816d74bb6a45bd6cbdbd07f530406227c8fd11f390e805bbc17bc0e81076a27c0be023b64777afec0a7a0c3f53f03bc2ca72ae2873d68217a1a6905f414c2cb1b9561dfd07850a026da5f5775a66f8f3a6bc29b48c8a81b06ba30994ba8e7e233e3a3a5d886767ea6de91fbfc0a594c2375d62e71c7209d87d0f6c7a79a0d80da328e93f08650ec745495c771410913d094e4190075b7225761172eb420c82ab493548f6de38e17d3e687a89ce77c67c58b875c48c8a4d1664cbc6f67df357e040444fcd515d92d5823fc3ef6485208b6f3eda8cd09ea3b004f7eb06ac268ae8c3bf571aa3f619222a47540f9af340c80c587f7226e3d715b18c3ee41f64777d3a0a09f32190ad67922f6ecc63c956a715c3c42a6aaaf5e588d119210083ceaa414820b62fef87a678cd3f24f8fa3cdb6629b041cd7555974313f56d1b0e117ea925dc95e18b5d3f4ba9812f1067022945c3f5d547370d45853c4db3c9ca4436d7e649e1ac3ec02f9c1e9139849b46027d4b276cb0eb4b09848999f466f528290e47ba9540ceca89390db3fcbacb1d566e22e917f01f4442bd4dd0d350d057ffdf5b3549ca559901e6ff5147bdc25c11b23f1678f02c20e4e2e6f339b262e2b82eae0b15b4227f1d514f99ec78fbcf80c8f6f243536f2d7a809de05ae5e1d676fe950ad3513f801bbe4d16737def4b5ec4b62f8562cd5432bd372645202edeb286662d7e8d0dadac5b91c903c2756bdc4f5a7c931f2c3f7feace2b83f5459a196000e2ed1e1b2accaa9d637d5e408340161331c4b0047bf2ab31d317bb1c8f6e1b3d52f9f240bd971a447942dd4b73301781656aad9ce9b01aed907b7eb3a78397b97e601b04a4cb028d327ef32cf20c34e8dad9c9b1f981ab5c06a2b0271852e2a1016ee460d8568391c9ece5a2b8f29cbc6f2d6cc2e66c30c96df548e67dd6ad8c1ff09dfa22b2e8b2c52a3948c4febb09e3c2d34c0604a5ef930cd53be69a4bed9c9ee057178ece02a6b4df4624191590952888bdfafd2dbeca128d500872a8b236fba9623672c4dc15f56a761ee0c54026112fc464f72d3039587f009b94930dac0dbe444a939b38c0f5bce7aa366bfc2bb909db231178228846f71a56ab219e28cef1b102c1bfadbe8f0916d10a573b8cb38cc2cc2ec496a410a4e82847006d2ed4bac927a63a00416d0bfce59cc69aaf78ddc9566f23582999a655c8ad3b217486fb5a037ce089baf344d55bbd475be4e90b10e92c9c1bae3202c2d63355549f0ac95058724fea81ff9cec027e7b93e2cee43af81c6978fee5faf6216118785251b8ca023115b2f87d5d4b10c29aa3616628ab40a8ef36668ef57d7f9be505eabc01947ca222362818a71b3d63e5725a4d8a2c619b1867f70daa07703360d026d6f65247330be1ba84ddaaa7779591ca261beda4f4c094af65c5c276fe3bfb89f067c8c54af67e78f61bdc114ed4aa869c3adf282d7a8e7272579e9fd9e47611e0dc89f97561110e0141c69b1fa114e27b3d1e2c825ea008a370e08cd0a0610edef20cdd8a7cda0922fff046edfd2ff391a10ffce5dd6045619ce9af6b03f4193d858a76b201ed5beb0f11321707b7b593b23adaee4a0c0caf39dfeebcbd2948030435dc94ca00990c728502ec4686194f0f454304a422023c1b2c5b1ebbcd8cd50fa2d11361e3bbdc306e2739e27de300eda27b1c1ea62d773104cea77c18037c6bcc76423621b45abbe789b384bfdfb46efa1627ff29d9d840bf6e1f05e7e13fae6383e42ce153dcb062fa0cefd0fe9298ddbe77fd78d7036b5a815504b48267203da08ca685bfe8ae89c031074bbe5d3d6dcc6a3a8a8a4d3102765c3b714867f4516df62f214351b97bb8b5697a9f9a9dd78627342b239c524a3943d1d70f8cdd7391f05e7395731a8fc05210c6733ea256040bbbb53389229b84dafaaa3db1d5eca2971d9e550149461f1a672eae2319a99beed48934520666bc54b63085a744b5fc9a9b089b16c50ae945f74adcd4c5d064a12a6e103ef59bcc035a755ad31836eb7d04e5900d3800c822b96b466a9f6611f46b8a7d6131f91c625a5604de5bf01e5ca5d99a714c8dc1160260010f8d55f9125ee453b61c911bdf0824caa804c76d6512802875c5433de9b2e8b6c579a67fec5d2bc64ed3d1c313854221b75c9a0ed42af6f5354e7b1d1bf8661baa1261e68fc20d14b5652d25a536f208bff2b90fefa163a232696e655bcf95bed39355ec865e272fed582aae18858f5096ece40b9108efb00147f9c2ced59bfe2a79826851850ed95b35908dfb4d9ab7da0668a1fa8933ac4f6534e9598481477791fd1a1c269011ac9fe81f0491790e8aac121ffc00e38a7619a1855e6899abc2c670375a3ba4ac0cf652da89a70628cee1a35ae17b3490102e3c88ca324d06fce2151bc9de49472cf6e76ccb16d2a9cbf4161812e2c7758d73631024190fe9b71935de6968b289d3503b497f3f4b6306446ae9c312f8f1c63c1f7e62652173d9ed48cb128815bd44a12061f9b73fbdc6674ab9e0d01807f7bcfa0aa59168420e5ad8b72d7b576e273a1d229934fce2867689a41cb17767cf9defe1a96515a677ba08e10e187a3ce2f1d78e6b43b0d46c36163a1967b203df4f53379ee98422e973ab5c090adff21b5cc84fc78358021f681a0f0fd744f687e4f6c295470bf8f548d2d3dc841481dd51db9124cacde83bc9fef44a3e69e1cb28579d897f3013ac6133395328247fdcc152e5563678258936576196ced017c79bb6a4ea501a44cb25e5af1697afbdb3abb316837470ffdbe985ac3967334a90731602d3fac4f5c2758f04ec9c161a7cf330b7c7549fb62e6c15d07a7203c94edd3a8141c91b2029d6a90b14322337e6610822d9d7bff58c10d9c6cff71822f6456a421a65fdaa5d2c793f256a4e7a39f0d85d65fb95479eff79345c0615c9bbb4fb3324f9360b70dc709b0200042e8461b8cee9ce30beab3e276df48f41f001262fc14153f9764e13b50397442e00d7b11266bde10a3b7f83818086ff0015409679e4472d9e0215804fa9d21cebfa5cb5099cf88750cbeaaf58c2743f2746ea4cb73760ba88a07b91b68553716d563af5d7702219d0c600916dc54242d825c6d68320baf234a39f0b9ea9e6a4a72c4d5829b2f28508f54b33c7e0394a43fe23e7940d9b04bbe790d903a2d2c979e0ea79931b934d094fa2d5948c05cf278c341d788f2061ff617c9fa4700b1e1f0fbfa1b8c42848f2ea01cd318a8748c3336622ead25527ddbcd8a12ba3a5183f4419deb13558ed0ec99e73448c21ede0dbee9c01fc7675e54c60d4dee29c0f8fe81af6fe7b726f5d3c50dac634aefbf1ca6aa4df1b340a4109acf30939f6094c8591218729788111bfde98cd96d4b04b25bcd1bcb7f826241995573bae00", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x78, 0x0, 0x100000000, {0x20000, 0x5, 0x0, {0x5, 0xfffffffffffffffd, 0x48b, 0x7, 0x9, 0xd, 0xfff7ffff, 0x6, 0x7a2, 0x6000, 0xffff1854, 0xffffffffffffffff, 0x0, 0x3, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
utimensat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', 0x0, 0x0, 0x1)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, 0x0, 0x4040040)
openat$comedi(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f000026d000/0x2000)=nil, 0x2000, 0x16)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x5, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x7}, 0x9}}, {{0xa, 0x3, 0x0, @remote}}}, 0x108)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4001, 0x0, @mcast1}}}, 0x108)
close_range(r3, 0xffffffffffffffff, 0x0)

4.761184321s ago: executing program 2 (id=5970):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newtaction={0xac, 0x30, 0x1, 0x0, 0x25dfdb7f, {}, [{0x98, 0x1, [@m_ct={0x4c, 0x22, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @multicast2}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x10000, 0x6}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f000000e7c0)=[{{&(0x7f0000000480)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000500)="0289fe6dfe565cefca1c098f3710441036fed9612cf90bbff83a394d48c0535b726b51d5f633d84aed6da78a53549c81f62fc2ee044e93c2d94728982c357dac43a566c94ef1fb0ba4252db17582372b2127dc189ad5891b2b984a80b7b42edb33ccea9cdca7aacde057ac9acc68e71233c03b391e1525f964c065b6145a8c437420be1b5153df4adf41b5cc291aeec03d8c050e1f255d024d1129e1907af3457c08775796c795bf736b61c988a84ceb3e21a8cfe094e6ae5323f576617326fac2839ea5ba2bee78648781198ac9", 0xce}], 0x1, &(0x7f0000000640), 0x0, 0x810}}, {{&(0x7f0000000680)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000700)="d8bd314d46fa9e4e97279b731e8fab91cb705c82d1980d81500d17be069d1cc709dd5fce3aaf56", 0x27}, {&(0x7f0000000740)="0fc6d46e054a540acecc9bc4fd495baf732554e697f2bc2405c947af68a0f2374df98e2554f43aff38db42b476bf408b17b2960e67d7d8185dc19aecdd9ac0d5430559e5fab15f28d7baf1f32da6752e5d776de8ad7ddb420b72c8597728839562b10430921e8e65b42731d77d35505bce81bd", 0x73}], 0x2, 0x0, 0x0, 0x8014}}, {{&(0x7f0000000800)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000008c0)=[{&(0x7f0000000880)="4fa00a23ec11ce9332f861473722b1e960a87a041d857b4b63c07f32664abd5a2a", 0x21}], 0x1, &(0x7f0000000900)=ANY=[@ANYBLOB="180000000100000002000000da6f36de7dce90d926794fec89ec1d5cece2edf5f44ed0614084bf49fdf6f9efe45db154cc6ab2e938ddaa46c2687a24324fc5c97803ed38d388b4cafbe9ce88e3de788c5b2951ca2c7997f75dd712c0e7d5f0ee7670f79456e77bfb8f92318eff99617d2fde30d8c6669c77f01d5a126456263d0b3071208208e0226c784edb28da3d39fe5b38504ddbcb254c19f3d0935da0b7a0719af5ba", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="280000000100000001000000", @ANYRES32=r2, @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32, @ANYBLOB="180000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0], 0xb8, 0x40000}}, {{&(0x7f0000008340)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f000000e340)=[{&(0x7f000000a3c0)="ae47c4c8678312065290dd4ac27259c27caf874b0f484bcd326a8cb2d246d137c2d4b09a8b8be3", 0x27}, {&(0x7f000000a400)="47a96fe1d4e9015f893a92310a02064cd7f540e54de6c92719aeee0903f1b586964e7246d3429ee85e7a70b7df55c9501d2f7d0c0c17836f9b16edc6959ff0bb75cfa0c4ea79c0046af611971dc9833bd60e3adab2a519feea38d420f6a26937078200c816e1c4d225bba62ce9c60ce8f55cc451457e4808ff1b6b53f6c5c333d038c30f2a0f7c3df01fa67b4dea282510d91debd639d1ea4ee4c83d2de32c41c9e7bc8076b3fad13930585fb78e9d0736d8543f97605fa9d1584a38a769d6453a8a744c17e2b7c6494f551fbf5bce850dcf6865d1d5e802", 0xd8}, {&(0x7f000000d200)="60f5885f25dc20a908412e961a957472f00a1299b58fb2493c8d7575be267afe1537c9e622a2ce8b64654f66fd044e0602623f6d5d5d76e904210edf064438bea95d4cb6e1db14b8727a58944b25c035b3209df87fe9733c83b373d0f47a6e5c5ef2228826f72b4064963508b1b23d18e304540cb715bd89be0effae694c11e85c216bb24c630ed9c53bafc83312fbe4e2284a44e67a14fdf5a56c5cfc18950a050fea0d7750d878207ead36f1fcdfaf3b098a9c3da57e18d47618187592679f88c100bf0c91f11ff2c41c861bc07744b160ccf6f759e6de1acf5b829feba21dad9376f3034657c9412ac9bcf8186dd8cf1fe743063708fb90c72479260f9b12d9c141144de836c21fd22a3209beba1bc5cce96e3595e33999814d4322d9cab55f38d856dc27dbb2a5240a073eecec68ace8ae9b4df6f68d6bcf3c03bbd497cdb495dd7a77dcef28d5a663d5d90f8ea776c553137e29018af19a29a059138c4347b9722dd6c9ace596453022574089b7a82b248d15d9ca72119c5809b94b3ec8fba7172c5460859f5da8105f37a4de43f25f27b88a42a3f426ab04d6e2e20105e8d3ddd1da35ec5bd1374355ba76894ce95ad83a2ba6cee48438011cd208e9a544dafa46120d4642024d371c826ca3febd51443b951bccccd297dd1a705394983a54ca03fd795aaff4fb942da85a92ce0774a05fe8600aa80ebf73d2bc1384c0ce95e21a133ffa1725a044626a46b51660c4e966242706229959a41480ed87f849a9f92b381d5164b04d7b1f7c5332296ceed5df8cb57c1a4a0683b3d99636241016bff3d5d86a43a44d87024d0a2ab78c10646388474454faab8e668a54feef9dfe2578ef9fd20acb20314335cd857c4d5a5328bc8913e9730bbbee49d23e9eef7211472fe4642fd76102560e0751402a3b15748aca4a8ac06c8717a36f6287a03f1609939efa166f7f404ffba217b42686cc5cbb4e716f0f440738d029d3e73f0ce3fe3256e6337bba41b2cf0f20ccaa98e7b15bcf96055101fca069945400202904919ea4f491078160112d6c3777c08598b17d12774f54615890463d6498ddf18117b0c1d82b26bbf665ce9bc2bfca593220c09257ce8e3db8b9f4d1e63ed76083f6f81647f9e7b5dfbfd5f831395815a0f0841efb6c330bcf1a0a1e71e0bde2e2d926e47ebd4513c27bcc466e0643f759c62aded4fb0bc9c7ae12e81d0378cd24b24cbf09642724de9725446fc4bb876d5b0ed3d96c8b1963531d0082e5b525b02f4f983bb80d7d13f9da353beb879d0d5f3d2671d0ff1364be2aa5d406d608b68c5179f22030244261263117d94df45295329528ebb0991f996288e55f6e99b4a326673307b53f675f785ae07c136399f9d8fdc8f8cfd3c4fbfe0dd71c74c1c53b12e16ff4ad6160334448d7466047e18ed342991a3d0c5842f32e71204b9d5673e6696e488798b71307cf8a4ef3b52cacbe7ea65d6428d8c96db840079ac4a0442d06d5591cc55a3b2598d0a4901c9b1911c4e21990c5d050126a906b8d22189d6adecef068c83977749ded78545e41cb39318d8d7db9e67e8f50063d9b26126d0525f5f99b4f2b31f5c8ff7ec8623349d952e2a2becc395e84ac3cb86eb4b2a578603789b90738e0a6502aefd38a053de5cbb386be9131ec8f115a4c014690e338a86a151d8616b2c9545c61173a6b3fd395ceedcbbf8bccb52520b4d7726d4234049ff40be2dd5567e80533b9c1c1712c3950a613702eb032b7f9cfee24abc9dd3d2ca059d12ad202504e025789364f065c6b2f61347803a3a7d078867650752ccd5909997e5b54e50be397a617fa11c158d97d8c8fd1873cdab7c95ad6b45f03a4b12117a6daa7d88e85eaa08176fc13c40b265a1865c3d07a99f1cd94ad3abe0656e99af1d7fdbc4ae150f126d496b0e12e2351c0587fb5d935ca6ad675f18c125db348741eb4195110d097cd47d2ff5cf3833754092003db06d6de4b592b5f204cca589e8b0e56b6e695cd0ea537c474cc6b95892142ff1731e8d1b6642b216389f89a810cfe33fd179e435a0dbbc10ca375dee535289be758d52e3cecb8feddfaf511a956b01125eadc3b45cd7b160d702b0d6f35fa56eacdba5969f1110968f25e24276909e56da2806cfc84e8ef4e0d2bb3be905477d757240a0e1687c9f97c9b54a4969f35ba801d6dd80b830a55b90aa2b917bedccb6a51305abb2079f5608ebcf3ee49e11d57ca2df3cf8c5ccc9d80f5dba1d9b5b0aaf9ac65bd88dd83b9b888bb4baa0ca8c1f939af22817d572193f5f234ca2c2e6b2cee479abb001e29b6bb08d35f4f4027288097833470336fc1dc213d8c6d5a59aa95371174d8d5b60f4892902fb9d47f97f37a646bef4239dc8f28ee9e79e72273b8e6ac0f1592643433ce0196e0ec90854613819e5caef007b180009b4f393ab2c455c712e0b7063fc40a162af09a6521386285c50be180b8c14b08db5c4ede5991eeea46db4e962a32454fdc4b80d9a1455ea6d6ddbceeb0ef5614f81a40b9a3c7fddfbd9059642bb2c97059a9d4386e5f764de91d97e6485adf714bc5566f588fda1b3f87a94ac5ec7f0f7fa7e2fe2312f2cbe85ac99b74ffeba32100dbec45eed8bcadca886cf6521fada42903b20282e2b5c3e548b21bed01beef52dc2047708a244f4fd661bb11514619d610c61144e9585b13da9bb6458c90103a060a82ff34f686d821548668b7c8161af245f92c0b332539e4fb1128ae5660a952c54d2ba1b52371452bd4ce6626abe95a38139a8c7d5df044b5b6f58c4eb67015b7fb5cbc050eb0b962397bd0341aed5f0ad1800c28c76fd43a3e94ce2b1a05f671436c918de4e657abd8564d5a5f9142e4ac673625afbaa8b92cb353884ef47c68ab58a989c73966b48832fc5447f531defdfed4b8a1c934ce4310e7f10b4102a967aa4c2e4cc7178cf7f2b18f8271b032ab9d5d56324df8d55834227a6569749c578c0303d4504c28c09c68f4898ea35b594173c1acfbd7b41fb5e274257b8028bd1098697ebc62e407bf83a1f3aad3f98e207b0d2ea509e10374291023e54061f76bff09d151746958a934d6712d91d03775cfc1525376a24a620a907dc6c4ebf15fea9410a8f39c84cc745962086a4cfefc4e22327a93d921c6023153da5487265a34477d7b1afa71bec9eb9df7973e3792dff075411f7b3e5ab95ca175460a9f099280019c25e383d024fde4ee858e64bed1fd7d261f343b0145ecd346b3b69c9214453b421fddedfab4ea683b8502afbed948e5752a6d66093397a48130e4a353c6e79958d073934d2711e1a6a623e1c92f123a2e47cf4e43fa8decd14f09c39988a43280e322079d83fec6e54216e1b632d9e0913ffd1717b0600fc948462356213052065f0266e9253c1ef9b4ee88335e828616a2aa3fe731cf6649192b89683bbb94d8f0cecd8383a8b705e36374e937e7649bece968444d55d74d1ad7bf10327c8bdbbf6df46910aeb98179c66ed415ad79595b0e8a858a63ab3e29b1bc88219e7209db4eeb730d1b0763a065cb10b3905b5817d040fe4fd926a3011a3e6c8865c99796a6e4f523cf7694ba4037ab3cb7bae598360c312685a737b3d2b90573f46fc352f402a128f1d52d7ec751291071367ff8d5d279486b5a7ef2805e6bc4e8f89fd763e9363e4d85038b0265af7b8e566d930f0761794117d817ea90735714f891d920269c9d591e2fb5fb70f9bf375edb3a10d65b26d2f3434eed6e8b3ffa134745c82f136cf85641a84645f80fc3fa87d5a2134eda317d20a31c99d462ab499ea39a9cf176b341167cc5c9e7bf6e088dad4802effee8112ca13bf077ed0c38b0c3ad85d039d7e47aa9731932d2df78638fdf22d7de352a39aa36d7063d946adb3e63ce0d267e0d7f37b7d1379550447beadfc31584300048c598d1ca1a85e1d0c1707974d5c107b873388f0d2edbb93f39e009ee85a0963a7fac9f213f4d60ad811c02808b888e1183b2cf0828a66f029d74ba04d37ccb29b4a52185718eec507a69949b65e662f2bc2a123d5c3a2a171a16bea292e0c2cb0e2b0cf7307d2a7b5116df2c5f5e309d667ba86271d43b18c514216c8870a0d2e6528e853ffa797eb8270b8b458e0d7845fdac48d325703eb5acd162ab107987254c990cdfa81ccbfb68f03a60bcd7244484e5c8e79cd9906ef1dd977e638590203f5f518bf2eeecafb5e686eec5ce544383f22351ce9d78addbc4363148a12dc1ccca3a6324e5d865f6c84714fc2ede28326a3689c4aa0d867d4affdd8dc827abc0200df32a283449b76346be3b35e4ab398209b27e21ceb929b4c7caac0e22903249c28abab678ac2e4a199c3f220f01ed80b4cfb8a7bcbc0ba28de337c6b7c33f3bf0a79aaf4b5088e8c820dbe06c8f80b6d516cce60420bb68e3758b89640cfb969ba325d1c0befe0be17108747d0b45d648aeeb62c3b25d4806b10695e47020811c56e0988e0cc8b64a5d5d9e1f99377b9ef6767a71538aa053f6a00c00f8a4697130ccc447a29ee30fb03014058a8bfb159a3515afda03ca697c7895ef0ed5f83cdddf2eb3b1948e7bf19c933a8c91391e88e9cd28fc86100c58e1081d41b10f311d6515e340ddee302e8889497307c4dafd5eabba7b7845a379921dd1fbc107cce1d3624da8236ec1b31ea444ec74a8e07bfcb8d67d4ba7622fcf68d7209bb16f15ea2ee57c3ffaed9eaf26b795a9651ba1031d4657ce06294ec679cc46d9f4be493994e51f8b19c80cf1b6fe6f9577d040eb169a2b149e6cf92123a504614bd05bf79da7749a303da47d44fc9d9c09c4775c650ba1c7ec91820743f32aab6615960f98e3dfb4ddd48f401818963f29a9c2c6e23502c7cc8ac6288752c5bbbded2ce3c6f5dbe82605395992c92a0be2c6ab5ae4df5d604175ef73fc223096822c92c5b066c6ba2f2ac7ac15fc6bb637691118f8f3c8d20016eb916f798d1a167919026885500711569a66594e1beef9e3568da3cb8f12409a41a80faf950d13a4821929a6236cb3a55f51b66256e08aee69ba64d03f86baec2438afc4844bc533d26ae8688b63d19527fe24ab5b12bf033db263dcc040752b363fdce88360e3c94086db833d20161a257da5a1ffb0107d83f3471a63698af756d41861bf90a36afb69205f528e5b5ca72e06cedf866afd4e7cc556d02961fae9b29fd42fe65e947f2ed5123aece089d0a51745e0aa6035ce3dcb55ef8142c10b55f8db58d130d043721133beea90ed65a69417d37b91d3b912e7e7b043cb9c91c3bd9fc5c0a686eb7d1ba2de6941b37e63f0086707de3017f58862c40fc0e1315d90851decd28e49a9a605bb7e1d5d7489b108b109b90cef9373bb10f05b07f7a76651f2855f2aaf1bd5456a7222f0cb55ad993a9123add998c903a9eed52f1ef540c4374f1d67ce976e1565cd01ab89b8733b55bd6a4d1d9f93e5ee9c6f2a762f1b665c6a44dd685395a3b9af71a3b3c08950ef483ae127eb4157fc83c38fac434fa063077df150e541f03dd22a3e15fa1905d567711e67b4409dabf9f08a2c1006276a90f580e87d614195cb1700aa1069357d950100979c752de040152f5049715d1fd569a96f6322eae0094a4eb3c2546771cfa270bb590c3d475c56890f884c98791e4becca56ba5c81e0817019d6c05b3bce851ee35188bd6acafac4bbc2571ab4ce1d7540b0d96817a1e34f21497527c5469595542cdfa9cc8809e486fbdc76c46ef6e5efb6894fa336f695618971915dd54b0b8593fa33a6abe81263c777de30bdbd", 0x1000}, {&(0x7f000000e200)="ff8fbdd9189ddb33f1ab7b6eb92f80c68b36e766e4ec3cf83100556b37834f8524e3edfff30991cf7d3654564e9b6a0c1f25b6fa49b24bc3701f5e02ecbdfb509264c3af2923e163a5a681edf5e6acb4b68076f7bf4f76c4bf9d519a9a43894f1ccc017d8e188950bb613a2a9433334b5922820bf64e4086f9ed95615e41877320b24df75b3badf6eb71", 0x8a}, {&(0x7f000000e2c0)="ec9cb77d86546b00a023cc2313f8143a9edadcb95ecba2b8feb815572b1fe41c996990ad8b85e3db6b22b8aaef419a62044cb963c3a94b54cb69d20838c51404ebb20b05c8ea5a63efa51925cdf8f516d907", 0x52}], 0x5, &(0x7f000000e380)=[@cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, r2]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @cred={{0x18}}], 0x5c, 0x2000c080}}, {{&(0x7f000000e400)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f000000e540)=[{&(0x7f000000e480)="b618cc7e07fd87c9ef13d2f4aea90ecad7e836d043862dc8ca1c361187087ffc974e788b21a3d2dda7bb587fa9169b3dd1f97b6933a1521a7a6458bc2de40ebe3cc2bc14640517cbd243569de4857b8ced2885439afaa1c1e64403bf7aa415db30270d2ebd744fd5f6e6d234a917b1f981969d9b66d23313a3a8faeae685f8d7b38cce3d420c07b2331f1a14dfeb5e197a6404d7223e88115da0a397ac1a2acd6f84ad0284", 0xa5}], 0x1, &(0x7f000000e6c0)=[@cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x1c, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}], 0xf0, 0x4004014}}], 0x5, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x40)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r3, 0xc06c4124, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10010, 0xffffffffffffffff, 0x13074000)
statx(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x6000, 0x2, 0x0)
setuid(0x0)
migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x272)
sendfile(r1, r2, 0x0, 0x200000)
r4 = syz_open_dev$vcsn(&(0x7f00000001c0), 0x1, 0x200200)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000300)='[\\)::\x00', &(0x7f0000000340)='ife\x00', 0x0)
r5 = syz_usb_connect(0x0, 0x371, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000057ec0020c215dcff30bd0102030109025f03019b000000090400000b403b4e000905e2379c"], 0x0)
syz_usb_control_io$cdc_ncm(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
pwritev(r6, &(0x7f0000000200)=[{&(0x7f0000000140)="faeab7af787ddf6e2386426316a9bdfaca426b07b73a58f9d43a0b247b0e58dace686e61c174d0fa307bf1ee8f46f74253807a6f1293cced994cc335dc54606bd681c896cd956c0785", 0x49}], 0x1, 0xdf7c, 0xbaad)
socket$nl_netfilter(0x10, 0x3, 0xc)

4.450220051s ago: executing program 3 (id=5971):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000001c0)={@mcast2, 0x5, 0x2, 0x1, 0xf, 0x6, 0xffc6}, 0x20)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r2 = socket$inet(0x2, 0x5, 0x2)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, 0x0, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="40000000150001082dbd7000fcdbdf250af10800", @ANYRES32=0x0, @ANYBLOB="14000200fc00000000000000000000000005000114000100200100000000000009fc460000000000ab797dd001b83e95cebc46f3d524f6cfb518e1b6338c81e63a0e3e53b399e942f360299e057216aee3a03459f6d143711f0810ec5b851992d3fda9558d5edb161afdecaaac56640291"], 0x40}}, 0x0)
setsockopt$inet_mreq(r3, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x59)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000080))
r6 = syz_io_uring_setup(0x3e3, 0x0, 0x0, 0x0, &(0x7f0000002140))
syz_io_uring_modify_offsets$generic(0x0, 0x0, 0x2c, 0x10000)
io_uring_enter(r6, 0x24b7, 0xcb15, 0x21, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r8 = syz_open_dev$dri(&(0x7f0000000500), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r8, 0xc02064b9, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0xfbfbfbfb})
writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r9 = syz_open_procfs(0x0, 0x0)
getgroups(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000240)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r9, 0x29, 0x23, &(0x7f00000041c0)={{{@in6, @in=@local}}, {{@in=@local}, 0x0, @in=@private}}, 0x0)

4.152071829s ago: executing program 3 (id=5974):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000200)={'lo\x00'})
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000080)=ANY=[@ANYBLOB="e00000027f000700fe00000002"], 0x18)

4.087002274s ago: executing program 3 (id=5975):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x3f, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="38010000190000040000000001000000fe880000000000000000000000000101e000000200"/49, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000b86b6e000000000000001d00fdffffff"], 0x138}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052409000105240000000d0b979d60a53067d50060200006241a0000000905810300020000000904010000020d00000904010102020d0000090582020002000000090b"], 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000800}, 0x4000080)
mremap(&(0x7f0000bfd000/0x400000)=nil, 0x400000, 0x12000, 0x3, &(0x7f000066a000/0x12000)=nil)
syz_open_dev$loop(&(0x7f0000000080), 0x80000001, 0x162c42)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r4, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000340)=ANY=[@ANYBLOB="0380c20000000000000000000800060000380000000000019078ac1e0001ac1414aa03059003ff000000010000186371ae9b1c0300000000000000000000000000000000000004a56b7df4a3a101694d4e5078ca486fb3afe5a35d34e32b3d7bc6939cc7d6153a24ec9a52b2f92e1a68369b3a1e47237f4fa56b6398d842b29f2f4d635d6258e8ffc03049b63006f2ab688e5864178bd4541a5d71cc74ed077c91bef53b10c5cc4ebc9c3e6d36b09ff2ebe35ee993c525c7d2c541fb1ca135cda9d7d02cb1e857ad5a3cf3b344f7b28f01e715b68a452301bf57590ad0feaea9a4a497cfb392cddc026f1203961ffcd883248299fdbdf12dc32722061fe2ee8dc9ba50ac021a84884279981af10e873ce8ddee86586c2b784cc5"], 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = fsopen(&(0x7f0000000600)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x1, 0x1)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000100)={0xf0f017, 0x3})
fchdir(r7)
r9 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
lseek(r9, 0x3, 0x1)
getdents64(r9, 0x0, 0x20)
inotify_init1(0x0)
r10 = socket$kcm(0x29, 0x0, 0x0)
recvmsg$kcm(r10, &(0x7f0000002280)={&(0x7f0000000140)=@isdn, 0x80, &(0x7f0000002180)=[{&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000001c00)=""/253, 0xfd}, {&(0x7f0000001d00)=""/157, 0x9d}, {&(0x7f0000001dc0)=""/190, 0xbe}, {&(0x7f0000001e80)=""/143, 0x8f}, {&(0x7f0000001f40)=""/121, 0x79}, {0x0}, {&(0x7f00000020c0)=""/184, 0xb8}], 0x8, &(0x7f0000002200)=""/126, 0x7e}, 0x10042)
bind$unix(r5, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
mmap$fb(&(0x7f0000e33000/0x3000)=nil, 0x3000, 0x300000e, 0x13, 0xffffffffffffffff, 0xa5000)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})

1.875674013s ago: executing program 4 (id=5978):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80880)
write$P9_RFSYNC(r2, &(0x7f0000000180)={0x7, 0x33, 0x2}, 0x7)
r3 = socket(0xa, 0x3, 0x3a)
r4 = openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x5610c0, 0xcd)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x103440, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00'})
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYRESOCT=r0, @ANYRES64, @ANYBLOB="0000020000200015ece90000000a00", @ANYRES32=0x0, @ANYRES8=r1], 0x20}, 0x1, 0x0, 0x0, 0x24004891}, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r7, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r7, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xe10, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x3, 0x2800, 0x2803, 0x2, 0xd1, 0xc, 0x2d, {0x8, 0xefd2}, 0xd0, 0x9}})
setsockopt$MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000000)={0x4, 0x1, 0x4}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040))
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
close(0x3)
setsockopt$MRT6_FLUSH(r3, 0x29, 0xd4, &(0x7f0000000080)=0xa, 0x4)
r9 = add_key$user(0x0, &(0x7f0000003700)={'syz', 0x3}, &(0x7f0000000300)="c2", 0x1, 0x0)
keyctl$setperm(0x5, r9, 0x1010)
read$FUSE(r8, &(0x7f0000000880)={0x2020, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x2f, r10, {0x7, 0x1f, 0x8, 0x480, 0x0, 0x6, 0x0, 0xfffffc01, 0x0, 0x0, 0x4}}, 0x50)
write$FUSE_INIT(r4, &(0x7f0000000440)={0x50, 0x0, 0x0, {0x7, 0x2d, 0x401, 0x20000000, 0x8001, 0x5, 0xee0, 0xe01, 0x0, 0x0, 0x1}}, 0x50)

1.45847738s ago: executing program 2 (id=5979):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)
r2 = syz_ublk_setup_io_uring(0x1d, &(0x7f0000000040), &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = syz_open_dev$ublk_chdev(&(0x7f0000002000), 0x0, 0x2)
r7 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x8, 0x80)
ioctl$USBDEVFS_IOCTL(r7, 0xc00c5512, &(0x7f0000000280)=@usbdevfs_disconnect={0x7})
r8 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
syz_ublk_add_dev(r8, r3, r4, r5, &(0x7f00000003c0)={0x2e, 0x71, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000180)=@any_dev={0x4, 0x58e, 0x0, 0x0, 0x1000, 0x9, 0xffffffffffffffff}}}, &(0x7f0000000440)=<r9=>0x0)
syz_ublk_setup_queues(r8, r9, &(0x7f0000000340)={0x0, 0xfb7c, 0x800, 0x2, 0x321, 0x0, r2}, &(0x7f00000007c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0xd3db, 0x200, 0x1, 0x3de, 0x0, r2}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x9e00, 0x200, 0x1, 0x278, 0x0, r2}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xb60e, 0x8, 0x1, 0x321, 0x0, r2}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xc9b3, 0x2, 0x3, 0xc4}}], 0x4, &(0x7f00000017c0)={0x2e, 0x40, 0x0, r6, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {0xf6}, 0x0, 0x0, '\x00', {0x2, 0xc81, 0x0, 0x0}}, &(0x7f0000001840))
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000002240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000150a010200007f0000000000000000200800034000000004"], 0x1c}, 0x1, 0x0, 0x0, 0x20000011}, 0x2404000a)
r10 = fsopen(&(0x7f0000000080)='devtmpfs\x00', 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r10, 0x6, 0x0, 0x0, 0x0)
r11 = fsopen(&(0x7f0000000040)='afs\x00', 0x1)
fsmount(r11, 0x1, 0x3)

1.45803262s ago: executing program 5 (id=5980):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010003000000040000000100000008000100020000002400048005000300020000000500030001000200050003000200000005000300010000000800020002"], 0x48}, 0x1, 0x0, 0x0, 0xc0}, 0x20004080)

1.393031085s ago: executing program 4 (id=5981):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_SIOCGSKNS(r0, 0x894c, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r1, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000f40)={{0x14, 0x10, 0x1, 0x0, 0xfff5, {0x3}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x28}, 0x1, 0x0, 0x0, 0x10040090}, 0x0)

1.341398263s ago: executing program 5 (id=5982):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x4, {0x0, 0x0, 0x0, r1, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}, @TCA_RATE={0x6, 0x5, {0xab, 0x8d}}]}, 0x3c}}, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd})
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0x4, &(0x7f0000000140)=@framed={{}, [@ldst={0x3, 0x2, 0x6, 0x1, 0x0, 0x3e, 0x110}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ifreq(r3, 0x8931, &(0x7f0000000000)={'veth0\x00', @ifru_map={0xb42, 0x7f, 0xfff, 0x5, 0x9, 0x3}})
listen(r2, 0x3)
r4 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, &(0x7f0000002300)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x4)
sendmsg$tipc(r4, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x185440, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xfba, 0x4)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0xf)
accept4(r2, 0x0, 0x0, 0x400000000000000)
syz_emit_ethernet(0xd2, &(0x7f00000002c0)=ANY=[@ANYBLOB="0180c20000002059249b379086dd60000000000711000000"], 0x0)

1.341069117s ago: executing program 4 (id=5983):
socket$igmp(0x2, 0x3, 0x2) (async)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r0, 0xc01864b1, &(0x7f00000000c0)={r3, 0x1, 0x6, 0x0, &(0x7f0000000040)}) (async)
landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0}) (async)
add_key$user(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000380)="7ccd08", 0x3, 0xfffffffffffffffc) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
r4 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r4, 0x0)
ftruncate(r4, 0x51a9497) (async)
pipe(&(0x7f0000001240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(r5, &(0x7f00000001c0)=[{&(0x7f0000000280)="dc", 0x1}], 0x1, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x30c, 0x30, 0x200, 0x0, 0x0, {}, [{0x2f8, 0x1, [@m_ife={0x9c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x72, 0x6, "fe576d14f794005389d97eb2c2e9dc6cadedd46d080a0f461fce9fd2e106dc3a69df8f0a7b0487248c74de0f5b8437fcace3080992cb14cefb9f6c1b6e41ea0370b16b926fa310e3fd5ce05c65dbebd31b71931a01aedd10dfdea04e54840cf7508ef6a5ffd9fd6e010000000000"}, {0xc, 0x7, {0xe85ce65936720359}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_nat={0x194, 0x10, 0x0, 0x0, {{0x8}, {0x144, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0xffff, 0x20000000, 0x1, 0x9}, @rand_addr=0x64010100, @rand_addr=0x64010102, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xffffffff, 0x3, 0x8, 0x10001, 0x80000000}, @multicast2, @dev={0xac, 0x14, 0x14, 0x31}}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0x8, 0x3, 0x8, 0x400}, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff0000ff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xb, 0x6, 0x7, 0x6, 0x4}, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0xffffffffffffff4c, 0x1, {{0xffff0000, 0xa, 0x20000002, 0x100, 0x2}, @private=0xa010100, @rand_addr=0x64010100, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x400000, 0x1, 0x1, 0x3, 0xf}, @remote, @empty, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0x3, 0x0, 0x5, 0xf}, @broadcast, @multicast2, 0xffffffff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x24, 0xffffffffffffffff, 0xf17, 0x7ff}, @empty, @empty, 0xff}}]}, {0x2c, 0x6, "f62978097d2eccb4f98f8648cc3df97e8404603f738bf74d1d7b17fd587987d2eab5272e7f1b291a"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ife={0xc4, 0x19, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6, 0x5, 0x157}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x2, 0x883, 0xffffffffffffffff, 0x2, 0xe}}}, @TCA_IFE_METALST={0x28, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x1}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x5}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x8}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x509}, @IFE_META_TCINDEX={0x4, 0x5, @void}]}, @TCA_IFE_TYPE={0x6, 0x5, 0x400}, @TCA_IFE_METALST={0x24, 0x6, [@IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x80000000}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x11}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x9}]}]}, {0x24, 0x6, "140ef7e760885388d12ad44e1a1a7aabea0614db30e96ee2a91867beced06306"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x30c}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c0000002000010000000000000000000220000000000000000000000500190002000000080009000000000008000b0005000000080017004e214e22080001"], 0x5c}}, 0x0)

1.223990204s ago: executing program 5 (id=5984):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="a1", 0x1}], 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$char_usb(r0, &(0x7f0000000380)="64e9", 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000700)=[0x2], 0x0, 0x100000000000000, 0x200000000000022f}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb7020000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0), 0xc)

1.212523251s ago: executing program 5 (id=5985):
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'xfrm0\x00', <r1=>0x0})
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote, r1}, 0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000c40)=ANY=[@ANYBLOB="580000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="00000000da44000024001a8020000a8014000700fe8000000300000000020040000000000500080002000000140003007866726d30"], 0x58}}, 0x0)

1.201524054s ago: executing program 2 (id=5986):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000080)={[0xeeee0000, 0xeeef0000, 0xdddd0000, 0xb000], 0x2000000db, 0xc})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0x4000, 0x4, 0x5, 0x0, 0x8, 0x3, 0xa, 0x7e, 0x4, 0x11, 0x5, 0x80204}, {0x804, 0x1, 0x1, 0x45, 0x7, 0x5, 0x4, 0xff, 0xc, 0xfe, 0x6, 0x7f, 0x20c}, {0x1, 0x3, 0x38, 0x5, 0x84, 0x7, 0x3, 0x7, 0xd7, 0x70, 0x4, 0x5}], 0xffbfffff})
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000))
openat$fb1(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x84)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.084859849s ago: executing program 5 (id=5987):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, 0x0)
r1 = openat$rdma_cm(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f0000000200)={0xb, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0xfff}}, 0x18)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x4a102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000180)={0x0, 0x1, 0x1, 0x6, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309002500000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc60efd680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca512b5f379c4eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7f804bb4713019a83353dc519d11c3cc1c22a3b86cf3c645413fcea0ce9ded703699d2bb6a4a663b99b6069da5aaf64785a58847440f064b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200216032811fadcf1e0f49a514df529061e09ce45e3f303a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a250200000000000000d23d324205000000000000000a617f22133b6cb5087f4c6057942ad995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a3cff46591ccaff3075b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8841416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedcbefc5990d7fed29a002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d559b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756d732533c2722e03002293e37966611602f297de6ff5408777d7a93c45cee3ee5c56e8a3e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f6579ef62866a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c909cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc562507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f80000000000001700000000000000000000000000000000000200"})
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x6c, @private=0xa010100, 0x4e22, 0x6, 'rr\x00', 0x11, 0x1, 0x71}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e22, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0186405, &(0x7f0000000100)={0x7fffffff, 0x7, {<r5=>0x0}, {0xffffffffffffffff}, 0x7f, 0x9})
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000140)={0x0, 0x1, 0x0, 0x6, r5})
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x84000000, 0x0)
socket(0x2, 0x80805, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, &(0x7f0000000200)=0xdc, 0x7, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
r6 = syz_open_dev$sndctrl(&(0x7f00000012c0), 0x1, 0x105800)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r6, 0xc2c45512, &(0x7f0000000a00)={{0x5, 0x0, 0x3, 0x4, 'syz1\x00'}, 0x0, [0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10008, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x3]})
mkdir(0x0, 0x0)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='xfs\x00', 0x0, &(0x7f0000000180)='pquota\x00\x00\xe4\xb7\xceZpB\xe2\x93T\xe4Y\x91\x05\xe1q\xb3\x83\x83\xfe\x14\xe2\xfe\x8b\xfe\xad{$\xbb\xdf\b\x0fN6\xe6N9\x9a\xe2w\x1cW\x9fl\x0fL\x9d\xafE\xeb\x9b;?\xe0\xb4\x8am\xe9\xecv\xe6\xd9\x88\xf2\v\x94D\xb4\xdf\xb3M\xf9\xdaJ\x1e2\x9b\x00\x97\xabe\xc2H.v\x06\xce\xb1\xdd1@2\x14\x85G\xef\xafu\xff\xcdQ\x1d\b!\f\xdbI\xc3\xbd{\xb9\xd8yn\xd0T\x91\xebq\xaauw\x87O\x9e\x15\xd4\xa2\x83\xa5)\t\x96]\xefg\x8e\x16\xa7\xf6\xf5\x9c\xac\xc5\xee\xfb\xff\xff\xff\xff\xff\xff\xff\xb7\x05\xfd\x8b\x93o9:\x00\x80\xe1^\xc8\xe9\x83')
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010101, 0x0, 0x3, 'lblcr\x00', 0x1, 0x80005, 0x40}, 0x2c)

988.70398ms ago: executing program 2 (id=5988):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x128, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x10000000, 0xffffffffffffffff}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x34}, [@coaddr={0x14, 0xe, @in6=@remote}, @lifetime_val={0x24, 0x9, {0x3, 0x8000000000000001, 0xb4, 0x5}}]}, 0x128}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x70bd2a, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast1, 0xffff, 0x0, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x5a, 0xb400, 0x2, 0xfeffff7f00000001, 0x800000000000000, 0x60000}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)

817.647971ms ago: executing program 3 (id=5989):
r0 = socket(0x10, 0x803, 0x0)
ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x80000000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x100, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x4000})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x23)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\t\x00'], 0x48)
r4 = syz_io_uring_setup(0x126b, &(0x7f0000000500)={0x0, 0x72de, 0x0, 0x0, 0x3a8}, &(0x7f0000000140), &(0x7f0000000280), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r4, 0x18, 0x0, 0x1)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x44000, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r6, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
pselect6(0x40, &(0x7f00000001c0)={0x1, 0x2, 0x5, 0x9, 0x8, 0x1ff, 0x8, 0x8}, &(0x7f00000007c0)={0x5, 0xffffffff, 0xa, 0x1, 0x0, 0xf7ffffffffffffff, 0x5, 0x81}, 0x0, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
connect$l2tp(0xffffffffffffffff, 0x0, 0x0)
r8 = openat$vhost_vsock(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_GET_VRING_ENDIAN(r8, 0x4008af14, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

742.113383ms ago: executing program 4 (id=5990):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r1, 0x114, 0x271f, 0x0, &(0x7f00000000c0))
ioctl$VIDIOC_G_FREQUENCY(0xffffffffffffffff, 0xc02c5638, &(0x7f0000000080)={0x6, 0x4, 0x5})
r2 = socket$phonet(0x23, 0x2, 0x1)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2712, 0x0, &(0x7f0000000040))
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000010c0)=ANY=[@ANYBLOB="3401000010000100"/20, @ANYRES32=r2, @ANYBLOB="000000000000000014011a80400002803c000180080021000000000008001800000000000800030000000000080009000000000008000c0000000000080012000000000008001f00000000006c000a80140007"], 0x134}}, 0x0)
prctl$PR_GET_DUMPABLE(0x3)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x41c}}}, 0x7)
r4 = openat$mice(0xffffff9c, &(0x7f0000000100), 0x301000)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000440)={&(0x7f0000000140)=[0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f00000003c0)=[0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0], 0x8, 0x2, 0x9})
ioctl$DRM_IOCTL_MODE_GETENCODER(r4, 0xc01464a6, &(0x7f00000004c0)={r5})

580.416217ms ago: executing program 2 (id=5991):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2) (async)
r2 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x48f, &(0x7f0000000000)={0x1, @private, 0x0, 0x0, 'sed\x00', 0xa, 0xfffffffb, 0x14}, 0x2c) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'vlan0\x00', @link_local}) (async)
write$tun(r0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="000086dd0203050009000a004000683739ed20282900fe8000000000a43ea50475df42f1592f854a66ba8ab56a00000000000000aaff"], 0xfdef)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="540000000206050000000000000000000500000705000100070000000c0007800800120000000000050005000200000805000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x54}, 0x1, 0x0, 0x0, 0x4055}, 0x0) (async)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r1, 0xf501, 0x0) (async, rerun: 32)
r4 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000080), 0x502, 0x0) (rerun: 32)
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000240)={0x1fe, 0x5, 0xe000, 0x1000, &(0x7f0000ffd000/0x1000)=nil, 0x9})

495.0715ms ago: executing program 4 (id=5992):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@FILEID_UDF_WITH_PARENT={0x14}, &(0x7f0000002300), 0x0)
socket(0xc, 0xa, 0x5)
syz_emit_ethernet(0x3e, &(0x7f0000000300)={@broadcast, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @broadcast}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x2, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x24, 0x0, 0x9, 0x2, 0x0, 0x0, @local, @rand_addr=0xe0000000}}}}}}, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getsockopt$inet_tcp_int(r0, 0x11e, 0x1, 0x0, &(0x7f0000000000))

78.483479ms ago: executing program 5 (id=5993):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000800000008000300", @ANYRES32=r2], 0x24}}, 0x0)

319.449µs ago: executing program 4 (id=5994):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000040)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x22)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
connect$802154_dgram(r0, &(0x7f0000000180)={0x24, @short={0x2, 0x3, 0xfffe}}, 0x14)
sendmmsg(r0, &(0x7f00000196c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0xd, 0x0}, 0x7000000}], 0x4000050, 0x400c010)

0s ago: executing program 2 (id=5995):
r0 = request_key(0x0, 0x0, &(0x7f0000000340)='\x8e\x00\x9e\xbb\x1e\x1av\xe8M\x00d\xaaI\x00\x00\x00\x00\x00\x00\t<\xe5u\xedA\xa7\aT\xdd\xd1{\xff\xcb\xdb\xb11\xc2s\xcb\xbf\x04\x00\x00\x00<\xfe\xf9\f\xe6E\b\x00\xd7\x85q\xc4\xab\xbd&\x92\x89(\xf3\"\xceJ\x19\x185\xa6- \xe6uK\xe1D\x8f\x9f\x92\xca\x93#\xf5E\xc2\x91Yl\x17\a\x02\t\x17\x7f\xc4\xde\x04\x9b\x89#\xf6&[\xd81\xb3\xdc\x00\x04\x15\x03\x17R\xd24\xeb\xb5\xc2\xff\x1bnF\x8e\xe4\'\x18\xba9.\xd4\xd9\xc6\x98\x8f\xc6D!p\xbeV\xb7x\r@\x1b5\x8br\x11\xdex\x19\x89\xdc\x1el\xcd\x13\xb6\xc2\xdb\x1fr2\x7f?\xfe\x0f\x04\x11\xc3\x8f:uXQ\x0f\v\xfc\xff\x7fL\xfb\xa8]\xd4\xd7\x13?\xe3<#\x1f\x9a\x03C\x8f\xe7\rV1\x99\xaf@Re\x18J\xb6\xee\xeeAnR\n\x8a\xe4\x1a:&\xc7\x15B\x8aG\xa4\a`\xee\xaf\x80T\xddo\xc4D^z\xbf\x1c\x87F?!k\'\xc3\xf9\xa3\xd9\x85\xb1N%\x17\f\xd0#\x05^\xf7\x11\x13\xadKb\x8ck\x10\xd3 >\t\xe0\x16\x80\x82\xb3\xcc\xc7\x05*\x9b\x0eQ\x92\xd7\xbaO\x06\xb2\xdc\xe7/\x1f\x90]IB94(evFMJ\x85\xc4S\xa8\x8b\xbe\xd3\x90\xe9\t\x00\x13\x1e\x9a\x94\x00\x00\x00\x00\x00U\xfbLA\xa6K\xd5\x0eD\xf2Y\xc3,\t4hD\xc4o\xc3\x87$\x9d6\xc8\x93\xa3\x8e:\xfe#\xa0`\xb1k\xacz\xe0\xb3\x95\x17\xdf\xc7\xc2\xedKc\xa3\xbd\xc2\x9f\x86C(/\xe3\xb2\xc6$s^\xd1vU\x9cB)ao\xf1\'', 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000)
recvmsg(0xffffffffffffffff, 0x0, 0x40020000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000001300)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000", @ANYRES16, @ANYBLOB="05a32bbd7000000000000d00000008000300", @ANYRES32=r3, @ANYBLOB="1970b33f775e8b5a3292089b4a930d6db1290e019e8af7ab4657d8889f3afb121d291238b6f0f3c462415525fdb152c15ca51b1f1ced89dd9c5f686dd23d4f37f9593571d69d748c3cd7d9cc545cf07bc7ab11300714ae9fa5739e741bd62ed275e3a815197d9d4545b7085219119d681b9755444d68c981000000000000"], 0x1c}}, 0x0)
r4 = syz_clone(0xc200000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x1)
fchdir(r6)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
getdents64(r7, &(0x7f00000005c0)=""/4096, 0x1000)
wait4(r4, 0x0, 0x40000000, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(0xffffffffffffffff, 0x1, 0x86)
fchdir(r8)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r9, 0x101, 0x1)
r10 = socket$inet6(0xa, 0x80001, 0x0)
r11 = add_key$fscrypt_provisioning(&(0x7f0000000140), &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000500)={0x1, 0x0, @a}, 0x48, r0)
keyctl$describe(0x6, r11, &(0x7f00000015c0)=""/125, 0x7d)
setsockopt$inet6_group_source_req(r10, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x321}}}, 0x108)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x2, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

][ T5825] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1216.471713][ T5825] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1216.477007][T16147] IPVS: using max 46 ests per chain, 110400 per kthread
[ 1216.479532][ T5825] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1216.483244][ T5825] usb 10-1: Product: syz
[ 1216.485156][ T5825] usb 10-1: Manufacturer: syz
[ 1216.487900][ T5825] usb 10-1: SerialNumber: syz
[ 1216.520535][ T5825] usb 10-1: config 0 descriptor??
[ 1216.550095][ T5825] hub 10-1:0.0: bad descriptor, ignoring hub
[ 1216.565992][ T5825] hub 10-1:0.0: probe with driver hub failed with error -5
[ 1216.622897][ T5825] usb 10-1: selecting invalid altsetting 0
[ 1217.163482][T16155] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5021'.
[ 1217.370280][ T5825] usb 10-1: USB disconnect, device number 2
[ 1217.678692][T16195] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5032'.
[ 1217.778519][T16201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5034'.
[ 1217.834045][ T5825] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1217.996876][ T5825] usb 10-1: config index 0 descriptor too short (expected 39, got 27)
[ 1218.011098][ T5825] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1218.029659][ T5825] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1218.035751][T16210] FAULT_INJECTION: forcing a failure.
[ 1218.035751][T16210] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1218.041062][ T5825] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1218.041269][T16210] CPU: 2 UID: 0 PID: 16210 Comm: syz.2.5036 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1218.041314][T16210] Tainted: [L]=SOFTLOCKUP
[ 1218.041324][T16210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1218.041335][T16210] Call Trace:
[ 1218.041342][T16210]  <TASK>
[ 1218.041349][T16210]  dump_stack_lvl+0x100/0x190
[ 1218.041377][T16210]  should_fail_ex.cold+0x5/0xa
[ 1218.041401][T16210]  _copy_from_user+0x2e/0xd0
[ 1218.041433][T16210]  generic_map_update_batch+0x452/0x800
[ 1218.041461][T16210]  ? __pfx_generic_map_update_batch+0x10/0x10
[ 1218.041486][T16210]  ? __pfx_generic_map_update_batch+0x10/0x10
[ 1218.041510][T16210]  bpf_map_do_batch+0x66f/0x6d0
[ 1218.041537][T16210]  __sys_bpf+0x4ce/0x4e80
[ 1218.041564][T16210]  ? __pfx___sys_bpf+0x10/0x10
[ 1218.041585][T16210]  ? irqentry_exit+0x24d/0xa00
[ 1218.041612][T16210]  ? lockdep_hardirqs_on+0x78/0x100
[ 1218.041639][T16210]  ? irqentry_exit+0x24d/0xa00
[ 1218.041677][T16210]  ? find_held_lock+0x2b/0x80
[ 1218.041706][T16210]  ? rcu_read_lock_any_held+0x6a/0xa0
[ 1218.041730][T16210]  ? find_held_lock+0x2b/0x80
[ 1218.041752][T16210]  ? ksys_write+0x190/0x250
[ 1218.041769][T16210]  ? ksys_write+0x190/0x250
[ 1218.041804][T16210]  ? fput+0x79/0x100
[ 1218.041827][T16210]  ? __ia32_sys_bpf+0xcc/0x170
[ 1218.041847][T16210]  __ia32_sys_bpf+0xcc/0x170
[ 1218.041868][T16210]  ? __do_fast_syscall_32+0x98/0x970
[ 1218.041887][T16210]  __do_fast_syscall_32+0xe7/0x970
[ 1218.041905][T16210]  ? lockdep_hardirqs_on+0x78/0x100
[ 1218.041935][T16210]  do_fast_syscall_32+0x32/0x70
[ 1218.041953][T16210]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1218.041976][T16210] RIP: 0023:0xf6feefec
[ 1218.041996][T16210] Code: Unable to access opcode bytes at 0xf6feefc2.
[ 1218.042004][T16210] RSP: 002b:00000000f53bc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1218.042022][T16210] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 00000000800003c0
[ 1218.042033][T16210] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[ 1218.042044][T16210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1218.042054][T16210] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1218.042065][T16210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1218.042089][T16210]  </TASK>
[ 1218.080615][ T6597] Bluetooth: hci1: command tx timeout
[ 1218.085118][ T5825] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1218.154449][ T5825] usb 10-1: Product: syz
[ 1218.385753][ T5825] usb 10-1: Manufacturer: syz
[ 1218.388010][ T5825] usb 10-1: SerialNumber: syz
[ 1218.400053][ T5825] usb 10-1: config 0 descriptor??
[ 1218.406795][ T5825] hub 10-1:0.0: bad descriptor, ignoring hub
[ 1218.724570][T16116] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1218.758150][T16116] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1219.308793][ T5825] hub 10-1:0.0: probe with driver hub failed with error -5
[ 1219.332064][ T5825] usb 10-1: selecting invalid altsetting 0
[ 1219.393952][ T5825] usb 10-1: USB disconnect, device number 3
[ 1219.556916][  T565] udevd[565]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1220.302737][ T6597] Bluetooth: hci1: command tx timeout
[ 1220.558616][ T5846] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1220.718956][ T5846] usb 9-1: device descriptor read/64, error -71
[ 1220.856089][T16275] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5040'.
[ 1220.859734][T16275] netlink: 21 bytes leftover after parsing attributes in process `syz.5.5040'.
[ 1220.976082][ T5846] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1221.031754][T16292] FAULT_INJECTION: forcing a failure.
[ 1221.031754][T16292] name failslab, interval 1, probability 0, space 0, times 0
[ 1221.049027][T16292] CPU: 2 UID: 0 PID: 16292 Comm: syz.5.5041 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1221.049047][T16292] Tainted: [L]=SOFTLOCKUP
[ 1221.049051][T16292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1221.049058][T16292] Call Trace:
[ 1221.049062][T16292]  <TASK>
[ 1221.049067][T16292]  dump_stack_lvl+0x100/0x190
[ 1221.049086][T16292]  should_fail_ex.cold+0x5/0xa
[ 1221.049101][T16292]  should_failslab+0xc2/0x120
[ 1221.049118][T16292]  __kmalloc_noprof+0xfc/0x820
[ 1221.049132][T16292]  ? rcu_is_watching+0x12/0xc0
[ 1221.049147][T16292]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1221.049170][T16292]  tomoyo_realpath_from_path+0xb6/0x690
[ 1221.049190][T16292]  tomoyo_path_number_perm+0x23c/0x580
[ 1221.049204][T16292]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1221.049219][T16292]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1221.049234][T16292]  ? get_pid_task+0x106/0x250
[ 1221.049262][T16292]  ? find_held_lock+0x2b/0x80
[ 1221.049277][T16292]  ? __fget_files+0x215/0x3d0
[ 1221.049287][T16292]  ? hook_file_ioctl_common+0x140/0x440
[ 1221.049301][T16292]  ? __fget_files+0x215/0x3d0
[ 1221.049314][T16292]  ? __fget_files+0x21f/0x3d0
[ 1221.049327][T16292]  security_file_ioctl_compat+0xd3/0x230
[ 1221.049343][T16292]  __ia32_compat_sys_ioctl+0xc2/0x360
[ 1221.049362][T16292]  __do_fast_syscall_32+0xe7/0x970
[ 1221.049374][T16292]  ? lockdep_hardirqs_on+0x78/0x100
[ 1221.049393][T16292]  do_fast_syscall_32+0x32/0x70
[ 1221.049405][T16292]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1221.049420][T16292] RIP: 0023:0xf704efec
[ 1221.049433][T16292] Code: Unable to access opcode bytes at 0xf704efc2.
[ 1221.049440][T16292] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1221.049452][T16292] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000400442c8
[ 1221.049459][T16292] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1221.049467][T16292] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1221.049473][T16292] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1221.049480][T16292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1221.049495][T16292]  </TASK>
[ 1221.049500][T16292] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1221.199697][ T5846] usb 9-1: device descriptor read/64, error -71
[ 1221.317506][ T5846] usb usb9-port1: attempt power cycle
[ 1221.331997][T16301] netlink: 14 bytes leftover after parsing attributes in process `syz.5.5043'.
[ 1221.682057][ T5846] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1221.713467][ T5846] usb 9-1: device descriptor read/8, error -71
[ 1221.991007][ T5846] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1222.012417][ T5846] usb 9-1: device descriptor read/8, error -71
[ 1222.129810][ T5846] usb usb9-port1: unable to enumerate USB device
[ 1223.054964][T16340] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5051'.
[ 1223.216077][T16348] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5053'.
[ 1223.329537][T16355] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5055'.
[ 1223.600732][ T6597] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1223.807980][ T6597] Bluetooth: hci3: ACL packet too small
[ 1224.236723][T16389] comedi comedi3: comedi_config --init_data is deprecated
[ 1225.620558][T16442] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1225.787878][T16461] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5076'.
[ 1225.872341][T16469] netlink: 'syz.4.5079': attribute type 5 has an invalid length.
[ 1225.961910][T16490] fuse: Unknown parameter 'group���800000000000000000000'
[ 1226.165466][T16510] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1226.168136][T16510] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1226.178508][T16510] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1226.187548][T16510] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1226.190594][T16510] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1226.196205][T16510] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1226.213981][T16510] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1226.216530][T16510] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1226.228036][T16510] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1226.238299][T16510] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1226.242191][T16510] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1226.247883][T16510] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1226.566739][T16542] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5090'.
[ 1226.741548][T16547] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5091'.
[ 1227.607435][T16575] openvswitch: netlink: Missing key (keys=40, expected=100)
[ 1228.327291][ T6597] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1228.327311][ T5749] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1228.414113][ T6597] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1228.414113][ T5749] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1228.766916][ T1437] ieee802154 phy1 wpan1: encryption failed: -22
[ 1229.663147][T16617] fuse: Bad value for 'fd'
[ 1229.997616][T16634] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[ 1230.094136][T16638] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5112'.
[ 1230.098070][T16638] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1230.101260][T16638] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1230.105143][T16638] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1230.108245][T16638] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1230.162000][T16645] fuse: Bad value for 'fd'
[ 1230.459402][T16656] loop6: detected capacity change from 0 to 2640
[ 1230.509856][T16660] syzkaller1: entered promiscuous mode
[ 1230.512323][T16660] syzkaller1: entered allmulticast mode
[ 1230.550806][ T5749] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1230.560798][ T5749] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1230.637747][ T5749] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1230.637768][ T6597] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1230.886236][T16684] syzkaller1: entered promiscuous mode
[ 1230.889300][T10384] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1
[ 1230.897362][T16684] syzkaller1: entered allmulticast mode
[ 1230.908584][T10384] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1230.915438][T16687] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5119'.
[ 1230.940532][    C1] vxcan1: j1939_tp_rxtimer: 0xffff8880569d6800: rx timeout, send abort
[ 1230.944647][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff8880569d6800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1231.576490][T23492] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1231.579026][T23492] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1232.293676][T16755] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[ 1232.295754][T16755] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1232.298524][T16755] vhci_hcd vhci_hcd.0: Device attached
[ 1232.580461][ T5825] usb 42-1: SetAddress Request (27) to port 0
[ 1232.583239][ T5825] usb 42-1: new SuperSpeed USB device number 27 using vhci_hcd
[ 1232.773163][ T6597] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1232.777159][ T6597] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1232.858566][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1232.868970][   T64] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1233.029205][   T64] Bluetooth: hci4: command 0x1003 tx timeout
[ 1233.029280][ T5749] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1233.096012][T16756] vhci_hcd: connection reset by peer
[ 1233.098915][T21314] vhci_hcd vhci_hcd.2: stop threads
[ 1233.100773][T21314] vhci_hcd vhci_hcd.2: release socket
[ 1233.103163][T21314] vhci_hcd vhci_hcd.2: disconnect device
[ 1233.233362][T16762] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5129'.
[ 1233.638725][T16776] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5133'.
[ 1235.799177][T16894] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5139'.
[ 1235.826636][T16894] ptrace attach of "/syz-executor exec"[16895] was attempted by "/syz-executor exec"[16894]
[ 1237.197876][T16913] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.348338][T16913] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.363241][T16936] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5149'.
[ 1237.559825][T16942] netlink: 'syz.5.5150': attribute type 4 has an invalid length.
[ 1237.565538][T16942] netlink: 17 bytes leftover after parsing attributes in process `syz.5.5150'.
[ 1237.569047][T16913] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.681167][T16913] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.821144][T21314] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1237.845027][ T5815] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1237.858652][ T5815] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1237.875288][ T5815] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1237.988095][ T5825] usb 42-1: device descriptor read/8, error -110
[ 1237.996091][T16974] fuse: Unknown parameter ''
[ 1237.999308][T16974] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5153'.
[ 1238.001714][T16974] bridge_slave_1: left allmulticast mode
[ 1238.003426][T16974] bridge_slave_1: left promiscuous mode
[ 1238.005226][T16974] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1238.009653][T16974] bridge_slave_0: left allmulticast mode
[ 1238.011472][T16974] bridge_slave_0: left promiscuous mode
[ 1238.013522][T16974] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1238.179984][ T5846] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1238.482403][ T5825] usb usb42-port1: attempt power cycle
[ 1238.987337][T16989] FAULT_INJECTION: forcing a failure.
[ 1238.987337][T16989] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1238.991311][T16989] CPU: 0 UID: 0 PID: 16989 Comm: syz.5.5156 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1238.991340][T16989] Tainted: [L]=SOFTLOCKUP
[ 1238.991344][T16989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1238.991351][T16989] Call Trace:
[ 1238.991356][T16989]  <TASK>
[ 1238.991361][T16989]  dump_stack_lvl+0x100/0x190
[ 1238.991379][T16989]  should_fail_ex.cold+0x5/0xa
[ 1238.991395][T16989]  copy_fpstate_to_sigframe+0x82d/0xae0
[ 1238.991411][T16989]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 1238.991426][T16989]  ? posixtimer_deliver_signal+0x19d/0x6e0
[ 1238.991441][T16989]  ? x86_task_fpu+0x5f/0x90
[ 1238.991460][T16989]  get_sigframe+0x3fb/0x940
[ 1238.991477][T16989]  ? __pfx_get_sigframe+0x10/0x10
[ 1238.991492][T16989]  ? rcu_is_watching+0x12/0xc0
[ 1238.991514][T16989]  ? siginfo_layout+0x156/0x290
[ 1238.991539][T16989]  ia32_setup_rt_frame+0xe7/0xaf0
[ 1238.991570][T16989]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[ 1238.991593][T16989]  ? __pfx___sys_recvfrom+0x10/0x10
[ 1238.991613][T16989]  arch_do_signal_or_restart+0x459/0x7a0
[ 1238.991626][T16989]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1238.991646][T16989]  exit_to_user_mode_loop+0x139/0x6f0
[ 1238.991659][T16989]  ? rcu_is_watching+0x12/0xc0
[ 1238.991674][T16989]  __do_fast_syscall_32+0x701/0x970
[ 1238.991687][T16989]  ? lockdep_hardirqs_on+0x78/0x100
[ 1238.991707][T16989]  do_fast_syscall_32+0x32/0x70
[ 1238.991719][T16989]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1238.991734][T16989] RIP: 0023:0xf704efea
[ 1238.991744][T16989] Code: 19 85 d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1238.991756][T16989] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000173
[ 1238.991768][T16989] RAX: 0000000000000173 RBX: 0000000000000005 RCX: 0000000000000000
[ 1238.991775][T16989] RDX: 00000000ffffff26 RSI: 0000000000010000 RDI: 0000000000000000
[ 1238.991782][T16989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1238.991788][T16989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1238.991795][T16989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1238.991823][T16989]  </TASK>
[ 1239.226507][ T5825] usb usb42-port1: unable to enumerate USB device
[ 1239.314736][ T5846] usb 9-1: config index 0 descriptor too short (expected 39, got 27)
[ 1239.318612][ T5846] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1239.322515][ T5846] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1239.329892][ T5846] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1239.334145][ T5846] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1239.337417][ T5846] usb 9-1: Product: syz
[ 1239.339178][ T5846] usb 9-1: Manufacturer: syz
[ 1239.341083][ T5846] usb 9-1: SerialNumber: syz
[ 1239.347449][ T5846] usb 9-1: config 0 descriptor??
[ 1239.356545][ T5846] hub 9-1:0.0: bad descriptor, ignoring hub
[ 1239.359112][ T5846] hub 9-1:0.0: probe with driver hub failed with error -5
[ 1239.364941][ T5846] usb 9-1: selecting invalid altsetting 0
[ 1239.469759][T11024] IPVS: starting estimator thread 0...
[ 1239.568982][T17006] IPVS: using max 46 ests per chain, 110400 per kthread
[ 1239.576570][T16968] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5152'.
[ 1240.105163][T17035] FAULT_INJECTION: forcing a failure.
[ 1240.105163][T17035] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1240.109789][T17035] CPU: 1 UID: 0 PID: 17035 Comm: syz.5.5161 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1240.109821][T17035] Tainted: [L]=SOFTLOCKUP
[ 1240.109826][T17035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1240.109833][T17035] Call Trace:
[ 1240.109838][T17035]  <TASK>
[ 1240.109843][T17035]  dump_stack_lvl+0x100/0x190
[ 1240.109863][T17035]  should_fail_ex.cold+0x5/0xa
[ 1240.109878][T17035]  _copy_to_user+0x32/0xd0
[ 1240.109896][T17035]  simple_read_from_buffer+0xcb/0x170
[ 1240.109917][T17035]  proc_fail_nth_read+0x1af/0x230
[ 1240.109933][T17035]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1240.109950][T17035]  ? rw_verify_area+0xce/0x6d0
[ 1240.109967][T17035]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1240.109982][T17035]  vfs_read+0x1e4/0xb40
[ 1240.109995][T17035]  ? __pfx_vfs_read+0x10/0x10
[ 1240.110004][T17035]  ? find_held_lock+0x2b/0x80
[ 1240.110020][T17035]  ? __fget_files+0x215/0x3d0
[ 1240.110036][T17035]  ? __fget_files+0x21f/0x3d0
[ 1240.110051][T17035]  ksys_read+0x12a/0x250
[ 1240.110061][T17035]  ? __pfx_ksys_read+0x10/0x10
[ 1240.110076][T17035]  do_int80_emulation+0x14b/0x720
[ 1240.110090][T17035]  asm_int80_emulation+0x1a/0x20
[ 1240.110101][T17035] RIP: 0023:0xf71871eb
[ 1240.110111][T17035] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1240.110123][T17035] RSP: 002b:00000000f53fb4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1240.110134][T17035] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f53fb5d0
[ 1240.110166][T17035] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1240.110177][T17035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1240.110186][T17035] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1240.110200][T17035] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1240.110215][T17035]  </TASK>
[ 1240.499412][T21489] usb 9-1: reset high-speed USB device number 11 using dummy_hcd
[ 1241.004825][T21489] usb 9-1: failed to restore interface 0 altsetting 251 (error=-71)
[ 1241.010882][T21489] usb 9-1: USB disconnect, device number 11
[ 1241.208137][T17051] 
: renamed from bond_slave_0 (while UP)
[ 1241.905546][    C3] vxcan1: j1939_tp_rxtimer: 0xffff888052eb8400: rx timeout, send abort
[ 1242.439964][    C3] vxcan1: j1939_tp_rxtimer: 0xffff888052eb9800: rx timeout, send abort
[ 1242.442835][    C3] vxcan1: j1939_tp_rxtimer: 0xffff888052eb8400: abort rx timeout. Force session deactivation
[ 1242.744916][T17122] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[ 1242.977165][    C3] vxcan1: j1939_tp_rxtimer: 0xffff888052eb9800: abort rx timeout. Force session deactivation
[ 1243.041305][T17129] Invalid source name
[ 1243.043801][T17129] UBIFS error (pid: 17129): cannot open "./file0", error -22
[ 1243.210630][ T5749] Bluetooth: hci1: unexpected event for opcode 0x080c
[ 1244.328062][T17171] vxcan0: tx drop: invalid da for name 0x0000000000000002
[ 1244.639283][T17186] xt_connbytes: Forcing CT accounting to be enabled
[ 1244.641377][T17186] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1244.693902][T17186] bond2: Removing last arp target with arp_interval on
[ 1244.697551][T17186] bond2: entered promiscuous mode
[ 1244.699336][T17186] bond2: entered allmulticast mode
[ 1244.702053][T17186] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1244.728926][T17221] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5188'.
[ 1244.783777][ T8656] libceph: connect (1)[c::]:6789 error -101
[ 1244.787533][ T8656] libceph: mon0 (1)[c::]:6789 connect error
[ 1244.845957][T17186] ceph: No mds server is up or the cluster is laggy
[ 1245.453995][T17264] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5195'.
[ 1245.761135][T17280] binder: 17272:17280 ioctl c00c620f 800003c0 returned -22
[ 1246.904707][T17300] Invalid source name
[ 1246.906160][T17300] UBIFS error (pid: 17300): cannot open "./file0", error -22
[ 1247.951138][T17332] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5211'.
[ 1248.320838][   T41] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1248.414150][T17355] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5215'.
[ 1248.780703][   T41] usb 9-1: device descriptor read/64, error -71
[ 1249.047644][   T41] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1249.197892][   T41] usb 9-1: device descriptor read/64, error -71
[ 1249.317516][   T41] usb usb9-port1: attempt power cycle
[ 1249.635857][T17381] 
: renamed from bond_slave_0 (while UP)
[ 1249.705653][   T41] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[ 1249.724510][   T41] usb 9-1: device descriptor read/8, error -71
[ 1249.999290][   T41] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 1250.031383][   T41] usb 9-1: device descriptor read/8, error -71
[ 1250.148784][   T41] usb usb9-port1: unable to enumerate USB device
[ 1250.226890][T17389] dlm: Unknown command passed to DLM device : 3
[ 1250.226890][T17389] 
[ 1250.446778][T17397] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1250.449224][T17397] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1250.452672][T17397] bridge0: entered promiscuous mode
[ 1251.172937][T17430] netlink: 14 bytes leftover after parsing attributes in process `syz.5.5229'.
[ 1251.206954][T17388] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1251.429226][T17463] overlayfs: failed to resolve './file0': -2
[ 1251.583386][T17477] netlink: 'syz.2.5242': attribute type 11 has an invalid length.
[ 1251.631861][T17480] input: syz1 as /devices/virtual/input/input66
[ 1251.909240][T17493] netlink: 512 bytes leftover after parsing attributes in process `syz.2.5245'.
[ 1251.997665][T17492] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1252.648690][T21489] usb 9-1: new low-speed USB device number 16 using dummy_hcd
[ 1252.789164][T21489] usb 9-1: device descriptor read/64, error -71
[ 1253.065453][T21489] usb 9-1: new low-speed USB device number 17 using dummy_hcd
[ 1253.215065][T21489] usb 9-1: device descriptor read/64, error -71
[ 1253.332861][T21489] usb usb9-port1: attempt power cycle
[ 1253.696723][T21489] usb 9-1: new low-speed USB device number 18 using dummy_hcd
[ 1253.728754][T21489] usb 9-1: device descriptor read/8, error -71
[ 1253.984536][T21489] usb 9-1: new low-speed USB device number 19 using dummy_hcd
[ 1254.028339][T21489] usb 9-1: device descriptor read/8, error -71
[ 1254.144947][T21489] usb usb9-port1: unable to enumerate USB device
[ 1254.591276][T17495] Set syz1 is full, maxelem 65536 reached
[ 1255.680185][   T42] audit: type=1400 audit(1782641264.663:902): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//&@\)//&" pid=17558 comm="syz.4.5260"
[ 1255.746208][T17560] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5260'.
[ 1256.546349][T17569] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1256.548406][T17569] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1256.551969][ T5749] Bluetooth: hci1: unexpected event for opcode 0x0c05
[ 1256.761209][T17583] 
: renamed from bond_slave_0 (while UP)
[ 1256.830605][T17589] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5266'.
[ 1257.462857][T17622] 9p: Bad value for 'rfdno'
[ 1257.609630][T17633] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5275'.
[ 1258.713682][T17676] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 1258.715782][T17676] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1258.722206][T17676] vhci_hcd vhci_hcd.0: Device attached
[ 1258.854715][T17678] vhci_hcd: connection closed
[ 1258.855131][   T12] vhci_hcd vhci_hcd.4: stop threads
[ 1258.863393][   T12] vhci_hcd vhci_hcd.4: release socket
[ 1258.865522][   T12] vhci_hcd vhci_hcd.4: disconnect device
[ 1260.287745][T17709] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1261.828348][  T493] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1262.915048][T17823] batadv_slave_1: entered promiscuous mode
[ 1262.923272][T17823] pim6reg: entered allmulticast mode
[ 1262.927031][T17823] pim6reg: left allmulticast mode
[ 1262.960766][  T493] usb 10-1: Using ep0 maxpacket: 16
[ 1262.963125][  T493] usb 10-1: too many configurations: 123, using maximum allowed: 8
[ 1262.966815][  T493] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.970856][  T493] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.974893][  T493] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.978820][  T493] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.984095][  T493] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.989161][  T493] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.994331][  T493] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.998665][  T493] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1263.004286][  T493] usb 10-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1263.007922][  T493] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[ 1263.011107][  T493] usb 10-1: SerialNumber: syz
[ 1263.015442][  T493] usb 10-1: config 0 descriptor??
[ 1263.020048][T17822] batadv_slave_1: left promiscuous mode
[ 1263.141862][T17835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1263.167055][  T493] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input67
[ 1263.259737][T17796] netlink: 14 bytes leftover after parsing attributes in process `syz.5.5297'.
[ 1263.272666][T17796] bond0 (unregistering): (slave 
3
0
): Releasing backup interface
[ 1263.278683][T17796] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1263.283583][T17796] bond0 (unregistering): Released all slaves
[ 1263.412368][T17850] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1263.457092][T17796] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5297'.
[ 1263.616206][ T5132] bcm5974 10-1:0.0: could not read from device
[ 1263.694647][ T5132] bcm5974 10-1:0.0: could not read from device
[ 1263.696755][  T493] usb 10-1: USB disconnect, device number 4
[ 1264.345064][T17891] openvswitch: netlink: Missing key (keys=40, expected=100)
[ 1264.434997][T17897] netlink: 232 bytes leftover after parsing attributes in process `syz.5.5314'.
[ 1264.438230][T17897] netlink: 232 bytes leftover after parsing attributes in process `syz.5.5314'.
[ 1264.617670][T17909] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5317'.
[ 1264.662154][T17900] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1265.478400][T20789] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1265.489383][T20789] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1265.533186][T20789] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1265.587970][T20789] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1267.570183][T18004] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[ 1267.572270][T18004] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1267.576250][T18004] vhci_hcd vhci_hcd.0: Device attached
[ 1267.678894][T18013] netlink: 'syz.4.5333': attribute type 58 has an invalid length.
[ 1267.683850][T18013] netlink: 152 bytes leftover after parsing attributes in process `syz.4.5333'.
[ 1267.708823][T18016] bridge_slave_0: left allmulticast mode
[ 1267.710820][T18016] bridge_slave_0: left promiscuous mode
[ 1267.712750][T18016] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1267.717447][T18016] bridge_slave_1: left allmulticast mode
[ 1267.719481][T18016] bridge_slave_1: left promiscuous mode
[ 1267.722071][T18016] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1267.729134][T18016] bond0: (slave 
3
0
): Releasing backup interface
[ 1267.740420][T18016] bond0: (slave bond_slave_1): Releasing backup interface
[ 1267.753090][T18016] team0: Port device team_slave_0 removed
[ 1267.771066][T18016] team0: Port device team_slave_1 removed
[ 1267.774331][T18016] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1267.777475][T18016] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1267.785918][T18016] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1267.788990][T18016] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1267.797628][T18016] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1267.809955][T18020] team0: Mode changed to "random"
[ 1267.827435][T18023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5336'.
[ 1267.827605][T18016] vlan0: entered promiscuous mode
[ 1267.852725][T18016] team0: Port device vlan0 added
[ 1267.855078][T21412] usb 48-1: SetAddress Request (2) to port 0
[ 1267.857632][T21412] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1267.863712][T18023] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1267.868228][T18023] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1267.873046][T18023] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1267.876909][T18023] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1267.892212][T18016] tipc: Started in network mode
[ 1267.895041][T18016] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1267.899293][T18016] tipc: Enabled bearer <eth:team0>, priority 0
[ 1267.912587][T18026] fuse: Bad value for 'fd'
[ 1267.960548][T18032] syzkaller1: entered promiscuous mode
[ 1267.962911][T18032] syzkaller1: entered allmulticast mode
[ 1268.181527][T18005] vhci_hcd: connection reset by peer
[ 1268.183960][T21314] vhci_hcd vhci_hcd.5: stop threads
[ 1268.186896][T21314] vhci_hcd vhci_hcd.5: release socket
[ 1268.190802][T21314] vhci_hcd vhci_hcd.5: disconnect device
[ 1269.182090][  T493] tipc: Node number set to 11578026
[ 1269.387765][T18078] FAULT_INJECTION: forcing a failure.
[ 1269.387765][T18078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1269.393193][T18078] CPU: 1 UID: 0 PID: 18078 Comm: syz.3.5345 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1269.393222][T18078] Tainted: [L]=SOFTLOCKUP
[ 1269.393229][T18078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1269.393240][T18078] Call Trace:
[ 1269.393246][T18078]  <TASK>
[ 1269.393254][T18078]  dump_stack_lvl+0x100/0x190
[ 1269.393280][T18078]  should_fail_ex.cold+0x5/0xa
[ 1269.393305][T18078]  _copy_from_user+0x2e/0xd0
[ 1269.393332][T18078]  get_compat_msghdr+0xb3/0x480
[ 1269.393357][T18078]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1269.393382][T18078]  ? rcu_is_watching+0x12/0xc0
[ 1269.393405][T18078]  ? ___sys_recvmsg+0x177/0x1a0
[ 1269.393430][T18078]  ? kfree+0x1e5/0x6c0
[ 1269.393446][T18078]  ? __lock_acquire+0x49f/0x1a40
[ 1269.393467][T18078]  ___sys_recvmsg+0x193/0x1a0
[ 1269.393495][T18078]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1269.393537][T18078]  ? __pfx___might_resched+0x10/0x10
[ 1269.393571][T18078]  do_recvmmsg+0x54d/0x740
[ 1269.393601][T18078]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1269.393644][T18078]  ? find_held_lock+0x2b/0x80
[ 1269.393669][T18078]  ? ksys_write+0x190/0x250
[ 1269.393690][T18078]  ? ksys_write+0x190/0x250
[ 1269.393716][T18078]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1269.393770][T18078]  __sys_recvmmsg+0x21f/0x270
[ 1269.393793][T18078]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1269.393817][T18078]  ? ksys_write+0x1ac/0x250
[ 1269.393837][T18078]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[ 1269.393863][T18078]  ? __do_fast_syscall_32+0x98/0x970
[ 1269.393880][T18078]  ? lockdep_hardirqs_on+0x78/0x100
[ 1269.393907][T18078]  __do_fast_syscall_32+0xe7/0x970
[ 1269.393924][T18078]  ? lockdep_hardirqs_on+0x78/0x100
[ 1269.393953][T18078]  do_fast_syscall_32+0x32/0x70
[ 1269.393970][T18078]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1269.393992][T18078] RIP: 0023:0xf707efec
[ 1269.394012][T18078] Code: Unable to access opcode bytes at 0xf707efc2.
[ 1269.394020][T18078] RSP: 002b:00000000f546d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[ 1269.394038][T18078] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800031c0
[ 1269.394049][T18078] RDX: 0000000000000300 RSI: 0000000000000022 RDI: 0000000000000000
[ 1269.394060][T18078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1269.394070][T18078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1269.394080][T18078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1269.394103][T18078]  </TASK>
[ 1269.548384][T18086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5347'.
[ 1269.553610][T18086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5347'.
[ 1269.622852][T18094] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5348'.
[ 1269.650757][T18100] loop5: detected capacity change from 0 to 7
[ 1269.657209][T18100]  loop5:
[ 1269.658125][T18100] loop5: partition table partially beyond EOD, truncated
[ 1269.746710][T18112] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1270.023293][T18127] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1270.025910][T18127] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1270.029878][T18127] vhci_hcd vhci_hcd.0: Device attached
[ 1270.034988][T21489] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1270.050652][T18127] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5353'.
[ 1270.207000][T21489] usb 10-1: Using ep0 maxpacket: 32
[ 1270.211329][T21489] usb 10-1: config 0 has no interfaces?
[ 1270.216133][T21489] usb 10-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[ 1270.220409][T21489] usb 10-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[ 1270.230545][T21489] usb 10-1: Product: syz
[ 1270.234201][T21489] usb 10-1: Manufacturer: syz
[ 1270.236244][T21489] usb 10-1: SerialNumber: syz
[ 1270.246026][T21489] usb 10-1: config 0 descriptor??
[ 1270.315354][ T5825] usb 46-1: SetAddress Request (2) to port 0
[ 1270.323434][ T5825] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1270.477003][T21489] usb 10-1: USB disconnect, device number 5
[ 1270.686796][T18128] vhci_hcd: connection reset by peer
[ 1270.692750][ T5817] vhci_hcd vhci_hcd.4: stop threads
[ 1270.694944][ T5817] vhci_hcd vhci_hcd.4: release socket
[ 1270.697235][ T5817] vhci_hcd vhci_hcd.4: disconnect device
[ 1271.014095][   T42] audit: type=1800 audit(1782641279.009:903): pid=18179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5357" name="file0" dev="overlay" ino=500 res=0 errno=0
[ 1271.391587][T18200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5362'.
[ 1272.040414][T18228] binder: 18227:18228 ioctl c0306201 0 returned -14
[ 1272.323883][T18236] FAULT_INJECTION: forcing a failure.
[ 1272.323883][T18236] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1272.327969][T18236] CPU: 0 UID: 0 PID: 18236 Comm: syz.5.5371 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1272.327999][T18236] Tainted: [L]=SOFTLOCKUP
[ 1272.328004][T18236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1272.328011][T18236] Call Trace:
[ 1272.328016][T18236]  <TASK>
[ 1272.328021][T18236]  dump_stack_lvl+0x100/0x190
[ 1272.328039][T18236]  should_fail_ex.cold+0x5/0xa
[ 1272.328054][T18236]  _copy_from_user+0x2e/0xd0
[ 1272.328072][T18236]  get_compat_msghdr+0xb3/0x480
[ 1272.328088][T18236]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1272.328105][T18236]  ? rcu_is_watching+0x12/0xc0
[ 1272.328119][T18236]  ? ___sys_recvmsg+0x177/0x1a0
[ 1272.328136][T18236]  ? kfree+0x1e5/0x6c0
[ 1272.328146][T18236]  ? lockdep_hardirqs_on+0x78/0x100
[ 1272.328166][T18236]  ___sys_recvmsg+0x193/0x1a0
[ 1272.328184][T18236]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1272.328210][T18236]  ? __pfx___might_resched+0x10/0x10
[ 1272.328231][T18236]  do_recvmmsg+0x54d/0x740
[ 1272.328251][T18236]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1272.328271][T18236]  ? trace_sched_exit_tp+0x120/0x160
[ 1272.328285][T18236]  ? __schedule+0x126e/0x6730
[ 1272.328306][T18236]  ? irqentry_exit+0x24d/0xa00
[ 1272.328332][T18236]  __sys_recvmmsg+0x21f/0x270
[ 1272.328347][T18236]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1272.328362][T18236]  ? exit_to_user_mode_loop+0x166/0x6f0
[ 1272.328376][T18236]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[ 1272.328394][T18236]  ? __do_fast_syscall_32+0x98/0x970
[ 1272.328405][T18236]  ? lockdep_hardirqs_on+0x78/0x100
[ 1272.328423][T18236]  __do_fast_syscall_32+0xe7/0x970
[ 1272.328434][T18236]  ? lockdep_hardirqs_on+0x78/0x100
[ 1272.328453][T18236]  do_fast_syscall_32+0x32/0x70
[ 1272.328464][T18236]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1272.328479][T18236] RIP: 0023:0xf704efec
[ 1272.328492][T18236] Code: Unable to access opcode bytes at 0xf704efc2.
[ 1272.328498][T18236] RSP: 002b:00000000f53fb50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[ 1272.328509][T18236] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080005000
[ 1272.328516][T18236] RDX: 0000000004000169 RSI: 0000000000000060 RDI: 0000000000000000
[ 1272.328523][T18236] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1272.328530][T18236] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1272.328536][T18236] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1272.328550][T18236]  </TASK>
[ 1273.307182][T21412] usb 48-1: device descriptor read/8, error -110
[ 1273.507420][T18271] netlink: 72 bytes leftover after parsing attributes in process `syz.5.5377'.
[ 1273.765303][T21412] usb usb48-port1: attempt power cycle
[ 1273.816538][T18277] IPVS: stopping backup sync thread 16634 ...
[ 1274.347053][T18292] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5382'.
[ 1274.363590][T21412] usb usb48-port1: unable to enumerate USB device
[ 1274.402486][T18299] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[ 1274.516880][   T42] audit: type=1800 audit(1782641282.293:904): pid=18306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5387" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1274.599116][T18312] 9p: Could not find request transport: v
[ 1274.622217][T18312] 9p: Could not find request transport: v
[ 1274.652961][T18312] 9p: Could not find request transport: v
[ 1274.683075][T18312] 9p: Could not find request transport: v
[ 1274.821742][T18322] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1274.856125][T18312] 9p: Could not find request transport: v
[ 1274.902142][T18312] 9p: Could not find request transport: v
[ 1274.935491][T18312] 9p: Could not find request transport: v
[ 1274.971283][T18312] 9p: Could not find request transport: v
[ 1275.013396][T18312] 9p: Could not find request transport: v
[ 1275.051068][T18312] 9p: Could not find request transport: v
[ 1275.092894][T18312] 9p: Could not find request transport: v
[ 1275.131657][T18312] 9p: Could not find request transport: v
[ 1275.169009][T18312] 9p: Could not find request transport: v
[ 1275.317929][T18312] 9p: Could not find request transport: v
[ 1275.366903][T18312] 9p: Could not find request transport: v
[ 1275.435189][T18312] 9p: Could not find request transport: v
[ 1275.450176][T18312] 9p: Could not find request transport: v
[ 1275.724007][T18346] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1275.784184][ T5825] usb 46-1: device descriptor read/8, error -110
[ 1275.787078][T18363] binder: 18362:18363 ioctl c0306201 0 returned -14
[ 1275.789946][T18363] FAULT_INJECTION: forcing a failure.
[ 1275.789946][T18363] name failslab, interval 1, probability 0, space 0, times 0
[ 1275.798655][T18363] CPU: 0 UID: 0 PID: 18363 Comm: syz.4.5394 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1275.798674][T18363] Tainted: [L]=SOFTLOCKUP
[ 1275.798679][T18363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1275.798685][T18363] Call Trace:
[ 1275.798690][T18363]  <TASK>
[ 1275.798694][T18363]  dump_stack_lvl+0x100/0x190
[ 1275.798712][T18363]  should_fail_ex.cold+0x5/0xa
[ 1275.798728][T18363]  should_failslab+0xc2/0x120
[ 1275.798745][T18363]  __kmalloc_cache_noprof+0x91/0x6c0
[ 1275.798757][T18363]  ? rcu_is_watching+0x12/0xc0
[ 1275.798772][T18363]  ? binder_alloc_new_buf+0x1929/0x3050
[ 1275.798792][T18363]  binder_alloc_new_buf+0x1929/0x3050
[ 1275.798815][T18363]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[ 1275.798835][T18363]  binder_transaction+0x1eb9/0x9bc0
[ 1275.798861][T18363]  ? __lock_acquire+0x49f/0x1a40
[ 1275.798874][T18363]  ? __pfx_binder_transaction+0x10/0x10
[ 1275.798890][T18363]  ? __lock_acquire+0x49f/0x1a40
[ 1275.798907][T18363]  ? __lock_acquire+0x49f/0x1a40
[ 1275.798927][T18363]  ? __lock_acquire+0x49f/0x1a40
[ 1275.798938][T18363]  ? __lock_acquire+0x49f/0x1a40
[ 1275.798949][T18363]  ? __pfx_widen_string+0x10/0x10
[ 1275.798967][T18363]  ? find_held_lock+0x2b/0x80
[ 1275.798981][T18363]  ? __might_fault+0xc5/0x140
[ 1275.798993][T18363]  ? __might_fault+0xc5/0x140
[ 1275.799010][T18363]  binder_thread_write+0x12f4/0x4db0
[ 1275.799027][T18363]  ? kasan_save_track+0x14/0x30
[ 1275.799041][T18363]  ? kasan_save_free_info+0x3b/0x70
[ 1275.799055][T18363]  ? __pfx_binder_thread_write+0x10/0x10
[ 1275.799072][T18363]  ? binder_debug+0xe0/0x190
[ 1275.799084][T18363]  ? __pfx_binder_debug+0x10/0x10
[ 1275.799097][T18363]  ? binder_debug+0xe0/0x190
[ 1275.799109][T18363]  ? __pfx_binder_debug+0x10/0x10
[ 1275.799130][T18363]  ? __pfx_binder_ioctl+0x10/0x10
[ 1275.799144][T18363]  binder_ioctl+0x28ca/0x74a0
[ 1275.799162][T18363]  ? tomoyo_path_number_perm+0x28f/0x580
[ 1275.799176][T18363]  ? tomoyo_path_number_perm+0x28f/0x580
[ 1275.799192][T18363]  ? tomoyo_path_number_perm+0x188/0x580
[ 1275.799207][T18363]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1275.799222][T18363]  ? __pfx_binder_ioctl+0x10/0x10
[ 1275.799245][T18363]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1275.799263][T18363]  ? do_vfs_ioctl+0x226/0x13e0
[ 1275.799280][T18363]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1275.799300][T18363]  ? find_held_lock+0x2b/0x80
[ 1275.799314][T18363]  ? __fget_files+0x215/0x3d0
[ 1275.799324][T18363]  ? hook_file_ioctl_common+0x140/0x440
[ 1275.799341][T18363]  ? __fget_files+0x21f/0x3d0
[ 1275.799353][T18363]  ? __pfx_binder_ioctl+0x10/0x10
[ 1275.799368][T18363]  compat_ptr_ioctl+0x6e/0xa0
[ 1275.799383][T18363]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[ 1275.799399][T18363]  __ia32_compat_sys_ioctl+0x2cf/0x360
[ 1275.799418][T18363]  __do_fast_syscall_32+0xe7/0x970
[ 1275.799429][T18363]  ? lockdep_hardirqs_on+0x78/0x100
[ 1275.799448][T18363]  do_fast_syscall_32+0x32/0x70
[ 1275.799460][T18363]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1275.799475][T18363] RIP: 0023:0xf7fd4fec
[ 1275.799488][T18363] Code: Unable to access opcode bytes at 0xf7fd4fc2.
[ 1275.799494][T18363] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1275.799505][T18363] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0306201
[ 1275.799512][T18363] RDX: 0000000080000680 RSI: 0000000000000000 RDI: 0000000000000000
[ 1275.799519][T18363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1275.799526][T18363] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1275.799532][T18363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1275.799546][T18363]  </TASK>
[ 1275.991510][T18346] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.147920][T18346] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.244132][ T5825] usb usb46-port1: attempt power cycle
[ 1276.252461][T18416] IPVS: set_ctl: invalid protocol: 8 100.1.1.0:20004
[ 1276.262808][T18416] IPVS: wrr: FWM 3 0x00000003 - no destination available
[ 1276.485253][T18346] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.854882][ T5825] usb usb46-port1: unable to enumerate USB device
[ 1276.891149][ T8655] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1277.360182][T20789] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1277.469186][   T12] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1277.494146][T20789] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1278.386448][T18484] nfs: Unknown parameter ''
[ 1279.721523][T18551] random: crng reseeded on system resumption
[ 1280.178385][T18555] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5420'.
[ 1280.875553][T18572] fuse: Bad value for 'fd'
[ 1281.847771][ T5749] Bluetooth: hci1: unexpected event 0x18 length: 247 > 23
[ 1281.858438][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888071d9c400: rx timeout, send abort
[ 1282.392931][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888071d9d000: rx timeout, send abort
[ 1282.397341][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888071d9c400: abort rx timeout. Force session deactivation
[ 1282.439094][T18604] loop5: detected capacity change from 0 to 7
[ 1282.444609][T18604]  loop5:
[ 1282.445607][T18604] loop5: partition table partially beyond EOD, truncated
[ 1282.870432][T18619] ceph: No mds server is up or the cluster is laggy
[ 1282.929247][T18623] 8021q: adding VLAN 0 to HW filter on device eth0
[ 1282.931848][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888071d9d000: abort rx timeout. Force session deactivation
[ 1282.938610][T18623] 8021q: adding VLAN 0 to HW filter on device eth1
[ 1282.943204][T18623] 8021q: adding VLAN 0 to HW filter on device eth2
[ 1282.948116][T18623] 8021q: adding VLAN 0 to HW filter on device eth3
[ 1283.970204][T18643] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5437'.
[ 1284.121260][T18647] input: syz0 as /devices/virtual/input/input70
[ 1284.433585][T18588] netlink: 76 bytes leftover after parsing attributes in process `syz.4.5428'.
[ 1284.521402][T18671] netlink: 'syz.5.5440': attribute type 4 has an invalid length.
[ 1284.737972][T18671] netlink: 17 bytes leftover after parsing attributes in process `syz.5.5440'.
[ 1284.962348][T18666] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5442'.
[ 1285.554360][T18686] bridge_slave_0: left allmulticast mode
[ 1285.556102][T18686] bridge_slave_0: left promiscuous mode
[ 1285.557874][T18686] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1285.562702][T18686] bridge_slave_1: left allmulticast mode
[ 1285.564772][T18686] bridge_slave_1: left promiscuous mode
[ 1285.566717][T18686] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1285.572076][T18686] bond0: (slave 
3
0
): Releasing backup interface
[ 1285.577081][T18686] bond0: (slave bond_slave_1): Releasing backup interface
[ 1285.586238][T18686] team0: Port device team_slave_0 removed
[ 1285.591403][T18686] team0: Port device team_slave_1 removed
[ 1285.596547][T18686] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1285.835489][T18700] : entered promiscuous mode
[ 1286.603905][T18745] ipip0: entered allmulticast mode
[ 1286.644530][T18745] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5460'.
[ 1286.817428][T18797] Invalid source name
[ 1286.818820][T18797] UBIFS error (pid: 18797): cannot open "./file0", error -22
[ 1288.061002][T18833] netlink: 84 bytes leftover after parsing attributes in process `syz.5.5475'.
[ 1288.069170][T18833] netlink: 84 bytes leftover after parsing attributes in process `syz.5.5475'.
[ 1288.090659][T18841] netlink: 'syz.3.5476': attribute type 1 has an invalid length.
[ 1288.094988][T18841] netlink: 216 bytes leftover after parsing attributes in process `syz.3.5476'.
[ 1288.224207][T18852] FAULT_INJECTION: forcing a failure.
[ 1288.224207][T18852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1288.229478][T18852] CPU: 1 UID: 0 PID: 18852 Comm: syz.4.5479 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1288.229505][T18852] Tainted: [L]=SOFTLOCKUP
[ 1288.229511][T18852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1288.229521][T18852] Call Trace:
[ 1288.229528][T18852]  <TASK>
[ 1288.229535][T18852]  dump_stack_lvl+0x100/0x190
[ 1288.229561][T18852]  should_fail_ex.cold+0x5/0xa
[ 1288.229584][T18852]  _copy_from_user+0x2e/0xd0
[ 1288.229608][T18852]  generic_map_update_batch+0x4bb/0x800
[ 1288.229633][T18852]  ? __pfx_generic_map_update_batch+0x10/0x10
[ 1288.229656][T18852]  ? __pfx_generic_map_update_batch+0x10/0x10
[ 1288.229674][T18852]  bpf_map_do_batch+0x66f/0x6d0
[ 1288.229700][T18852]  __sys_bpf+0x4ce/0x4e80
[ 1288.229725][T18852]  ? __pfx___sys_bpf+0x10/0x10
[ 1288.229744][T18852]  ? find_held_lock+0x2b/0x80
[ 1288.229765][T18852]  ? get_pid_task+0xfc/0x250
[ 1288.229785][T18852]  ? get_pid_task+0xfc/0x250
[ 1288.229811][T18852]  ? proc_fail_nth_write+0x9f/0x220
[ 1288.229833][T18852]  ? find_held_lock+0x2b/0x80
[ 1288.229856][T18852]  ? rcu_read_lock_any_held+0x6a/0xa0
[ 1288.229878][T18852]  ? find_held_lock+0x2b/0x80
[ 1288.229898][T18852]  ? ksys_write+0x190/0x250
[ 1288.229913][T18852]  ? ksys_write+0x190/0x250
[ 1288.229950][T18852]  ? fput+0x79/0x100
[ 1288.229972][T18852]  ? __ia32_sys_bpf+0xcc/0x170
[ 1288.229989][T18852]  __ia32_sys_bpf+0xcc/0x170
[ 1288.230008][T18852]  ? __do_fast_syscall_32+0x98/0x970
[ 1288.230027][T18852]  __do_fast_syscall_32+0xe7/0x970
[ 1288.230042][T18852]  ? lockdep_hardirqs_on+0x78/0x100
[ 1288.230069][T18852]  do_fast_syscall_32+0x32/0x70
[ 1288.230086][T18852]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1288.230106][T18852] RIP: 0023:0xf7fd4fec
[ 1288.230123][T18852] Code: Unable to access opcode bytes at 0xf7fd4fc2.
[ 1288.230131][T18852] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1288.230147][T18852] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 00000000800003c0
[ 1288.230158][T18852] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[ 1288.230168][T18852] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1288.230177][T18852] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1288.230187][T18852] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1288.230210][T18852]  </TASK>
[ 1290.391868][   T64] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1290.808806][T11024] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1291.065846][T11024] usb 10-1: config index 0 descriptor too short (expected 39, got 27)
[ 1291.073568][T11024] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1291.082704][T11024] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1291.090281][T11024] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1291.093136][T11024] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1291.095739][T11024] usb 10-1: Product: syz
[ 1291.097838][T11024] usb 10-1: Manufacturer: syz
[ 1291.099339][T11024] usb 10-1: SerialNumber: syz
[ 1291.103375][T11024] usb 10-1: config 0 descriptor??
[ 1291.109125][T11024] hub 10-1:0.0: bad descriptor, ignoring hub
[ 1291.111084][T11024] hub 10-1:0.0: probe with driver hub failed with error -5
[ 1291.116448][T11024] usb 10-1: selecting invalid altsetting 0
[ 1291.282683][T18922] ptrace attach of "/syz-executor exec"[13962] was attempted by "/syz-executor exec"[18922]
[ 1291.344762][T18900] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5489'.
[ 1291.461956][T11024] usb 10-1: USB disconnect, device number 6
[ 1292.123108][  T493] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1292.189285][T18975] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5494'.
[ 1292.285049][  T493] usb 10-1: config index 0 descriptor too short (expected 39, got 27)
[ 1292.287826][  T493] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1292.291341][  T493] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1292.295347][  T493] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1292.298459][  T493] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1292.301267][  T493] usb 10-1: Product: syz
[ 1292.302719][  T493] usb 10-1: Manufacturer: syz
[ 1292.304350][  T493] usb 10-1: SerialNumber: syz
[ 1292.312910][  T493] usb 10-1: config 0 descriptor??
[ 1292.316649][  T493] hub 10-1:0.0: bad descriptor, ignoring hub
[ 1292.319164][  T493] hub 10-1:0.0: probe with driver hub failed with error -5
[ 1292.323427][  T493] usb 10-1: selecting invalid altsetting 0
[ 1292.417613][T18988] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5495'.
[ 1292.564071][T18995] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[ 1292.566774][T18996] netlink: 'syz.2.5496': attribute type 22 has an invalid length.
[ 1292.569186][T18996] netlink: 'syz.2.5496': attribute type 1 has an invalid length.
[ 1292.570978][T18900] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1292.573306][T18996] netlink: 224 bytes leftover after parsing attributes in process `syz.2.5496'.
[ 1292.574383][T18900] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1292.743000][  T918] usb 10-1: USB disconnect, device number 7
[ 1292.857799][T19014] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5497'.
[ 1293.078100][T19024] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1293.370055][T19029] ipip0: entered allmulticast mode
[ 1293.413588][T19029] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5500'.
[ 1293.600543][T19071] netlink: 'syz.2.5502': attribute type 10 has an invalid length.
[ 1293.604077][T19071] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5502'.
[ 1293.609903][T19071] dummy0: entered promiscuous mode
[ 1294.340635][ T1437] ieee802154 phy1 wpan1: encryption failed: -22
[ 1294.971953][   T12] bond4 (unregistering): (slave geneve3): Releasing active interface
[ 1295.070614][   T12] bond0 (unregistering): Released all slaves
[ 1295.083640][   T12] bond1 (unregistering): Released all slaves
[ 1295.100220][   T12] bond2 (unregistering): Released all slaves
[ 1295.111797][   T12] bond3 (unregistering): Released all slaves
[ 1295.124902][   T12] bond4 (unregistering): Released all slaves
[ 1295.127760][T19094] Set syz1 is full, maxelem 65536 reached
[ 1295.140442][   T12] bond5 (unregistering): Released all slaves
[ 1295.152843][   T12] bond6 (unregistering): Released all slaves
[ 1295.420963][   T12] : left promiscuous mode
[ 1295.596279][   T12] tipc: Disabling bearer <eth:team0>
[ 1295.638573][   T12] tipc: Disabling bearer <udp:s>
[ 1295.640430][   T12] tipc: Left network mode
[ 1295.684356][T19122] netlink: 'syz.3.5515': attribute type 10 has an invalid length.
[ 1295.694342][T19122] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5515'.
[ 1295.724916][T19123] loop6: detected capacity change from 0 to 2640
[ 1295.727452][T19123] buffer_io_error: 11 callbacks suppressed
[ 1295.727462][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.732199][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.735218][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.737747][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.740322][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.743097][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.745789][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.748367][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.751388][T19123] ldm_validate_partition_table(): Disk read failed.
[ 1295.754774][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.757286][T19123] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1295.759751][T19123] Dev loop6: unable to read RDB block 0
[ 1295.761681][T19123]  loop6: unable to read partition table
[ 1295.763518][T19123] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[ 1295.784189][T19128] syzkaller0: entered promiscuous mode
[ 1295.794987][T19128] syzkaller0: entered allmulticast mode
[ 1295.902862][T19133] tap0: tun_chr_ioctl cmd 1074025672
[ 1295.904738][T19133] tap0: ignored: set checksum disabled
[ 1296.167695][T19163] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5520'.
[ 1296.343100][   T12] hsr_slave_0: left promiscuous mode
[ 1296.347876][   T12] hsr_slave_1: left promiscuous mode
[ 1296.361590][   T12] veth1_macvtap: left promiscuous mode
[ 1296.363602][   T12] veth0_macvtap: left promiscuous mode
[ 1296.378716][T19184] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5522'.
[ 1296.382394][T19183] dns_resolver: Unsupported content type (5)
[ 1296.432184][T19183] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5522'.
[ 1296.470233][T19190] FAULT_INJECTION: forcing a failure.
[ 1296.470233][T19190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1296.490487][T19190] CPU: 2 UID: 0 PID: 19190 Comm: syz.3.5523 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1296.490524][T19190] Tainted: [L]=SOFTLOCKUP
[ 1296.490528][T19190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1296.490535][T19190] Call Trace:
[ 1296.490540][T19190]  <TASK>
[ 1296.490545][T19190]  dump_stack_lvl+0x100/0x190
[ 1296.490564][T19190]  should_fail_ex.cold+0x5/0xa
[ 1296.490580][T19190]  _copy_from_user+0x2e/0xd0
[ 1296.490597][T19190]  do_bnep_sock_ioctl.isra.0+0x2ed/0x5b0
[ 1296.490616][T19190]  ? __pfx_do_bnep_sock_ioctl.isra.0+0x10/0x10
[ 1296.490639][T19190]  ? get_pid_task+0x106/0x250
[ 1296.490658][T19190]  ? __pfx_bnep_sock_compat_ioctl+0x10/0x10
[ 1296.490674][T19190]  bnep_sock_compat_ioctl+0x87/0x1d0
[ 1296.490691][T19190]  ? __pfx_bnep_sock_compat_ioctl+0x10/0x10
[ 1296.490708][T19190]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1296.490726][T19190]  ? __pfx_bnep_sock_compat_ioctl+0x10/0x10
[ 1296.490742][T19190]  compat_sock_ioctl+0x179/0x760
[ 1296.490763][T19190]  ? __pfx_compat_sock_ioctl+0x10/0x10
[ 1296.490782][T19190]  ? hook_file_ioctl_common+0x140/0x440
[ 1296.490799][T19190]  ? __fget_files+0x21f/0x3d0
[ 1296.490813][T19190]  ? __pfx_compat_sock_ioctl+0x10/0x10
[ 1296.490831][T19190]  __ia32_compat_sys_ioctl+0x2cf/0x360
[ 1296.490850][T19190]  __do_fast_syscall_32+0xe7/0x970
[ 1296.490862][T19190]  ? lockdep_hardirqs_on+0x78/0x100
[ 1296.490881][T19190]  do_fast_syscall_32+0x32/0x70
[ 1296.490892][T19190]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1296.490907][T19190] RIP: 0023:0xf707efec
[ 1296.490920][T19190] Code: Unable to access opcode bytes at 0xf707efc2.
[ 1296.490926][T19190] RSP: 002b:00000000f544c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1296.490937][T19190] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000400442c8
[ 1296.490944][T19190] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1296.490951][T19190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1296.490957][T19190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1296.490964][T19190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1296.490978][T19190]  </TASK>
[ 1296.565710][    C2] hpet: Lost 4 RTC interrupts
[ 1297.427229][T19196] binder: 19193:19196 ioctl c00c620f 800003c0 returned -22
[ 1298.335694][T19220] syzkaller0: entered promiscuous mode
[ 1298.337649][T19220] syzkaller0: entered allmulticast mode
[ 1299.544818][T19272] __nla_validate_parse: 1 callbacks suppressed
[ 1299.544836][T19272] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5537'.
[ 1300.456135][ T5749] Bluetooth: hci3: ACL packet too small
[ 1301.869331][   T12] IPVS: stop unused estimator thread 0...
[ 1304.575582][T19351] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5551'.
[ 1304.782829][T19351] netlink: 780 bytes leftover after parsing attributes in process `syz.2.5551'.
[ 1304.805554][T19362] loop6: detected capacity change from 0 to 2640
[ 1304.864163][T19362] buffer_io_error: 11 callbacks suppressed
[ 1304.864763][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.879759][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.884479][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.887984][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.892424][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.901121][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.906742][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.920692][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.929742][T19362] ldm_validate_partition_table(): Disk read failed.
[ 1304.961861][T19366] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2
[ 1304.966104][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.969621][T19366] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2
[ 1304.973068][T19362] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1304.976139][T19366] I/O error, dev loop6, sector 1008 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2
[ 1304.986091][T19362] Dev loop6: unable to read RDB block 0
[ 1304.996495][T19366] I/O error, dev loop6, sector 1008 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2
[ 1305.010506][T19362]  loop6: unable to read partition table
[ 1305.061305][T19362] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[ 1305.086333][T19366] I/O error, dev loop6, sector 2016 op 0x1:(WRITE) flags 0x8800 phys_seg 3 prio class 2
[ 1305.096124][T19366] I/O error, dev loop6, sector 2016 op 0x1:(WRITE) flags 0x8800 phys_seg 3 prio class 2
[ 1305.108422][T19366] I/O error, dev loop6, sector 2032 op 0x1:(WRITE) flags 0x8800 phys_seg 77 prio class 2
[ 1305.112148][T19366] I/O error, dev loop6, sector 2032 op 0x1:(WRITE) flags 0x8800 phys_seg 77 prio class 2
[ 1306.264934][T19397] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5558'.
[ 1306.593680][T19467] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1306.919961][   T42] audit: type=1326 audit(1782641312.613:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19471 comm="syz.5.5563" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf704efec code=0x0
[ 1306.980407][T19478] netlink: 'syz.5.5563': attribute type 10 has an invalid length.
[ 1307.640942][T19492] fuse: Bad value for 'user_id'
[ 1307.643163][T19492] fuse: Bad value for 'user_id'
[ 1308.140748][T19527] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1308.151161][T19527] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1308.432975][T19535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5569'.
[ 1309.101762][T19548] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1309.672358][T19561] fuse: Bad value for 'user_id'
[ 1309.674011][T19561] fuse: Bad value for 'user_id'
[ 1310.235610][T19567] FAULT_INJECTION: forcing a failure.
[ 1310.235610][T19567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1310.240758][T19567] CPU: 0 UID: 0 PID: 19567 Comm: syz.5.5577 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1310.240777][T19567] Tainted: [L]=SOFTLOCKUP
[ 1310.240782][T19567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1310.240789][T19567] Call Trace:
[ 1310.240793][T19567]  <TASK>
[ 1310.240798][T19567]  dump_stack_lvl+0x100/0x190
[ 1310.240815][T19567]  should_fail_ex.cold+0x5/0xa
[ 1310.240831][T19567]  _copy_from_user+0x2e/0xd0
[ 1310.240848][T19567]  get_compat_msghdr+0xb3/0x480
[ 1310.240864][T19567]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1310.240882][T19567]  ? tracing_record_taskinfo_sched_switch+0xac/0x560
[ 1310.240903][T19567]  ___sys_sendmsg+0x1b6/0x1e0
[ 1310.240922][T19567]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1310.240946][T19567]  ? find_held_lock+0x2b/0x80
[ 1310.240970][T19567]  __sys_sendmsg+0x160/0x210
[ 1310.240984][T19567]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1310.241005][T19567]  __do_fast_syscall_32+0xe7/0x970
[ 1310.241019][T19567]  do_fast_syscall_32+0x32/0x70
[ 1310.241031][T19567]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1310.241045][T19567] RIP: 0023:0xf704efec
[ 1310.241059][T19567] Code: Unable to access opcode bytes at 0xf704efc2.
[ 1310.241064][T19567] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1310.241075][T19567] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800000c0
[ 1310.241082][T19567] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1310.241089][T19567] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1310.241096][T19567] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1310.241102][T19567] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1310.241116][T19567]  </TASK>
[ 1310.493617][T19590] EXT4-fs (nbd4): unable to read superblock
[ 1310.568253][T19592] dvmrp0: entered allmulticast mode
[ 1310.882692][T19608] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[ 1311.884162][T19633] FAULT_INJECTION: forcing a failure.
[ 1311.884162][T19633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1311.889414][T19633] CPU: 1 UID: 0 PID: 19633 Comm: syz.5.5591 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1311.889442][T19633] Tainted: [L]=SOFTLOCKUP
[ 1311.889449][T19633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1311.889459][T19633] Call Trace:
[ 1311.889466][T19633]  <TASK>
[ 1311.889472][T19633]  dump_stack_lvl+0x100/0x190
[ 1311.889500][T19633]  should_fail_ex.cold+0x5/0xa
[ 1311.889524][T19633]  _copy_from_user+0x2e/0xd0
[ 1311.889551][T19633]  get_compat_msghdr+0xb3/0x480
[ 1311.889577][T19633]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1311.889601][T19633]  ? rcu_is_watching+0x12/0xc0
[ 1311.889623][T19633]  ? ___sys_recvmsg+0x177/0x1a0
[ 1311.889649][T19633]  ? kfree+0x1e5/0x6c0
[ 1311.889665][T19633]  ? __lock_acquire+0x49f/0x1a40
[ 1311.889687][T19633]  ___sys_recvmsg+0x193/0x1a0
[ 1311.889714][T19633]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1311.889756][T19633]  ? __pfx___might_resched+0x10/0x10
[ 1311.889789][T19633]  do_recvmmsg+0x54d/0x740
[ 1311.889821][T19633]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1311.889851][T19633]  ? find_held_lock+0x2b/0x80
[ 1311.889872][T19633]  ? ksys_write+0x190/0x250
[ 1311.889889][T19633]  ? ksys_write+0x190/0x250
[ 1311.889915][T19633]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1311.889948][T19633]  __sys_recvmmsg+0x21f/0x270
[ 1311.889972][T19633]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1311.889995][T19633]  ? ksys_write+0x1ac/0x250
[ 1311.890015][T19633]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[ 1311.890039][T19633]  ? __do_fast_syscall_32+0x98/0x970
[ 1311.890056][T19633]  ? lockdep_hardirqs_on+0x78/0x100
[ 1311.890083][T19633]  __do_fast_syscall_32+0xe7/0x970
[ 1311.890106][T19633]  ? lockdep_hardirqs_on+0x78/0x100
[ 1311.890135][T19633]  do_fast_syscall_32+0x32/0x70
[ 1311.890153][T19633]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1311.890176][T19633] RIP: 0023:0xf704efec
[ 1311.890198][T19633] Code: Unable to access opcode bytes at 0xf704efc2.
[ 1311.890206][T19633] RSP: 002b:00000000f53fb50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[ 1311.890224][T19633] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000340
[ 1311.890235][T19633] RDX: 00000000000003d5 RSI: 000000002e4b38ff RDI: 0000000000000000
[ 1311.890246][T19633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1311.890257][T19633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1311.890267][T19633] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1311.890301][T19633]  </TASK>
[ 1312.053720][T19635] FAULT_INJECTION: forcing a failure.
[ 1312.053720][T19635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1312.059352][T19635] CPU: 0 UID: 0 PID: 19635 Comm: syz.2.5592 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1312.059382][T19635] Tainted: [L]=SOFTLOCKUP
[ 1312.059389][T19635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1312.059401][T19635] Call Trace:
[ 1312.059408][T19635]  <TASK>
[ 1312.059416][T19635]  dump_stack_lvl+0x100/0x190
[ 1312.059447][T19635]  should_fail_ex.cold+0x5/0xa
[ 1312.059472][T19635]  strncpy_from_user+0x3b/0x2d0
[ 1312.059497][T19635]  ? sched_clock+0x2e/0x60
[ 1312.059521][T19635]  strncpy_from_user_nofault+0x81/0x180
[ 1312.059545][T19635]  bpf_probe_read_user_str+0x26/0x70
[ 1312.059579][T19635]  bpf_prog_2b9d543235bb144e+0x62/0x68
[ 1312.059600][T19635]  ? kvm_sched_clock_read+0x11/0x20
[ 1312.059623][T19635]  ? sched_clock+0x38/0x60
[ 1312.059642][T19635]  bpf_flow_dissect+0x3a7/0x730
[ 1312.059676][T19635]  bpf_prog_test_run_flow_dissector+0x438/0x980
[ 1312.059715][T19635]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[ 1312.059742][T19635]  ? find_held_lock+0x2b/0x80
[ 1312.059768][T19635]  ? __fget_files+0x215/0x3d0
[ 1312.059794][T19635]  ? __fget_files+0x21f/0x3d0
[ 1312.059819][T19635]  ? fput+0x79/0x100
[ 1312.059841][T19635]  ? __bpf_prog_get+0x97/0x2a0
[ 1312.059869][T19635]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[ 1312.059899][T19635]  __sys_bpf+0x2a12/0x4e80
[ 1312.059928][T19635]  ? __pfx___sys_bpf+0x10/0x10
[ 1312.059953][T19635]  ? find_held_lock+0x2b/0x80
[ 1312.059977][T19635]  ? get_pid_task+0xfc/0x250
[ 1312.060000][T19635]  ? get_pid_task+0xfc/0x250
[ 1312.060033][T19635]  ? proc_fail_nth_write+0x9f/0x220
[ 1312.060059][T19635]  ? find_held_lock+0x2b/0x80
[ 1312.060089][T19635]  ? rcu_read_lock_any_held+0x6a/0xa0
[ 1312.060115][T19635]  ? find_held_lock+0x2b/0x80
[ 1312.060139][T19635]  ? ksys_write+0x190/0x250
[ 1312.060157][T19635]  ? ksys_write+0x190/0x250
[ 1312.060195][T19635]  ? fput+0x79/0x100
[ 1312.060221][T19635]  ? __ia32_sys_bpf+0xcc/0x170
[ 1312.060241][T19635]  __ia32_sys_bpf+0xcc/0x170
[ 1312.060264][T19635]  ? __do_fast_syscall_32+0x98/0x970
[ 1312.060285][T19635]  __do_fast_syscall_32+0xe7/0x970
[ 1312.060303][T19635]  ? lockdep_hardirqs_on+0x78/0x100
[ 1312.060335][T19635]  do_fast_syscall_32+0x32/0x70
[ 1312.060355][T19635]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1312.060380][T19635] RIP: 0023:0xf6feefec
[ 1312.060404][T19635] Code: Unable to access opcode bytes at 0xf6feefc2.
[ 1312.060412][T19635] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1312.060431][T19635] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[ 1312.060444][T19635] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1312.060456][T19635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1312.060467][T19635] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1312.060479][T19635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1312.060502][T19635]  </TASK>
[ 1312.188204][T19636] Invalid source name
[ 1312.190438][T19636] UBIFS error (pid: 19636): cannot open "./file0", error -22
[ 1312.332247][T19646] netlink: 'syz.2.5594': attribute type 58 has an invalid length.
[ 1312.362418][T19646] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5594'.
[ 1313.747598][T19713] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5604'.
[ 1313.751297][T19713] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5604'.
[ 1313.849247][T19708] fuse: Bad value for 'fd'
[ 1313.930038][T19720] tipc: Started in network mode
[ 1313.932250][T19720] tipc: Node identity 8a0586ea172a, cluster identity 4711
[ 1313.936315][T19720] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1313.939858][T19725] syzkaller0: entered promiscuous mode
[ 1313.941586][T19725] syzkaller0: entered allmulticast mode
[ 1313.946408][T19725] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5606'.
[ 1313.951037][T19727] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5606'.
[ 1313.956866][T19725] tipc: Resetting bearer <eth:syzkaller0>
[ 1313.961195][T19719] tipc: Resetting bearer <eth:syzkaller0>
[ 1313.979213][T19719] tipc: Disabling bearer <eth:syzkaller0>
[ 1314.552837][T19722] [U] �
[ 1315.093327][T19746] bond0: entered promiscuous mode
[ 1315.094947][T19746] 
: entered promiscuous mode
[ 1315.097165][T19746] bond_slave_1: entered promiscuous mode
[ 1315.102426][T19746] batadv0: entered promiscuous mode
[ 1315.112002][T19746] netlink: 'syz.2.5611': attribute type 10 has an invalid length.
[ 1315.116210][T19746] syz_tun: entered promiscuous mode
[ 1315.146888][T19746] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1315.184327][T19751] FAULT_INJECTION: forcing a failure.
[ 1315.184327][T19751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1315.189287][T19751] CPU: 0 UID: 0 PID: 19751 Comm: syz.5.5612 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1315.189311][T19751] Tainted: [L]=SOFTLOCKUP
[ 1315.189317][T19751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1315.189326][T19751] Call Trace:
[ 1315.189331][T19751]  <TASK>
[ 1315.189337][T19751]  dump_stack_lvl+0x100/0x190
[ 1315.189360][T19751]  should_fail_ex.cold+0x5/0xa
[ 1315.189380][T19751]  _copy_to_user+0x32/0xd0
[ 1315.189402][T19751]  simple_read_from_buffer+0xcb/0x170
[ 1315.189432][T19751]  proc_fail_nth_read+0x1af/0x230
[ 1315.189453][T19751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1315.189474][T19751]  ? rw_verify_area+0xce/0x6d0
[ 1315.189495][T19751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1315.189514][T19751]  vfs_read+0x1e4/0xb40
[ 1315.189530][T19751]  ? __pfx_vfs_read+0x10/0x10
[ 1315.189542][T19751]  ? find_held_lock+0x2b/0x80
[ 1315.189562][T19751]  ? __fget_files+0x215/0x3d0
[ 1315.189579][T19751]  ? __fget_files+0x21f/0x3d0
[ 1315.189604][T19751]  ksys_read+0x12a/0x250
[ 1315.189618][T19751]  ? __pfx_ksys_read+0x10/0x10
[ 1315.189637][T19751]  do_int80_emulation+0x14b/0x720
[ 1315.189655][T19751]  asm_int80_emulation+0x1a/0x20
[ 1315.189670][T19751] RIP: 0023:0xf71871eb
[ 1315.189682][T19751] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1315.189697][T19751] RSP: 002b:00000000f543d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1315.189712][T19751] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543d5d0
[ 1315.189722][T19751] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1315.189730][T19751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1315.189739][T19751] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1315.189748][T19751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1315.189768][T19751]  </TASK>
[ 1315.208453][T19753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5613'.
[ 1315.277533][T19755] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5613'.
[ 1315.280321][T19753] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1315.384953][   T42] audit: type=1800 audit(1782641321.532:906): pid=19760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5614" name="file0" dev="overlay" ino=879 res=0 errno=0
[ 1316.357898][T19775] IPVS: nq: FWM 3 0x00000003 - no destination available
[ 1316.413529][T19780] binder: 19779:19780 ioctl c0306201 0 returned -14
[ 1316.596930][T19798] IPVS: sync thread started: state = MASTER, mcast_ifn = vcan0, syncid = 0, id = 0
[ 1316.603723][T19797] netlink: 'syz.4.5624': attribute type 4 has an invalid length.
[ 1316.607741][T19797] IPVS: set_ctl: invalid protocol: 47 172.30.1.5:20004
[ 1316.617549][T19800] overlayfs: failed lookup in lower (newroot/207, name='file0', err=-40): overlapping layers
[ 1316.634877][T19800] syzkaller1: entered promiscuous mode
[ 1316.637305][T19800] syzkaller1: entered allmulticast mode
[ 1316.726098][T19807] FAULT_INJECTION: forcing a failure.
[ 1316.726098][T19807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1316.735449][T19807] CPU: 3 UID: 0 PID: 19807 Comm: syz.5.5623 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1316.735476][T19807] Tainted: [L]=SOFTLOCKUP
[ 1316.735482][T19807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1316.735493][T19807] Call Trace:
[ 1316.735498][T19807]  <TASK>
[ 1316.735506][T19807]  dump_stack_lvl+0x100/0x190
[ 1316.735531][T19807]  should_fail_ex.cold+0x5/0xa
[ 1316.735553][T19807]  _copy_from_user+0x2e/0xd0
[ 1316.735579][T19807]  get_compat_msghdr+0xb3/0x480
[ 1316.735607][T19807]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1316.735630][T19807]  ? rcu_is_watching+0x12/0xc0
[ 1316.735667][T19807]  ? ___sys_recvmsg+0x177/0x1a0
[ 1316.735693][T19807]  ? kfree+0x1e5/0x6c0
[ 1316.735707][T19807]  ? __lock_acquire+0x49f/0x1a40
[ 1316.735727][T19807]  ___sys_recvmsg+0x193/0x1a0
[ 1316.735753][T19807]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1316.735790][T19807]  ? __pfx___might_resched+0x10/0x10
[ 1316.735822][T19807]  do_recvmmsg+0x54d/0x740
[ 1316.735850][T19807]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1316.735877][T19807]  ? find_held_lock+0x2b/0x80
[ 1316.735898][T19807]  ? ksys_write+0x190/0x250
[ 1316.735914][T19807]  ? ksys_write+0x190/0x250
[ 1316.735938][T19807]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1316.735969][T19807]  __sys_recvmmsg+0x21f/0x270
[ 1316.735990][T19807]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1316.736012][T19807]  ? ksys_write+0x1ac/0x250
[ 1316.736031][T19807]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[ 1316.736055][T19807]  ? __do_fast_syscall_32+0x98/0x970
[ 1316.736071][T19807]  ? lockdep_hardirqs_on+0x78/0x100
[ 1316.736096][T19807]  __do_fast_syscall_32+0xe7/0x970
[ 1316.736111][T19807]  ? lockdep_hardirqs_on+0x78/0x100
[ 1316.736139][T19807]  do_fast_syscall_32+0x32/0x70
[ 1316.736156][T19807]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1316.736176][T19807] RIP: 0023:0xf704efec
[ 1316.736195][T19807] Code: Unable to access opcode bytes at 0xf704efc2.
[ 1316.736202][T19807] RSP: 002b:00000000f53fb50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[ 1316.736219][T19807] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080005000
[ 1316.736230][T19807] RDX: 0000000004000169 RSI: 0000000000000060 RDI: 0000000000000000
[ 1316.736240][T19807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1316.736250][T19807] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1316.736260][T19807] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1316.736283][T19807]  </TASK>
[ 1316.858595][T19812] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5627'.
[ 1317.121873][T19837] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[ 1317.477539][T19856] openvswitch: netlink: Missing key (keys=40, expected=100)
[ 1319.937337][T19934] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5648'.
[ 1320.454728][T19975] FAULT_INJECTION: forcing a failure.
[ 1320.454728][T19975] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1320.464931][T19975] CPU: 3 UID: 0 PID: 19975 Comm: syz.3.5650 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1320.464961][T19975] Tainted: [L]=SOFTLOCKUP
[ 1320.464967][T19975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1320.464977][T19975] Call Trace:
[ 1320.464983][T19975]  <TASK>
[ 1320.464991][T19975]  dump_stack_lvl+0x100/0x190
[ 1320.465043][T19975]  should_fail_ex.cold+0x5/0xa
[ 1320.465066][T19975]  _copy_from_user+0x2e/0xd0
[ 1320.465091][T19975]  ia32_restore_sigcontext+0xc5/0x620
[ 1320.465114][T19975]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[ 1320.465140][T19975]  ? rcu_is_watching+0x12/0xc0
[ 1320.465161][T19975]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1320.465186][T19975]  ? lockdep_hardirqs_on+0x78/0x100
[ 1320.465215][T19975]  __do_compat_sys_rt_sigreturn+0x18c/0x270
[ 1320.465240][T19975]  ? __pfx___ia32_compat_sys_rt_sigreturn+0x10/0x10
[ 1320.465272][T19975]  do_int80_emulation+0x14b/0x720
[ 1320.465294][T19975]  asm_int80_emulation+0x1a/0x20
[ 1320.465330][T19975] RIP: 0023:0xf707f017
[ 1320.465346][T19975] Code: 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 77 00 00 00 cd 80 0f 0b 90 2e 8d 74 26 00 b8 ad 00 00 00 cd 80 <0f> 0b 90 90 90 90 90 90 90 55 31 c9 89 e5 57 8b 45 0c 8b 55 10 8b
[ 1320.465364][T19975] RSP: 002b:00000000f546c900 EFLAGS: 00000286 ORIG_RAX: 00000000000000ad
[ 1320.465382][T19975] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f546c98c
[ 1320.465394][T19975] RDX: 00000000f546c90c RSI: 0000000000010000 RDI: 0000000000000000
[ 1320.465405][T19975] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1320.465415][T19975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1320.465426][T19975] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1320.465450][T19975]  </TASK>
[ 1321.005366][T19982] mac80211_hwsim hwsim52 .
: renamed from wlan1 (while UP)
[ 1321.472620][T19996] netlink: 'syz.3.5655': attribute type 1 has an invalid length.
[ 1321.532769][T19996] bond2: entered promiscuous mode
[ 1321.535361][T19996] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1322.513036][T20054] input: syz1 as /devices/virtual/input/input74
[ 1322.597799][T20055] netlink: 'syz.4.5659': attribute type 4 has an invalid length.
[ 1322.601053][T20055] netlink: 17 bytes leftover after parsing attributes in process `syz.4.5659'.
[ 1323.643619][T20070] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5662'.
[ 1324.637770][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880211ce800: rx timeout, send abort
[ 1325.172151][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880245c0000: rx timeout, send abort
[ 1325.175455][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880211ce800: abort rx timeout. Force session deactivation
[ 1325.709598][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880245c0000: abort rx timeout. Force session deactivation
[ 1326.026426][T20091] loop5: detected capacity change from 0 to 7
[ 1326.038233][T20091]  loop5:
[ 1326.039234][T20091] loop5: partition table partially beyond EOD, truncated
[ 1326.239965][T20120] input: syz0 as /devices/virtual/input/input75
[ 1326.633761][T20160] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[ 1326.635737][T20160] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1326.640502][T20160] vhci_hcd vhci_hcd.0: Device attached
[ 1326.643517][T20164] usbip_core: unknown command
[ 1326.646694][T20164] vhci_hcd: unknown pdu 0
[ 1326.650298][T20164] usbip_core: unknown command
[ 1326.654688][T24067] vhci_hcd vhci_hcd.2: stop threads
[ 1326.659305][T24067] vhci_hcd vhci_hcd.2: release socket
[ 1326.664329][T24067] vhci_hcd vhci_hcd.2: disconnect device
[ 1326.699141][T20170] fuse: Invalid rootmode
[ 1326.990973][T20177] tun0: tun_chr_ioctl cmd 1074025675
[ 1326.993337][T20177] tun0: persist disabled
[ 1326.994726][T20176] tun0: tun_chr_ioctl cmd 1074025675
[ 1326.996434][T20176] tun0: persist disabled
[ 1327.595400][T20215] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[ 1327.600817][T20215] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[ 1327.606338][T20215] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[ 1327.679224][T20215] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1327.862532][T20238] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1327.877924][T20239] fuse: Unknown parameter 'rootmode000�0000'
[ 1327.877938][T20238] fuse: Unknown parameter 'rootmode000�0000'
[ 1328.024037][T20247] FAULT_INJECTION: forcing a failure.
[ 1328.024037][T20247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1328.029192][T20247] CPU: 2 UID: 0 PID: 20247 Comm: syz.3.5702 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1328.029223][T20247] Tainted: [L]=SOFTLOCKUP
[ 1328.029228][T20247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1328.029234][T20247] Call Trace:
[ 1328.029239][T20247]  <TASK>
[ 1328.029244][T20247]  dump_stack_lvl+0x100/0x190
[ 1328.029262][T20247]  should_fail_ex.cold+0x5/0xa
[ 1328.029277][T20247]  _copy_from_user+0x2e/0xd0
[ 1328.029295][T20247]  generic_map_update_batch+0x452/0x800
[ 1328.029312][T20247]  ? __pfx_generic_map_update_batch+0x10/0x10
[ 1328.029327][T20247]  ? __pfx_generic_map_update_batch+0x10/0x10
[ 1328.029339][T20247]  bpf_map_do_batch+0x66f/0x6d0
[ 1328.029358][T20247]  __sys_bpf+0x4ce/0x4e80
[ 1328.029374][T20247]  ? __pfx___sys_bpf+0x10/0x10
[ 1328.029390][T20247]  ? proc_fail_nth_write+0x1ad/0x220
[ 1328.029408][T20247]  ? proc_fail_nth_write+0xc4/0x220
[ 1328.029424][T20247]  ? proc_fail_nth_write+0x9f/0x220
[ 1328.029441][T20247]  ? find_held_lock+0x2b/0x80
[ 1328.029459][T20247]  ? rcu_read_lock_any_held+0x6a/0xa0
[ 1328.029475][T20247]  ? find_held_lock+0x2b/0x80
[ 1328.029489][T20247]  ? ksys_write+0x190/0x250
[ 1328.029499][T20247]  ? ksys_write+0x190/0x250
[ 1328.029520][T20247]  ? xfd_validate_state+0x129/0x190
[ 1328.029536][T20247]  ? __ia32_sys_bpf+0xcc/0x170
[ 1328.029548][T20247]  __ia32_sys_bpf+0xcc/0x170
[ 1328.029561][T20247]  ? __do_fast_syscall_32+0x98/0x970
[ 1328.029575][T20247]  __do_fast_syscall_32+0xe7/0x970
[ 1328.029586][T20247]  ? lockdep_hardirqs_on+0x78/0x100
[ 1328.029604][T20247]  do_fast_syscall_32+0x32/0x70
[ 1328.029616][T20247]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1328.029631][T20247] RIP: 0023:0xf707efec
[ 1328.029645][T20247] Code: Unable to access opcode bytes at 0xf707efc2.
[ 1328.029650][T20247] RSP: 002b:00000000f544c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1328.029661][T20247] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 00000000800003c0
[ 1328.029669][T20247] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[ 1328.029676][T20247] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1328.029683][T20247] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1328.029689][T20247] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1328.029703][T20247]  </TASK>
[ 1328.114292][    C2] hpet: Lost 4 RTC interrupts
[ 1328.599464][T20257] fuse: Invalid rootmode
[ 1328.701628][ T5749] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1328.837045][T20266] dlm: Unknown command passed to DLM device : 3
[ 1328.837045][T20266] 
[ 1329.029713][T20267] bridge0: entered promiscuous mode
[ 1329.062263][T20267] loop5: detected capacity change from 0 to 8392703
[ 1329.806953][T20287] tmpfs: Unknown parameter 'us'
[ 1330.050395][T20264] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1330.296228][T20298] random: crng reseeded on system resumption
[ 1330.338349][T20298] Restarting kernel threads ...
[ 1330.350040][T20298] Done restarting kernel threads.
[ 1330.568745][T20305] fuse: Bad value for 'rootmode'
[ 1330.816939][T20313] netlink: 14 bytes leftover after parsing attributes in process `syz.5.5716'.
[ 1330.854167][T20310] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[ 1330.861770][T20314] netlink: 'syz.4.5715': attribute type 22 has an invalid length.
[ 1330.871087][T20314] netlink: 'syz.4.5715': attribute type 1 has an invalid length.
[ 1330.876544][T20314] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5715'.
[ 1330.994278][   T42] audit: type=1326 audit(1782641336.140:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20321 comm="syz.4.5719" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd4fec code=0x0
[ 1331.144818][T20334] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1331.930793][T20363] syzkaller0: entered promiscuous mode
[ 1331.932868][T20363] syzkaller0: entered allmulticast mode
[ 1333.112544][T20394] 9pnet_virtio: no channels available for device syz
[ 1333.124077][T20394] overlayfs: failed to resolve '/��ω��D�oU^Z9���;{kzٳ�': -2
[ 1333.133573][T20394] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1333.136274][ T5749] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1333.557356][T20424] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5738'.
[ 1333.795757][T20432] openvswitch: netlink: EtherType 50a is less than min 600
[ 1334.341991][T20454] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5747'.
[ 1334.683714][T20470] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1334.686554][T20470] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1334.694678][   T64] Bluetooth: hci2: unexpected event for opcode 0x0c05
[ 1335.005637][T20485] netlink: 'syz.3.5754': attribute type 4 has an invalid length.
[ 1335.040025][T20485] bond3: Unable to set down delay as MII monitoring is disabled
[ 1335.045218][T20485] bond3 (unregistering): Released all slaves
[ 1335.758066][T20566] exFAT-fs (nbd4): unable to read boot sector
[ 1335.760043][T20566] exFAT-fs (nbd4): failed to read boot sector
[ 1335.761839][T20566] exFAT-fs (nbd4): failed to recognize exfat type
[ 1336.059399][T20574] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5759'.
[ 1336.810204][ T2320] kernel write not supported for file /snd/seq (pid: 2320 comm: kworker/1:2)
[ 1336.817701][T20579] 9p: Bad value for 'rfdno'
[ 1337.400193][T20603] netlink: 'syz.4.5766': attribute type 1 has an invalid length.
[ 1337.409497][T20603] block nbd1: shutting down sockets
[ 1337.506865][T20610] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5766'.
[ 1337.513641][T20618] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1339.259226][T13739] usb 9-1: new low-speed USB device number 20 using dummy_hcd
[ 1339.421509][T13739] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1339.426219][T13739] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x6 is Bulk; changing to Interrupt
[ 1339.438289][T13739] usb 9-1: string descriptor 0 read error: -22
[ 1339.443119][T13739] usb 9-1: New USB device found, idVendor=041e, idProduct=3042, bcdDevice= 0.40
[ 1339.447966][T13739] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1339.454327][T20673] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1339.461493][T13739] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[ 1339.466104][T13739] usb 9-1: MIDIStreaming interface descriptor not found
[ 1339.673079][ T8656] usb 9-1: USB disconnect, device number 20
[ 1340.416858][T20735] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1340.541218][T20737] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5779'.
[ 1340.675885][T20667] Set syz1 is full, maxelem 65536 reached
[ 1341.019065][T20726] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[ 1341.576259][T20762] sch_tbf: burst 4 is lower than device lo mtu (143) !
[ 1341.604089][T20763] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1341.620563][T20763] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1341.949657][T14540] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[ 1342.056836][T14540] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[ 1342.061050][T14540] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[ 1342.068224][T14540] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[ 1342.071383][T14540] rtc rtc0: __rtc_set_alarm: err=-22
[ 1342.443103][T20865] Invalid logical block size (-55)
[ 1343.074264][   T42] audit: type=1326 audit(1782641347.388:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.096462][   T42] audit: type=1326 audit(1782641347.388:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.114425][   T42] audit: type=1326 audit(1782641347.397:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.147735][   T42] audit: type=1326 audit(1782641347.397:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.172407][   T42] audit: type=1326 audit(1782641347.397:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.194067][   T42] audit: type=1326 audit(1782641347.397:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.206849][   T42] audit: type=1326 audit(1782641347.397:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.226837][   T42] audit: type=1326 audit(1782641347.407:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.239612][   T42] audit: type=1326 audit(1782641347.482:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1343.249594][   T42] audit: type=1326 audit(1782641347.491:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20877 comm="syz.5.5797" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1344.904075][T20930] netlink: 'syz.5.5807': attribute type 1 has an invalid length.
[ 1344.906620][T20930] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5807'.
[ 1344.987802][T20932] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5805'.
[ 1344.999391][T20932] fuse: Bad value for 'fd'
[ 1348.205311][T20998] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5823'.
[ 1348.343539][T21005] netlink: 84 bytes leftover after parsing attributes in process `syz.3.5824'.
[ 1348.346975][T21005] netlink: 84 bytes leftover after parsing attributes in process `syz.3.5824'.
[ 1348.359445][   T64] Bluetooth: hci0: unexpected event for opcode 0x041c
[ 1348.471992][T21010] random: crng reseeded on system resumption
[ 1349.371648][   T42] kauditd_printk_skb: 33 callbacks suppressed
[ 1349.371660][   T42] audit: type=1800 audit(1782641353.340:951): pid=21030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5830" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1349.497302][   T42] audit: type=1326 audit(1782641353.452:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.506264][   T42] audit: type=1326 audit(1782641353.461:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.516034][   T42] audit: type=1326 audit(1782641353.461:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.527365][   T42] audit: type=1326 audit(1782641353.461:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.536954][   T42] audit: type=1326 audit(1782641353.480:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.545958][   T42] audit: type=1326 audit(1782641353.480:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.560631][   T42] audit: type=1326 audit(1782641353.480:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.571452][   T42] audit: type=1326 audit(1782641353.480:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.582425][   T42] audit: type=1326 audit(1782641353.480:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21044 comm="syz.5.5833" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704efec code=0x7ffc0000
[ 1349.619163][T21048] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[ 1349.621282][T21048] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1349.627811][T21048] vhci_hcd vhci_hcd.0: Device attached
[ 1349.788313][T21048] geneve2: entered allmulticast mode
[ 1349.924145][ T2320] usb 44-1: SetAddress Request (35) to port 0
[ 1349.926806][ T2320] usb 44-1: new SuperSpeed USB device number 35 using vhci_hcd
[ 1350.048116][T21086] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5834'.
[ 1350.273756][T21049] vhci_hcd: connection reset by peer
[ 1350.279349][T20789] vhci_hcd vhci_hcd.3: stop threads
[ 1350.281559][T20789] vhci_hcd vhci_hcd.3: release socket
[ 1350.283900][T20789] vhci_hcd vhci_hcd.3: disconnect device
[ 1350.665298][T21118] binder: 21117:21118 ioctl c0306201 0 returned -14
[ 1350.747371][T21121] dlm: Unknown command passed to DLM device : 3
[ 1350.747371][T21121] 
[ 1351.736616][T21132] dlm: Unknown command passed to DLM device : 3
[ 1351.736616][T21132] 
[ 1351.805819][T21120] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1352.055136][T21135] bridge0: entered promiscuous mode
[ 1352.718293][   T64] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1352.722614][   T64] Bluetooth: hci0: Injecting HCI hardware error event
[ 1352.731421][ T5749] Bluetooth: hci0: hardware error 0x00
[ 1352.799653][T21131] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1354.265075][T21153] netlink: 'syz.5.5851': attribute type 4 has an invalid length.
[ 1354.267485][T21153] netlink: 17 bytes leftover after parsing attributes in process `syz.5.5851'.
[ 1355.032086][ T5749] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1355.394448][ T2320] usb 44-1: device descriptor read/8, error -110
[ 1356.016838][ T2320] usb usb44-port1: attempt power cycle
[ 1356.053683][T21178] netlink: 'syz.5.5857': attribute type 1 has an invalid length.
[ 1356.101060][T21178] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1356.157591][T21178] bond0: (slave geneve3): making interface the new active one
[ 1356.165980][T21178] bond0: (slave geneve3): Enslaving as an active interface with an up link
[ 1356.635494][ T2320] usb usb44-port1: unable to enumerate USB device
[ 1356.835521][T21228] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5859'.
[ 1357.140200][T21310] loop5: detected capacity change from 0 to 7
[ 1357.153641][T21310]  loop5:
[ 1357.154682][T21310] loop5: partition table partially beyond EOD, truncated
[ 1357.565517][T21349] dlm: Unknown command passed to DLM device : 3
[ 1357.565517][T21349] 
[ 1357.785511][T21371] loop5: detected capacity change from 0 to 8392703
[ 1358.112456][T21385] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5870'.
[ 1359.551890][T21348] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1359.568413][T21404] binder: 21403:21404 ioctl ae80 0 returned -22
[ 1359.949746][   T42] kauditd_printk_skb: 15 callbacks suppressed
[ 1359.949814][   T42] audit: type=1326 audit(1782641364.243:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1359.958215][T21433] fuse: Bad value for 'fd'
[ 1359.959000][   T42] audit: type=1326 audit(1782641364.243:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1359.981720][ T1437] ieee802154 phy1 wpan1: encryption failed: -22
[ 1360.314877][   T42] audit: type=1326 audit(1782641364.580:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1360.336822][   T42] audit: type=1326 audit(1782641364.580:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1360.353713][   T42] audit: type=1326 audit(1782641364.589:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1360.365013][   T42] audit: type=1326 audit(1782641364.589:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1360.373730][   T42] audit: type=1326 audit(1782641364.599:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1360.463491][   T42] audit: type=1326 audit(1782641364.599:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1360.474468][   T42] audit: type=1326 audit(1782641364.720:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1360.484125][   T42] audit: type=1326 audit(1782641364.720:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21411 comm="syz.4.5874" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd4fec code=0x7ffc0000
[ 1360.567773][  T493] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1360.770311][  T493] usb 10-1: Using ep0 maxpacket: 32
[ 1360.777302][  T493] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1360.785764][  T493] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1360.789490][  T493] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1360.792894][  T493] usb 10-1: Product: syz
[ 1360.794744][  T493] usb 10-1: Manufacturer: syz
[ 1360.796585][  T493] usb 10-1: SerialNumber: syz
[ 1360.806442][  T493] usb 10-1: config 0 descriptor??
[ 1360.818437][T21436] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1360.837566][  T493] hub 10-1:0.0: bad descriptor, ignoring hub
[ 1360.840281][  T493] hub 10-1:0.0: probe with driver hub failed with error -5
[ 1361.280270][T21465] �x9�: renamed from bridge_slave_0 (while UP)
[ 1361.363179][T21458] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5882'.
[ 1361.628649][T21477] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5889'.
[ 1361.654839][T21477] No source specified
[ 1361.820811][T14540] usb 10-1: USB disconnect, device number 8
[ 1362.091449][T21503] fuse: Unknown parameter '0x0000000000000006'
[ 1362.495117][T21504] Set syz1 is full, maxelem 65536 reached
[ 1362.510672][T21436] team0: Port device team_slave_0 removed
[ 1362.527376][T21436] team0: Port device team_slave_1 removed
[ 1362.532989][T21436] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1362.775830][T21512] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1362.837551][T21515] netlink: 'syz.3.5896': attribute type 9 has an invalid length.
[ 1362.904088][T21511] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5895'.
[ 1363.602431][T21535] dlm: Unknown command passed to DLM device : 3
[ 1363.602431][T21535] 
[ 1363.673282][T21540] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5900'.
[ 1363.893368][T21545] loop5: detected capacity change from 0 to 8392703
[ 1364.799667][T21562] fuse: Unknown parameter '0x0000000000000006'
[ 1364.907608][T21532] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1365.062297][T21582] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5907'.
[ 1365.111327][T21585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5907'.
[ 1365.279252][T21590] syz.3.5908: page allocation failure: order:0, mode:0x340cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_THISNODE), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1365.284548][T21590] CPU: 3 UID: 0 PID: 21590 Comm: syz.3.5908 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1365.284568][T21590] Tainted: [L]=SOFTLOCKUP
[ 1365.284572][T21590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1365.284579][T21590] Call Trace:
[ 1365.284584][T21590]  <TASK>
[ 1365.284589][T21590]  dump_stack_lvl+0x100/0x190
[ 1365.284607][T21590]  warn_alloc.cold+0x94/0xa8
[ 1365.284620][T21590]  ? __pfx_warn_alloc+0x10/0x10
[ 1365.284637][T21590]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1365.284659][T21590]  ? __pfx_get_page_from_freelist+0x10/0x10
[ 1365.284676][T21590]  __alloc_frozen_pages_noprof+0x159f/0x2dc0
[ 1365.284696][T21590]  ? __kernel_text_address+0xd/0x30
[ 1365.284713][T21590]  ? __css_rstat_updated+0x1ce/0x5a0
[ 1365.284733][T21590]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1365.284753][T21590]  ? __lock_acquire+0x49f/0x1a40
[ 1365.284775][T21590]  __folio_alloc_noprof+0x13/0x260
[ 1365.284789][T21590]  alloc_migration_target+0x1d7/0x6d0
[ 1365.284808][T21590]  migrate_pages_batch+0x5dc/0x45c0
[ 1365.284827][T21590]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1365.284848][T21590]  ? __pfx___page_table_check_ptes_set+0x10/0x10
[ 1365.284864][T21590]  ? __pfx_migrate_pages_batch+0x10/0x10
[ 1365.284884][T21590]  ? set_ptes+0x14c/0x1d0
[ 1365.284894][T21590]  ? find_held_lock+0x2b/0x80
[ 1365.284909][T21590]  ? rcu_read_unlock+0x2d/0xb0
[ 1365.284920][T21590]  ? rcu_read_unlock+0x2d/0xb0
[ 1365.284936][T21590]  migrate_pages_sync+0x12c/0x880
[ 1365.284954][T21590]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1365.284974][T21590]  ? __pfx_migrate_pages_sync+0x10/0x10
[ 1365.284994][T21590]  ? __lock_acquire+0x49f/0x1a40
[ 1365.285004][T21590]  ? __css_rstat_updated+0x1ce/0x5a0
[ 1365.285024][T21590]  migrate_pages+0x1a83/0x2850
[ 1365.285043][T21590]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1365.285063][T21590]  ? __pfx_migrate_pages+0x10/0x10
[ 1365.285083][T21590]  ? __lock_acquire+0x49f/0x1a40
[ 1365.285094][T21590]  ? mtree_load+0x32d/0xa90
[ 1365.285108][T21590]  move_pages_and_store_status+0xf1/0x230
[ 1365.285127][T21590]  ? __pfx_move_pages_and_store_status+0x10/0x10
[ 1365.285151][T21590]  kernel_move_pages+0xc89/0x14a0
[ 1365.285173][T21590]  ? __pfx_kernel_move_pages+0x10/0x10
[ 1365.285195][T21590]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[ 1365.285214][T21590]  __ia32_sys_move_pages+0xdd/0x1b0
[ 1365.285231][T21590]  ? __do_fast_syscall_32+0x98/0x970
[ 1365.285242][T21590]  ? lockdep_hardirqs_on+0x78/0x100
[ 1365.285259][T21590]  __do_fast_syscall_32+0xe7/0x970
[ 1365.285272][T21590]  do_fast_syscall_32+0x32/0x70
[ 1365.285284][T21590]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1365.285307][T21590] RIP: 0023:0xf707efec
[ 1365.285322][T21590] Code: Unable to access opcode bytes at 0xf707efc2.
[ 1365.285328][T21590] RSP: 002b:00000000f546d50c EFLAGS: 00000292 ORIG_RAX: 000000000000013d
[ 1365.285339][T21590] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000000020a0
[ 1365.285346][T21590] RDX: 0000000080000040 RSI: 0000000080001180 RDI: 0000000080000000
[ 1365.285354][T21590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1365.285361][T21590] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1365.285368][T21590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1365.285383][T21590]  </TASK>
[ 1365.285388][T21590] Mem-Info:
[ 1365.383281][T21590] active_anon:8022 inactive_anon:259 isolated_anon:0
[ 1365.383281][T21590]  active_file:1620 inactive_file:14008 isolated_file:0
[ 1365.383281][T21590]  unevictable:1768 dirty:472 writeback:0
[ 1365.383281][T21590]  slab_reclaimable:7334 slab_unreclaimable:88396
[ 1365.383281][T21590]  mapped:30436 shmem:7488 pagetables:1548
[ 1365.383281][T21590]  sec_pagetables:353 bounce:0
[ 1365.383281][T21590]  kernel_misc_reclaimable:0
[ 1365.383281][T21590]  free:41202 free_pcp:400 free_cma:0
[ 1365.397323][T21590] Node 0 active_anon:4kB inactive_anon:40kB active_file:0kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7924kB pagetables:1212kB sec_pagetables:1136kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1365.407387][T21590] Node 1 active_anon:32084kB inactive_anon:996kB active_file:6480kB inactive_file:56032kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:121716kB dirty:1888kB writeback:0kB shmem:26416kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9608kB pagetables:4980kB sec_pagetables:276kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1365.423530][T21590] Node 0 DMA free:2428kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1365.433432][T21590] lowmem_reserve[]: 0 283 283 283 283
[ 1365.435390][T21590] Node 0 DMA32 free:36624kB boost:29380kB min:42440kB low:45704kB high:48968kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:0kB inactive_file:0kB unevictable:3536kB writepending:0kB zspages:936kB present:1032196kB managed:290676kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1365.448675][T21590] lowmem_reserve[]: 0 0 0 0 0
[ 1365.451376][T21590] Node 1 DMA32 free:125244kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31384kB inactive_anon:996kB active_file:6480kB inactive_file:56032kB unevictable:3536kB writepending:1888kB zspages:5532kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:3208kB local_pcp:416kB free_cma:0kB
[ 1365.463282][T21590] lowmem_reserve[]: 0 0 0 0 0
[ 1365.465422][T21590] Node 0 DMA: 65*4kB (U) 11*8kB (U) 0*16kB 7*32kB (U) 3*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 2428kB
[ 1365.472619][T21590] Node 0 DMA32: 897*4kB (UME) 489*8kB (UME) 130*16kB (UME) 328*32kB (UME) 97*64kB (UME) 43*128kB (UME) 13*256kB (UME) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 36652kB
[ 1365.479472][T21590] Node 1 DMA32: 1246*4kB (UME) 1299*8kB (UME) 533*16kB (UME) 500*32kB (UME) 230*64kB (UME) 151*128kB (UM) 85*256kB (UME) 22*512kB (UME) 11*1024kB (UM) 3*2048kB (U) 0*4096kB = 124384kB
[ 1365.488461][T21590] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1365.492533][T21590] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1365.496611][T21593] netlink: 'syz.5.5909': attribute type 1 has an invalid length.
[ 1365.500402][T21590] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1365.515205][T21590] Node 1 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1365.518175][T21590] 21860 total pagecache pages
[ 1365.519708][T21590] 1070 pages in swap cache
[ 1365.521167][T21590] Free swap  = 58980kB
[ 1365.522744][T21590] Total swap = 124996kB
[ 1365.524116][T21590] 524155 pages RAM
[ 1365.531277][T21593] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1365.539115][T21590] 0 pages HighMem/MovableOnly
[ 1365.543548][T21590] 210593 pages reserved
[ 1365.545316][T21590] 0 pages cma reserved
[ 1365.561496][T21593] bond1: (slave gretap1): making interface the new active one
[ 1365.567174][T21593] bond1: (slave gretap1): Enslaving as an active interface with an up link
[ 1365.603175][T21631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5910'.
[ 1365.610934][T21631] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1365.613215][T21631] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1365.630598][T21631] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1365.639809][T21631] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1365.649465][T21631] batadv0 (unregistering): left promiscuous mode
[ 1365.984286][T21650] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5914'.
[ 1366.087825][ T5749] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1366.088012][T21656] fuse: Unknown parameter '0x0000000000000005'
[ 1366.453415][T21664] syzkaller0: entered promiscuous mode
[ 1366.457505][T21664] syzkaller0: entered allmulticast mode
[ 1366.716917][T21675] tmpfs: Bad value for 'mpol'
[ 1367.506239][T21697] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5919'.
[ 1369.942978][T21709] lo speed is unknown, defaulting to 1000
[ 1369.952349][T21709] lo speed is unknown, defaulting to 1000
[ 1369.959601][T21709] lo speed is unknown, defaulting to 1000
[ 1369.966054][T21709] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[ 1369.972364][T21709] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[ 1369.979728][T21709] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[ 1369.997561][T21709] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1370.010516][T21719] dlm: Unknown command passed to DLM device : 3
[ 1370.010516][T21719] 
[ 1370.035811][T21709] lo speed is unknown, defaulting to 1000
[ 1370.123129][T21709] lo speed is unknown, defaulting to 1000
[ 1370.134227][T21709] lo speed is unknown, defaulting to 1000
[ 1370.174242][T21709] lo speed is unknown, defaulting to 1000
[ 1370.271024][T21734] loop5: detected capacity change from 0 to 8392703
[ 1370.322668][T21709] lo speed is unknown, defaulting to 1000
[ 1370.325460][T21709] lo speed is unknown, defaulting to 1000
[ 1370.328342][T21709] lo speed is unknown, defaulting to 1000
[ 1370.332446][T21709] lo speed is unknown, defaulting to 1000
[ 1370.433930][T21744] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5925'.
[ 1370.484593][T21751] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5926'.
[ 1370.502971][T21751] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5926'.
[ 1370.591310][T21751] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5926'.
[ 1371.115447][T21718] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1371.435895][T21771] netlink: 'syz.4.5930': attribute type 12 has an invalid length.
[ 1373.020104][T21840] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5939'.
[ 1373.302065][T21855] openvswitch: netlink: Missing key (keys=40, expected=2000)
[ 1373.415057][T21864] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5944'.
[ 1373.647724][T21876] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5946'.
[ 1374.726320][T13706] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[ 1374.913082][T13706] usb 9-1: Using ep0 maxpacket: 32
[ 1374.928724][T13706] usb 9-1: config 0 has no interfaces?
[ 1374.951475][T13706] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1374.981318][T13706] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1375.036233][T13706] usb 9-1: Product: syz
[ 1375.054317][T13706] usb 9-1: Manufacturer: syz
[ 1375.088620][T13706] usb 9-1: SerialNumber: syz
[ 1375.191399][T13706] usb 9-1: config 0 descriptor??
[ 1375.528670][T21896] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5949'.
[ 1375.951786][ T1677] usb 9-1: USB disconnect, device number 21
[ 1375.993703][T21943] overlayfs: conflicting options: userxattr,metacopy=on
[ 1376.138245][T21949] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[ 1377.402846][T21972] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1378.224406][ T8656] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1378.381411][ T8656] usb 9-1: Using ep0 maxpacket: 16
[ 1378.385726][ T8656] usb 9-1: config 7 has an invalid interface number: 64 but max is 2
[ 1378.388379][ T8656] usb 9-1: config 7 has an invalid interface number: 202 but max is 2
[ 1378.390930][ T8656] usb 9-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 1378.402659][ T8656] usb 9-1: config 7 has an invalid descriptor of length 217, skipping remainder of the config
[ 1378.405847][ T8656] usb 9-1: config 7 has 2 interfaces, different from the descriptor's value: 3
[ 1378.408795][ T8656] usb 9-1: config 7 has no interface number 0
[ 1378.410886][ T8656] usb 9-1: config 7 has no interface number 1
[ 1378.415815][ T8656] usb 9-1: config 7 interface 64 altsetting 5 has an invalid descriptor for endpoint zero, skipping
[ 1378.421646][ T8656] usb 9-1: config 7 interface 64 altsetting 5 endpoint 0x4 has an invalid bInterval 0, changing to 7
[ 1378.427636][ T8656] usb 9-1: config 7 interface 64 altsetting 5 has an invalid descriptor for endpoint zero, skipping
[ 1378.436205][ T8656] usb 9-1: config 7 interface 64 altsetting 5 has an invalid descriptor for endpoint zero, skipping
[ 1378.443842][ T8656] usb 9-1: config 7 interface 64 altsetting 5 has an invalid descriptor for endpoint zero, skipping
[ 1378.450542][ T8656] usb 9-1: config 7 interface 64 altsetting 5 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1378.454692][ T8656] usb 9-1: config 7 interface 64 altsetting 5 has a duplicate endpoint with address 0x6, skipping
[ 1378.462814][ T8656] usb 9-1: config 7 interface 202 altsetting 116 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1378.477297][ T8656] usb 9-1: config 7 interface 202 altsetting 116 endpoint 0x7 has invalid maxpacket 512, setting to 64
[ 1378.483499][ T8656] usb 9-1: config 7 interface 202 altsetting 116 endpoint 0xC has invalid maxpacket 1023, setting to 64
[ 1378.490379][ T8656] usb 9-1: config 7 interface 202 altsetting 116 endpoint 0xB has invalid maxpacket 1024, setting to 64
[ 1378.501142][ T8656] usb 9-1: config 7 interface 202 altsetting 116 has a duplicate endpoint with address 0xF, skipping
[ 1378.514007][ T8656] usb 9-1: config 7 interface 202 altsetting 116 has a duplicate endpoint with address 0xB, skipping
[ 1378.523421][ T8656] usb 9-1: config 7 interface 202 altsetting 116 bulk endpoint 0xD has invalid maxpacket 80
[ 1378.536462][ T8656] usb 9-1: config 7 interface 64 has no altsetting 0
[ 1378.540902][ T8656] usb 9-1: config 7 interface 202 has no altsetting 0
[ 1378.557952][ T8656] usb 9-1: New USB device found, idVendor=0bda, idProduct=8176, bcdDevice= 5.b1
[ 1378.564435][ T8656] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1378.570164][ T8656] usb 9-1: Product: О
[ 1378.571813][ T8656] usb 9-1: Manufacturer: 䃖䢺ᵑ䣡꾣匮洜솅ࣞ滥蹥峑焼ꀉ롯瀵ꣅ桝祶ᬕ幊
[ 1378.584348][ T8656] usb 9-1: SerialNumber: syz
[ 1380.155306][T21412] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1380.315130][T21412] usb 10-1: Using ep0 maxpacket: 16
[ 1380.317492][T21412] usb 10-1: too many configurations: 123, using maximum allowed: 8
[ 1380.320935][T21412] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.325300][T21412] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.329660][T21412] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.333642][T21412] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.338958][T21412] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.342857][T21412] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.349040][T21412] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.353066][T21412] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.357239][T21412] usb 10-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1380.360394][T21412] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[ 1380.362936][T21412] usb 10-1: SerialNumber: syz
[ 1380.366112][T21412] usb 10-1: config 0 descriptor??
[ 1380.375878][T21412] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input76
[ 1380.599775][T22056] netlink: 14 bytes leftover after parsing attributes in process `syz.5.5976'.
[ 1380.786722][T22056] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5976'.
[ 1380.938722][ T5132] bcm5974 10-1:0.0: could not read from device
[ 1380.945715][ T5132] bcm5974 10-1:0.0: could not read from device
[ 1380.955969][T21412] usb 10-1: USB disconnect, device number 9
[ 1380.957409][ T5132] bcm5974 10-1:0.0: could not read from device
[ 1380.961376][ T5132] bcm5974 10-1:0.0: could not read from device
[ 1381.072364][ T8656] usb 9-1: USB disconnect, device number 22
[ 1381.345681][T22100] pim6reg: entered allmulticast mode
[ 1381.361446][T22100] pim6reg: left allmulticast mode
[ 1381.727369][T22113] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5979'.
[ 1382.112861][T22141] IPVS: set_ctl: invalid protocol: 108 10.1.1.0:20002
[ 1382.189355][T22143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5988'.
[ 1382.203693][T22143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5988'.
[ 1382.411144][T22154] netlink: 84 bytes leftover after parsing attributes in process `syz.4.5990'.
[ 1382.415666][T22154] netlink: 84 bytes leftover after parsing attributes in process `syz.4.5990'.
[ 1382.430978][ T5749] Bluetooth: hci2: unexpected event for opcode 0x041c
[ 1383.477546][T22185] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5993'.
[ 1383.663432][T22185] ------------[ cut here ]------------
[ 1383.666128][T22185] !chanctx_conf
[ 1383.666141][T22185] WARNING: net/mac80211/tx.c:6467 at ieee80211_tx_skb_tid+0x46a/0x550, CPU#0: syz.5.5993/22185
[ 1383.672878][T22185] Modules linked in:
[ 1383.674630][T22185] CPU: 0 UID: 0 PID: 22185 Comm: syz.5.5993 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1383.679115][T22185] Tainted: [L]=SOFTLOCKUP
[ 1383.680887][T22185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1383.685016][T22185] RIP: 0010:ieee80211_tx_skb_tid+0x46a/0x550
[ 1383.687507][T22185] Code: fc ff ff e8 88 27 5e f7 e9 8f fc ff ff 4c 89 e7 e8 ab 27 5e f7 e9 4e fd ff ff e8 71 27 5e f7 e9 0b fe ff ff e8 c7 ae ee f6 90 <0f> 0b 90 e8 ae 04 80 00 31 ff 89 c3 89 c6 e8 23 a9 ee f6 85 db 75
[ 1383.695226][T22185] RSP: 0000:ffffc90003946df8 EFLAGS: 00010283
[ 1383.697470][T22185] RAX: 000000000000663b RBX: ffff88806f238ec0 RCX: ffffc9000c6d9000
[ 1383.700641][T22185] RDX: 0000000000080000 RSI: ffffffff8b1a2d79 RDI: ffff888028d48000
[ 1383.703793][T22185] RBP: 00000000ffffffff R08: 0000000000000005 R09: 0000000000000000
[ 1383.707037][T22185] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[ 1383.710229][T22185] R13: ffff888074474780 R14: 0000000000000007 R15: 0000000000000000
[ 1383.713318][T22185] FS:  0000000000000000(0000) GS:ffff8880970e7000(0063) knlGS:00000000f543db40
[ 1383.716725][T22185] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1383.719416][T22185] CR2: 00007fb9870174e8 CR3: 000000005a333000 CR4: 0000000000352ef0
[ 1383.722621][T22185] Call Trace:
[ 1383.724147][T22185]  <TASK>
[ 1383.725473][T22185]  mesh_plink_frame_tx.isra.0+0xdf1/0x10d0
[ 1383.727924][T22185]  ? __pfx_mesh_plink_frame_tx.isra.0+0x10/0x10
[ 1383.730499][T22185]  ? mesh_plink_timer+0x30/0x9e0
[ 1383.732542][T22185]  mesh_plink_deactivate+0x271/0x340
[ 1383.734894][T22185]  mesh_sta_cleanup+0x35/0x80
[ 1383.736891][T22185]  __cleanup_single_sta+0x5c0/0x730
[ 1383.739031][T22185]  __sta_info_destroy_part2+0x36a/0x500
[ 1383.741188][T22185]  __sta_info_flush+0x4f6/0x720
[ 1383.743018][T22185]  ? __pfx___sta_info_flush+0x10/0x10
[ 1383.745407][T22185]  ? ieee80211_scan_cancel+0x1d4/0x960
[ 1383.747750][T22185]  ? __pfx_ieee80211_stop+0x10/0x10
[ 1383.749904][T22185]  ieee80211_do_stop+0x281/0x29a0
[ 1383.751933][T22185]  ? ieee80211_stop+0xc5/0x2f0
[ 1383.753909][T22185]  ? __pfx_ieee80211_do_stop+0x10/0x10
[ 1383.756222][T22185]  ? do_raw_spin_lock+0x128/0x260
[ 1383.758309][T22185]  ? mark_held_locks+0x40/0x70
[ 1383.760351][T22185]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1383.762704][T22185]  ? __pfx_ieee80211_stop+0x10/0x10
[ 1383.764832][T22185]  ieee80211_stop+0x165/0x2f0
[ 1383.766763][T22185]  ? __pfx_ieee80211_stop+0x10/0x10
[ 1383.768707][T22185]  __dev_close_many+0x312/0x710
[ 1383.770795][T22185]  ? __pfx___dev_close_many+0x10/0x10
[ 1383.773081][T22185]  ? rcu_is_watching+0x12/0xc0
[ 1383.775057][T22185]  ? trace_contention_end+0x126/0x160
[ 1383.777391][T22185]  netif_close_many+0x233/0x630
[ 1383.779456][T22185]  ? find_held_lock+0x2b/0x80
[ 1383.781317][T22185]  ? nl80211_del_interface+0xb9/0x1a0
[ 1383.783304][T22185]  ? __pfx_netif_close_many+0x10/0x10
[ 1383.785562][T22185]  netif_close+0x17f/0x230
[ 1383.787411][T22185]  ? __pfx_netif_close+0x10/0x10
[ 1383.789587][T22185]  ? __nla_parse+0x40/0x60
[ 1383.791473][T22185]  dev_close+0xaa/0x240
[ 1383.792848][T22185]  nl80211_del_interface+0xf0/0x1a0
[ 1383.794949][T22185]  genl_family_rcv_msg_doit+0x214/0x300
[ 1383.797265][T22185]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1383.799912][T22185]  ? genl_get_cmd+0x3e7/0x760
[ 1383.801921][T22185]  ? bpf_lsm_capable+0x9/0x10
[ 1383.803915][T22185]  ? security_capable+0x80/0x260
[ 1383.805768][T22185]  ? ns_capable+0xd2/0xf0
[ 1383.807594][T22185]  genl_rcv_msg+0x560/0x800
[ 1383.809677][T22185]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1383.811792][T22185]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1383.814041][T22185]  ? __pfx_nl80211_del_interface+0x10/0x10
[ 1383.816175][T22185]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1383.818337][T22185]  netlink_rcv_skb+0x159/0x420
[ 1383.820504][T22185]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1383.822741][T22185]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1383.824900][T22185]  ? rcu_is_watching+0x12/0xc0
[ 1383.826900][T22185]  ? __rcu_read_unlock+0x26a/0x5e0
[ 1383.828745][T22185]  ? rcu_is_watching+0x12/0xc0
[ 1383.830669][T22185]  genl_rcv+0x28/0x40
[ 1383.832338][T22185]  netlink_unicast+0x585/0x850
[ 1383.834380][T22185]  ? __pfx_netlink_unicast+0x10/0x10
[ 1383.836611][T22185]  netlink_sendmsg+0x8b0/0xda0
[ 1383.838599][T22185]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1383.840828][T22185]  ? apparmor_socket_sendmsg+0x15b/0x270
[ 1383.843054][T22185]  ____sys_sendmsg+0xa4d/0xbe0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1383.845110][T22185]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1383.847421][T22185]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1383.849616][T22185]  ___sys_sendmsg+0x190/0x1e0
[ 1383.851530][T22185]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1383.853795][T22185]  ? futex_wait+0x11e/0x370
[ 1383.855480][T22185]  ? find_held_lock+0x2b/0x80
[ 1383.857308][T22185]  __sys_sendmsg+0x160/0x210
[ 1383.859264][T22185]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1383.861432][T22185]  __do_fast_syscall_32+0xe7/0x970
[ 1383.863692][T22185]  ? lockdep_hardirqs_on+0x78/0x100
[ 1383.865882][T22185]  do_fast_syscall_32+0x32/0x70
[ 1383.867930][T22185]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1383.870122][T22185] RIP: 0023:0xf704efec
[ 1383.871819][T22185] Code: Unable to access opcode bytes at 0xf704efc2.
[ 1383.874543][T22185] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1383.877943][T22185] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1383.881122][T22185] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1383.884440][T22185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1383.887762][T22185] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1383.890546][T22185] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1383.893746][T22185]  </TASK>
[ 1383.895177][T22185] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1383.898066][T22185] CPU: 0 UID: 0 PID: 22185 Comm: syz.5.5993 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1383.902285][T22185] Tainted: [L]=SOFTLOCKUP
[ 1383.904112][T22185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1383.907799][T22185] Call Trace:
[ 1383.909158][T22185]  <TASK>
[ 1383.910364][T22185]  dump_stack_lvl+0x100/0x190
[ 1383.912268][T22185]  vpanic+0x552/0x970
[ 1383.913870][T22185]  ? __pfx_vpanic+0x10/0x10
[ 1383.915711][T22185]  panic+0xd1/0xe0
[ 1383.917100][T22185]  ? __pfx_panic+0x10/0x10
[ 1383.918642][T22185]  check_panic_on_warn.cold+0x19/0x34
[ 1383.920890][T22185]  ? ieee80211_tx_skb_tid+0x46a/0x550
[ 1383.923016][T22185]  __warn.cold+0x191/0x318
[ 1383.924814][T22185]  __report_bug+0x30f/0x440
[ 1383.926652][T22185]  ? ieee80211_tx_skb_tid+0x46a/0x550
[ 1383.928782][T22185]  ? __pfx___report_bug+0x10/0x10
[ 1383.930813][T22185]  ? rcu_is_watching+0x12/0xc0
[ 1383.932748][T22185]  ? trace_kmem_cache_alloc+0xdd/0x100
[ 1383.934910][T22185]  ? __kasan_slab_alloc+0x89/0x90
[ 1383.936936][T22185]  ? ieee80211_tx_skb_tid+0x46a/0x550
[ 1383.939063][T22185]  report_bug+0xb2/0x220
[ 1383.940783][T22185]  ? ieee80211_tx_skb_tid+0x46a/0x550
[ 1383.942918][T22185]  handle_bug+0x16a/0x2a0
[ 1383.944662][T22185]  exc_invalid_op+0x17/0x50
[ 1383.946482][T22185]  asm_exc_invalid_op+0x1a/0x20
[ 1383.948433][T22185] RIP: 0010:ieee80211_tx_skb_tid+0x46a/0x550
[ 1383.950830][T22185] Code: fc ff ff e8 88 27 5e f7 e9 8f fc ff ff 4c 89 e7 e8 ab 27 5e f7 e9 4e fd ff ff e8 71 27 5e f7 e9 0b fe ff ff e8 c7 ae ee f6 90 <0f> 0b 90 e8 ae 04 80 00 31 ff 89 c3 89 c6 e8 23 a9 ee f6 85 db 75
[ 1383.958339][T22185] RSP: 0000:ffffc90003946df8 EFLAGS: 00010283
[ 1383.960740][T22185] RAX: 000000000000663b RBX: ffff88806f238ec0 RCX: ffffc9000c6d9000
[ 1383.963837][T22185] RDX: 0000000000080000 RSI: ffffffff8b1a2d79 RDI: ffff888028d48000
[ 1383.966967][T22185] RBP: 00000000ffffffff R08: 0000000000000005 R09: 0000000000000000
[ 1383.970078][T22185] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[ 1383.973203][T22185] R13: ffff888074474780 R14: 0000000000000007 R15: 0000000000000000
[ 1383.976329][T22185]  ? ieee80211_tx_skb_tid+0x469/0x550
[ 1383.978457][T22185]  ? ieee80211_tx_skb_tid+0x469/0x550
[ 1383.980602][T22185]  mesh_plink_frame_tx.isra.0+0xdf1/0x10d0
[ 1383.982796][T22185]  ? __pfx_mesh_plink_frame_tx.isra.0+0x10/0x10
[ 1383.985003][T22185]  ? mesh_plink_timer+0x30/0x9e0
[ 1383.986995][T22185]  mesh_plink_deactivate+0x271/0x340
[ 1383.989106][T22185]  mesh_sta_cleanup+0x35/0x80
[ 1383.991007][T22185]  __cleanup_single_sta+0x5c0/0x730
[ 1383.993082][T22185]  __sta_info_destroy_part2+0x36a/0x500
[ 1383.994908][T22185]  __sta_info_flush+0x4f6/0x720
[ 1383.996855][T22185]  ? __pfx___sta_info_flush+0x10/0x10
[ 1383.999000][T22185]  ? ieee80211_scan_cancel+0x1d4/0x960
[ 1384.001178][T22185]  ? __pfx_ieee80211_stop+0x10/0x10
[ 1384.003254][T22185]  ieee80211_do_stop+0x281/0x29a0
[ 1384.005089][T22185]  ? ieee80211_stop+0xc5/0x2f0
[ 1384.006794][T22185]  ? __pfx_ieee80211_do_stop+0x10/0x10
[ 1384.008965][T22185]  ? do_raw_spin_lock+0x128/0x260
[ 1384.010986][T22185]  ? mark_held_locks+0x40/0x70
[ 1384.012926][T22185]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1384.015236][T22185]  ? __pfx_ieee80211_stop+0x10/0x10
[ 1384.017171][T22185]  ieee80211_stop+0x165/0x2f0
[ 1384.018794][T22185]  ? __pfx_ieee80211_stop+0x10/0x10
[ 1384.020868][T22185]  __dev_close_many+0x312/0x710
[ 1384.022816][T22185]  ? __pfx___dev_close_many+0x10/0x10
[ 1384.024954][T22185]  ? rcu_is_watching+0x12/0xc0
[ 1384.026853][T22185]  ? trace_contention_end+0x126/0x160
[ 1384.028992][T22185]  netif_close_many+0x233/0x630
[ 1384.030886][T22185]  ? find_held_lock+0x2b/0x80
[ 1384.032468][T22185]  ? nl80211_del_interface+0xb9/0x1a0
[ 1384.034593][T22185]  ? __pfx_netif_close_many+0x10/0x10
[ 1384.036731][T22185]  netif_close+0x17f/0x230
[ 1384.038510][T22185]  ? __pfx_netif_close+0x10/0x10
[ 1384.040494][T22185]  ? __nla_parse+0x40/0x60
[ 1384.042288][T22185]  dev_close+0xaa/0x240
[ 1384.043957][T22185]  nl80211_del_interface+0xf0/0x1a0
[ 1384.045716][T22185]  genl_family_rcv_msg_doit+0x214/0x300
[ 1384.047843][T22185]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1384.050277][T22185]  ? genl_get_cmd+0x3e7/0x760
[ 1384.052165][T22185]  ? bpf_lsm_capable+0x9/0x10
[ 1384.054033][T22185]  ? security_capable+0x80/0x260
[ 1384.056000][T22185]  ? ns_capable+0xd2/0xf0
[ 1384.057709][T22185]  genl_rcv_msg+0x560/0x800
[ 1384.059472][T22185]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1384.061393][T22185]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1384.063476][T22185]  ? __pfx_nl80211_del_interface+0x10/0x10
[ 1384.065738][T22185]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1384.067892][T22185]  netlink_rcv_skb+0x159/0x420
[ 1384.069832][T22185]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1384.071835][T22185]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1384.073952][T22185]  ? rcu_is_watching+0x12/0xc0
[ 1384.075883][T22185]  ? __rcu_read_unlock+0x26a/0x5e0
[ 1384.077929][T22185]  ? rcu_is_watching+0x12/0xc0
[ 1384.079844][T22185]  genl_rcv+0x28/0x40
[ 1384.081454][T22185]  netlink_unicast+0x585/0x850
[ 1384.083375][T22185]  ? __pfx_netlink_unicast+0x10/0x10
[ 1384.085478][T22185]  netlink_sendmsg+0x8b0/0xda0
[ 1384.087394][T22185]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1384.089458][T22185]  ? apparmor_socket_sendmsg+0x15b/0x270
[ 1384.091350][T22185]  ____sys_sendmsg+0xa4d/0xbe0
[ 1384.093271][T22185]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1384.095357][T22185]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1384.097500][T22185]  ___sys_sendmsg+0x190/0x1e0
[ 1384.099388][T22185]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1384.101466][T22185]  ? futex_wait+0x11e/0x370
[ 1384.103296][T22185]  ? find_held_lock+0x2b/0x80
[ 1384.105202][T22185]  __sys_sendmsg+0x160/0x210
[ 1384.107060][T22185]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1384.109119][T22185]  __do_fast_syscall_32+0xe7/0x970
[ 1384.111168][T22185]  ? lockdep_hardirqs_on+0x78/0x100
[ 1384.113266][T22185]  do_fast_syscall_32+0x32/0x70
[ 1384.127642][T22185]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1384.129871][T22185] RIP: 0023:0xf704efec
[ 1384.131165][T22185] Code: Unable to access opcode bytes at 0xf704efc2.
[ 1384.133221][T22185] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1384.135822][T22185] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1384.138265][T22185] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1384.140682][T22185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1384.143079][T22185] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1384.145521][T22185] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1384.147964][T22185]  </TASK>
[ 1384.149651][T22185] Kernel Offset: disabled
[ 1384.151017][T22185] Rebooting in 86400 seconds..