last executing test programs:

7.292720611s ago: executing program 3 (id=2490):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, 0x0, 0x80)
openat$uinput(0xffffffffffffff9c, &(0x7f0000001600), 0x802, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006280)="c9614df797d5bbaf2d529ccfe807cb2396820ca614edc8f52d067330a81f6c26f4cc0f48e5ae1d42335297538a44b9b28f2d36c39510bcdb6cf2fc17d9b35688d0447cc7167668496bdd28d8df1292b12b61894268f707c212263b3f1ae188c8a69527ac8e196f23028853fd4009294124f18fc47bd2322220e5f0d5d30223095e4e748803b6bf25ba87f40183766b5d2c3a6b3d2f7566b160f0e0742a6cabf6b0071295bc4d5ca4ee60a1fbdc8bbc1f2a59428bc836a1ef0c2dfcbe514f9857f7230f848af37be100dc4f4115ffcb0198774affeb7690dd6782a9f51987dba5d9fd0b6a3426c1ce1e04e48f4255c157450791ba022f0bad4844a22679bb17601987f461d7a35d7de8874cc3c47f360b3c31dfdbf7bb9f93ec80046118660e8bbb18930914f087c05df436073b9ccc5a740f8f634cc827245366b1179aaaddd2bd161f2fa413e1beded9f3063cabd52ece7139af17db00b63117a6b6a1ad8c33ed779d7dddf5b40c17635397b878c7117923f26767864e788da1f79dbbc769fbab45b34198b69dd0599904a0c1297812f9ad9cbf48c59d553b1004ab8213802f3a0852b5b827ab3ea7220873b379b459d7a09af061ccda8bd857d3b2bf2dbaea1b00e2cd0bcc8d6eb11c04bd21532bec66ae36d674a4dd01ab54c27d3267961ecfad0042837fea87d75cecc7a1a58f79f77d72fede0757b7c1f54a5040e741a0fc785ea0ad13bcfc0b69df4dc29dc75e331d2ba03c3cdf04e0a4490159b43c6ae2c010f276c85f3bc46ca94e73e11762739e40e6bfbc113f46ee6ab801b97d42fadc067e23a3151ae90ff64c80e64bba5313475948fbd24a6a95f7ec0b221c9f901c68d184d38b2e09cde68fbd6dd022b6fa1db26aa6ebe2128a93fcb7259ebcde896bd81685c881cb25f581e27479f929e1094852559209c255b0dd5317b148567674b235b10e093363e8e4bd15c4ab90c44abaadbfeabd65e26223543c415befff4d280ad0f0dc132b5413bbe96fdedcabc55e9f3eeead53a1f2d7c0455c8a3bda363a8c33c99888a05546f49dc4c3593aeb30b8ea314b77b8d117334d9c3f800a132e4c3bab461863f027dcfc066bf93f0426d74e02c92a0727309d5bf5bf8242a2b594b81de0e030e55f0125b5d4e12dbffc6806a6c7bd6d62c3d54e87f0607e08750d808a2f442a7eac0ec311c3498b9709ae2f505d5e8b3670079847644147741ffca679bbd1b658bc6c422e58d070f8608c246677af0e2efff5cbf88b3b4a0431a2f26648d64991cf99848012cb6eecb8a13ea91ce77d3c8f2bc047370f4811ae5c341371e3b65bed88294580ba90258c8d36683f21d91a8a914948b2222e4127b061cc0121b97a1b9b1c4ebb7ee166b5af58497d7e0ac90fda25e41a2490ec5d143d0e47475741b30138585637d7997fff2a8805a88c4bd75975ccffcbabefa3576328d86e802b8490e8a773e01afa74fa26c6849deb15b05596e7226cdc0c0ff364bcb4e62ec54984c9485b6eb819165972b9c935a3ae18c698438582e170437c538d7d24a935036964c77e6ed37de77c64384b258f7bbe944f630d3ca82c441c6b2c5bc73dd9f90ecff67a816de7b15bdcaa5a5f1bb8b270a8ac1119e1626e29eb5f2ae4595ca2e10c2e6b297c30c3eeb432ad374101938916c77aefd2ed0f5bb658922bdec9bd76767b9a4b56a15aaa2f7e7d06dba36710a4c8d69d2361aa5f1864710d0868d8f7616cffac40e0accd9b44df8cb5b5324039d82c44e9b97d3a77d914a3738cab84541f0dfc2ed93fb3a746d19cf73495cab380afcdac8acf300e34bb68917009ec1d205dc315669c6341218ebbd0a380c0d14396732e430544ea02d9aff1ffd199c475c4cd313aac4de1121055d806858ee1538436a5f3a549230a42698aeaa3b58b5b9dbf6e11292dad9e0535f5c0685105a448888101ca2228ab50af16b657bb9abb5d4c40cf03931f345663ef6e7655048f78bd23227c6a78bd8b8a457abad7267c8d3ed8decb74cfb21c98471c31f068fd8fea32f13d4478e476d7b5ee10579bda100686db9b3fac14b71e614fd156bddbbde1bf759d0023eb50345e970fa93efd99469583eecec690147f3c075da4efeda849b172829f34e31b281d844fb7c04ca49b30a15abbe493c191e003b76ccb8b2e560ddc3573c6182a87f8e5bdbe10333b3ff3381705984e5595831c025335d0438b053d17fe2f43424735ec3e9d0e8dc278d9e3f35d8d6881e47801d9f77ddf9954ba8f4fe95c295a67968b07bde6378b5ccf24f3d0d228b3cfb4624318828a2649af11698c56860c85617a5151f879846383f5fcf0e9ac483bc4c60beda3bd273a594fc26850d31a852839f23f9e5ffd31d63a7cee2341f22f385d41521aacfe6faf1c5b1e024cd6c6cd4b8696b8e66c6268196da27dc4090552748260bba916b932cbf8066b07dbf5f75b5ea04c385d2ac971d079ab7d4a6bec1008b7564f167aa903acda2ef1756ddbdee86ad25b172479756036d1e11b5c2ab10e657e3b3c768840fd111477bfa05b9e7a2ee765d685f7688765f2441e052a60f56286e6d15ea19d98306a0a5b5efd5b1363bf357d836cb20bb2420ecff7fd682c78763bd1ab31561e6a36a20bf57024852e168bdbc82efa42f7302dc5519c2b56ba3e960437e69f5502048e914540bd4e6138e04e3cb04c75abaee441dd29e23a23948eecb2a7883ae6f3c35b3a3a965fd062688a5975059da47b6029f38baec8d3932295a2257c83a0f966aa7c19db13ccadb86c6c81d84a09bd0782cc87369c8b3a006fee64323c964dcd731fbcaa2f1c1b19f55688365f183bc26bcb636eb0622fc5f5804d46db493737078fe6a6e82f34e48eef5974787c8c4b8abd8a0dcf516862454915b7b9d81a48b9d14a3a08a9408e41c3522480a925cb9521f02cf4380aa44796fa9569aa5043787d9c3a0a345f202d66e28f6c5fc17f8998655bff0351687e2ef6ee523f965d37ed7c4c1fedc51ad7024d8c1102fef833ecf9289050b944e2e9a5646e090f5ab5be3759ea66ee79d5f870fea4ed505a231461421084317c6c5379c74ba5eef02b77c9687f49b05606c5969ae5c84f74a7d43b148dddaffcbd45e8c4eefacdd5c8c07f926baf0b1e7f65c7184c56c9ac355fde5df39557d4011b7eeb65a18fca8de446d9879404bf64f3e460232642960938e6c797d3d942534fa64b9fb0ec5648940456ae4ec22df6ccbaca34ff8a296640ed28f903db33533e0bb4927ac96312580810a38738d5c5ae638359379d244d0c45cc9bc4525648748f4a2becb101c08d7c4ecc407067cf1008cb0f14279bae658ea5f16084769ad66a8e6a9a5137ec65764ec6d25e688cf8a357252420b1ba619e8ab19d28019060434a9d2579be998e8a735778b690cad9512cc9604d2e60e01f2cbb714dbfd87795092e0ff7acb8217074a6d0b9ae00d80685798eb4bee828dff6e1f6858202381cb4051c6a5b6918f8c042a3698ac5eb402abc1f27932764ebd54daa45105666041c1a51e55bf1761c2dbe2c75a511b168f4961385d1a7b7c780fc1c23f1710b7c1e4716e99ed044ce4697fa3b649bc85443ef1b111549d342cd2a417158d01c483e6a2d6535a5801c00f5a7bb47a0d51656bd50824b2f998ea59cde88a7c329e09f19a704104309b674e9b6dd48acd0abee6366ae1ccc24fc2cb1fc0666e71c57e314464c2f2b950b76d426441265f34ae20af7e5dbf47773459f2e34a3b1a2af5d2f406cda82049ca734f22c6ac5e284c4f4c3f10edf89ba7eac611dfd27c46fbad61aa3c5acfd1a29611b917a26ba070169f08e81441e7d6f77f73837dcf6c758c40fecebab6475fee4a6105c844fc52eb603159d4762408911fce84b736a4fae34cb79dd525ebdd53b3b241a08c664a90a6bab087052b82db1f0a9e2f98b78b4998504b148711f47caac7229b708a562e6968b91720b585b2446f7f8aa848d433ebdf0d9d5c866ae7c3660f0be9734959533da9b9484dd10954c7bbc631fc07cf74d1a103076721639a19dec9ba88904c55c3d0e4829d14e48c3f93097521c4a9f4fbcf7b0d17baa7b742afd32a2e78be29f6fb37018bd0579af59985171a8dd5dd35af833fd8816cdd704fa5214260994cd64bae6c7d1376b864874de542dafb0a5c4b29c5bd887bf1dc8ec0e2f907fcffeb6522a3aa20c8ae5912b519049719cba277be7bb6c4341d65fc530804dec7ce5c1a64c4aef279c0da8a1bcc89a63542fc2af2cd1d69701c78db225c596190e81fadabd718b794689fafc929ed092b90218642ae0c75ffe6b9fa9baff10f2424d43ecda2867013d4f2e7562d3bcaa7f51f1f5a96bcc9bff8dd1bce4eaaf49626550183dc19eb358c146b657c2b34fe67a8ecb12b1b29b3d0bf28d6ecc13578f7d1ec1c7f7f76f325d920ff717c7d01baffa0d52166f6849832895f9ec960c65b06506caf39ea6ececccfa197ae151b948d415338c18b3ac35f6f96e67c7662de01f8a92c2a224f4567fc72333b43fb099dda8c49c3cbaee48cff545894390165fc290d798888a84c583b0096513a5c61b2ee1e836b17632cff8f71f9c73546882961cf25a010c7276791167e0dd7d2de8bf44abe9f12419c8776d84418d8e26463ea139e64f82f81fc5b577957f6d34b247a6d7d79aec95d80320b7999f398347835d82a74f3f5637a37ca08158d4022e39ef514f264ba84dacb3c5270272ae94ee3858eaf4de98e8d944273398e315dc42a277fb97d9ee7ddc4f7dbb6cbdbb9283ff1ecbde638ce6edeb18e680addd942f6632e73fc11ba5874a179c79ae67a6406d19ab7293af407cd319862fd4c9568a3bcf31a11adc4ddd8a924e10768594e4689a109daeff28f15a182ee3bfb347f0500005d8dcc691421b6fad377a9ceda726d195eb847ee879664861d4e2e0d3567362524303feafc2b552f0f1f64436ce9efaa63b2b268c674969c879d027c37aca197b71cfe47670cc268de9714a91a3a50c7c205daa613c56c1b1f13d34eaf8dbfc126e0e9fc10cd3e508154e6cea0572e179e424d2270454b1000a3bf4aac26b18efeb9115b6fcd3fcee6ed5b9c3d585394077c35850ef697c5f8a57a270431a0a2e81f6a6269bff09be4da7640fb600130375de62e9796eed4e4e25bfd3f6addfe62addcf2b8fa8eb28d8c3fb20800a8e9ae87c114a1ae91ed347f8ff589cead9e646722180fd60bdc9d0923a1a6ec8fc6de5fadc2203344d459ef6f0145ff71a4cacdabaf1b55f262c86733dd109b747f8740a3959a13a32377e522997fbf93c41fe3408a67d7253df6e399345d9216600f82fefcba9db303442ab3f184c012b1359e8601d85d6b0312ea7b0474d0c8dbca06625643e94ffdacd9a0a2839674249370fa67a5681df0442079cf67bd073859cf3d423711639f8addb6a9acceda893f017f3ca1f23f1245473be8bc6b5c51afc5d088fc764b3d96c9bbe7908806e2b64908bd0be73aa09eeb09de1117d0159b17a166bdb1394892b815aabb68dd7aef00bb6660a31088c88d16d433079552f25801472a7302a44fcdaf13410d15ab5e690cabdfddf112046f58ded90f4d4cdc4de5bfbc5259456ace66f7dbde5c49446d377b87181f0ba03598973137ec2f9b038c0a8ddcd46a6d963086c383c9e86b98fafc0a3b8d7ace5e5f96a0414a4afd5ae75847997f982b338901d81a852081bd47ccd553c2a41aac73f2381e611c8c2581052779e0494f0e1efa0974e11659866f8687fae4236556988b24e0bfc2dceb6f71fe09ee3b4e723dbf369dd22b7889ba296d8c4062aeef1113839c793e4bf16a35b1388ec6af47c363855e03137e9e1d4795beef29d4bb62d611e14fd8f880ff1c8267f259b46229b96bd0e8f7068503b223fc01ba9d8986c601e9807bcd3c232babbbb3112c87d7c30ae496841c03b361045a31e9819b69ec7b94a12d1793ee0b9267a3f9b77e965d1089a2356c46a05f6facfe3e1fe10f5257dd1e83972a9bdf1275ed03ee0c32d8021f264ecd67f635051c9f51f69d4848876c7d68703cbdacaaac18c1ea5e43d9554ddfaeb22f72e73e53760ca15ee52fee57e153702f7f78001a282c8389adc9f1a9b33bda27d4ac6b29dca8b082db3f858df468570d2c099a2b2e5c0897e0183ab8b4dfb62d65d7492347d51ed7b69b414d0de1be678664c7209f849d62d0a5e3a64daeccd1f332831c4b91a11a5c48444e39cd19d0e45120d5ac9c03856df66c8615d359e2f89484a068468a3e319166631932b643d73ad3879b8c8854232384ec62bf7d3c68c51deacdf8685870842e57464659fc9cbfe75f97d8a34d730a74828757661040f9f2cd1832d4c15cb774e0af4d4d0dad5e0098e580f6259bcacb3557fd8442910c8222feb58104d075ef976218a6ceaf10a807b0df2fa5b08945ad17dbc17cd88d7a9bbe2d21332d2ce8a29abbfca7df2f498798e0cb0846c10e4a9125c0b7ab06902f15d8521c10def1ddc94e4f563252894f844a3ee109aec35f766001520926351795ecaa582e90598503a22a9d75bd60c8cb631897d98ea5d66d8f9f06345bb889c4aa21115518b444c2d9d45de72abc73659aafc00465cd3564834389576c5c04f911e2ac0082d72c58e2cec954e6ae72dba6c8b7ed682f488e81bc706d34c723fa3a7ba967b6b00e1abea0e7622a0d9ca17d403bcbf5e2316ab4d46734226ed6797c84161384fbb46b8fe8653cd351e526cca50e7ab8885dd7b5d240cfd15a0253830a7ceb9db44bb12529b77e3cc835442b4d58c7db6a762b7e2c5a3fb37ae9f1426a99823c2df6ca2f6fbf886af52e8565abb7904da69ad7f7029cf73ecc37b5a8c1da6a9e9e1cde38506c96bd7c8d2303d494e422fe181c96a6359b377f18917ae78729911b40b7e69cbefea3c25dd9803aee3183ee3933b5c19d84a400e6c57cb20dc7c7e68739edbf1e8e3475e0a64823dedb46c27780ad01a90a4244891c262d8b0f99e3b1adbb906f82e1977a6101a9d2b44b4b9bfc1f102490ae19e657fa8e7f432eb52d2a4ce932d5346566b887ad4c4f4b5d0dbce790a429f546593e52979c8400441bfe8485c8b864f81b627cf1e20c800b0197b562d0f9b173ca3ba0fae69fe11b91909df9a98ba358e59edbd73da0707a170b3e51928c9c27863dbc83bdecf632b0cc757ab90a270312b2949fdd93f6bea54e303fb0a97b380d516a36f86f053e55e81504affaf7d7b1b8bbde5da525d3f60a628ae17918e07b32b408b51ad3ba6030c3555556334f2fe7c11098007f3e232c8953754c794f807b0ac3680b2a3688f5205d90ccce3ba9c7907508cec61287ad0aa55a151e639bb9086444bdcd149bc5c003340b8381d8c35b073729d2e95a21af1d9995c8093d570b59d8730dd04f3e26ac85e20166e5596082680de90522bcb9532d9e9dce3a10e998f25503902fd7814577ded668bbf3de129c024135a8af420ded350479f13d55290274e3ac63f4568ec7c7a8244f610458d85ecf29aa135d0e56ee52d743200a754ee4508e94d5bc15b3cc8a28c8f37de84fb3cf27ad7590dcaedb78fd8c8f46aaa3529fbb1a2536956c940b605eda0668b1a0f763060bba65d471450a2b34c328c9fb5971851b341a092e315e34a6801cc0808559e5de6d2d9508d11d3072426aa2d43e65f8429c48dbd03197c4f616c253a5b1b50e7ff7cd44df88f5f142997adf976cd2f0cffd673c1791ab969f9dad5867abe531227c059e7b7a9c2343aad230c83513a130ce6e0c4d6815e2bd91f99b6c514703f50fb43139f2e83c521b7e5a3ff4603f006bc7d162047e647234b87439278b10ccd92a4fca136f74d211592235e602d3643fa190cecc8edaf2d727dd5db07f9873048b1f75e19e7c39ef839c0703ec53f70c9fe39b43b98fdacd56b49a416e3b8c66604fb912e3672b8b1a6c5ff7db16320b599513d39460098138b7336d9152df98179f2e07c5abffd4ecf8a2cc8903a40563f187da3a99071bf0c93a65708cb36cd6a69545b78be13a3df9b6c336166b591637bc1be3dfc502200ea982d3b428824cf257184ee93f2d0f3168d4179d238497b84cb73abead20f710057b52ed535adee055081cee4aa842c82c220c160477c16bd1baaa73f46442d2a00658303a9433aa858ce880ed80fa04b592da3c3452a0810f759cbfccd7143d10427c1d39b5c5ecffc590377ce68976315db340e0c00d35d34bec22cfe95882f52f40248281c94758c809d5e65cbf9aeb2dffbdbf2f9a7d10dcd6e7eccc5781851c26990d4a2a2e71598dca6973bfabc82a6135bcc1ee3f1611ced7454e271cbd85a07a583fe89ea98dc4c1b52293adaadfd195b95e6fef37525736a048bd3bb7cc769c50b26c42445f2d5aa37c5ae529b90a5638d920a330ce1ebaf9d979e1b8ee70aba747f7f1a0b9a873167fb5829e64ad08facdfed0fdb76718ef97eeb028cbea23578969190d46e27f81d5eae27987007e217d540d11a33cb36e5768d34d7607ea83221cda3cfefb1cc65f171711160eaadc737013ec1d51de97afd4afc67aa15a23f197800a0566ef4937a6bba9f3334c0aa0e1ed7e9b5c3fc52a3ee112169ed5bce66e88a06f7f3fdda21a10b818c080f2e08e16af6eaac777dff81bfc2231f4cd7360d460091929035b268785e54b3704d52b8c32ffcdf00f21e7f8d3434b3e1ee711a8427596a0e8ae606d02b06914ba09c0a75b2858c7a8dcfff15e2a78549a447dd5d0d5ce912623e4b43fa4106d98e0a5f7960deef827fa30e52697f486cc9928e9b614253a461435d9e993f4a2a700dd0bc54519a2044f36e8f02fb78ca1025d1ce8c35366eddc90818ca1cf9e28bb8ae0f337efe98b82af2547fa03c3eb0813e942d92f1dedac412fa6738c73339959d8f620ceb02ef65dc0a9e4ca272d1965c73c2b06810ba6e13d83de07c4eecbb9e43744b414003057bc26fce09696e98146e59b79a6d817e26b132e3c935d8e5230335ae363a42084ba271058fb25268b139397ef984861d4adbec66e66477df46049fcb8e5f0179846ca020284eccac22b51c3273ae69898295686843bfe2c2ce4f43ea8668a3121558c52d4eb967341197f650e3f145877eb1f5de8377434b18eb2a7bdbb5d7db569d0564d2db7b31f174113d8487be7a5f91f97cda158aac83f0b84eb6a787d30f35f8a1e5ce28f9f86999a06cec497fcd1c8c1c570eb00f1946f300a03bf9b08584df33e2050950dcf4010928365d667d8ee42403c9d1bab54a7518428f7679e0a0e172f33bb3b8b0a829ea3d53fe478fc2556fdb4e51bfa638e9343f628ea570a096e016f5e47e4b72b29b445f9eb12d133277b1213eae6a2ea224ee80e30eb2fd12b08bfb56a588f2f2e67b9c2cb4795c025bb257e954a7720f57687482d119b1850208267eefe0e65b0dc022da6c3324a0d4e1d35dea840b6bdf2fc652579ba3fe55c41126ca4cd54636e86089451e97e5ce3d7cc2499f0882a2c761f0c74640d5152a5bad5091187cbc0c11683f53b5f2b8d4202e33f42070f13e77a63e0794c6ac5dc986a531ab49225d408d8da33a3c89ec856b336faaee251afabc4895afc41165fb558e6c26a3dc12037945f47fc6e60d710f68ca3dd2f18ca8d96cb9e60d2d91cd5b5f56168dc8bda3d3d31779e02c9c6349847504fac30a82466cd692becd3aec74238d336e20a31c2b97be3bbd90c3a2ad938d7ff1b033fc899006acb36eb561a37d4397c09403c845f6081a36d9e4c590f335ebffdee96a0208bf18a9a5ce84ee45c76a22786822e296a957920150f5e11c3354329d4dc328552fa3f2a93d506c7159ddc3054cb1447808cd87c78b9cf74ace81847d712a68d5e88f9c75808fe57383d9867b264e7e3ba233a6bc79a13bf35531e40a1c0d8becacf3d51b07a0cd50e81153e4a0a70128d36ffc096c408b55f47496d08b0153a3e669688a4354ba7dcb65fad21760813afa8a8e4789a9466d7997a27f92e9dfd0e3f9e499c188a200dddc7b57794a2239feb263e8421b79df4f0e6444704476e209101ac5fbc55d41ed0ea466b05401148963ae15dbebfb8d6981330e5b9dcdb01c9d6f9f95ccf28a878e891ae69163071eebd1b738861c58c7b8b0022379412596ea8c2914977e419c5ed53c32e7b191cb148784f42044947eb19e61daf6c853364037a9f734732c8fe5ef76fcec755569621aa4cb7cffd79ffb01b18630bff7751a7e13c3e1427f3cc068ff199ddfe132eaeb4ecd69e48ce59230eff0a81f98ed2835afe2f8911bd9b03ea42cf67abe104cc8b6ee648b515c53f082aaf2ff9cccd1c5c11b920ad82b3bab7e301547713acc37a507059d5a854d08c1330827c87bcf9fb8a337f9d786f653ae90fa293285d5b2b8baf0bc97214dceb9ce1f882acdc45fc1b1c9c1ab8b9931c284fdd21a1c459a064b66f9ccecdc34bf616d9c96c44d741410307968b30d5d4512d5e3c130e2837c10a534bdc7598015c2c0fd1ced2b19628494e5726e55816da6f64c599f7617298c5e1cf4459622dfbf795488238ae1c2716843d2c8ecd1427e068d868ff4d1fa4ba4c701ac81962372867d7c021dd1d0056ef9426e5f8f0579cb26c812abf463d954d5776a3b9f52691ba69ef9dc8fbad3bbafabf6080a9811d23fc9ef802a85a5c315c4700b4d8c68544ca96203f606065bd5e42e1f593d34ef6a086a5399505d12dcd85aafb81da899eb2f01d742b735ec7820330cc92e10b243cafb228c195ade2a4f096b0170bb1be7d5265af0b9598740a5a874326e60cf475c99cacecb013d1eb5202169bcc3d8a1b98484d0dd5b06e4c432e6af4b1fe2a897215295febd579ef3ff568cf02ff1a5c6ba147c4505b3a6119a43b0f960e5fafbcf50135b7efe743580d399f1b21dd8566ab93c12efe9a00902e9fdd333c08ddeebd1a0bcad6cf5ad53fbfa2ce04bb6aa24fe9367c63e2f4f90359b7db4d68d9b68d3d40a5722c6c1fb1e62b27ebbf1bdb39ed409fb579572d64078d1391bad71b2816183da174f2d5c956ae58fd926750a272921b919f0a4aa5f824a79ddaab60c7da7c282053274df30d1df6df3e7e023e9675c329f921999c3afd1ba877b1e19ed260f2119795db264fbb9d72f4a31f230d26e12ebfa04ff480f2e6636daf722ef11df1ee5d99cf999f7dd61606c132d5f8ce95e0b154af0cb9f9ad20a49dc86bb2ad7e2f86069123aa8e25347ab2367c10b3835b72f25e953041dea58242a9b6dcd3635c24bc75f69fc7f18e90fc7c02e11c5243fa9ffceb2951eef8538f49b05c08779e8b68ce637a95e41d057522b60e5b1ed27d5a9bbb1400d01c40ce78ca77ba40cfbfbf7a9104b5d3db2f27bc78136599f3c9434167c8c09a8cb159034cac86167174cda08f81f384a8ea3d0fb9344d2eb1ee9171a2ed8e8eb1d60b669db2274c6811a9d254083f5d0f65aacd3dd4dad307c48a1d46f354bab93bcf98b174c40b00717fd55381519ed602675faa9a7f9cad1c46f66bdfd0c8c16f93ab11cb5773227af6a104dd57783b3e03cfa19f5183af3c908bc53d62bcdcb68d767c6afe9fc3be46ff9a9e94833bd39", 0x2000, 0x0)
sendmsg$NLBL_CALIPSO_C_ADD(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x20000084}, 0x800)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x119)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
openat$fuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x9, 0x3, 0x2e0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x218, 0xffffffff, 0xffffffff, 0x218, 0xffffffff, 0x3, &(0x7f0000000100), {[{{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @remote}, [0xff, 0xffffff00, 0x0, 0xff000000], [0x0, 0xff, 0xffffffff, 0xff000000], 'ipvlan0\x00', 'wg0\x00', {}, {}, 0x2e, 0x38, 0x4, 0x38}, 0x0, 0xec, 0x10c, 0x0, {}, [@common=@inet=@ecn={{0x24}, {0x1, 0x60, 0x9, 0x8}}, @inet=@rpfilter={{0x24}, {0x9}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xec, 0x10c, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x4}}, @inet=@rpfilter={{0x24}, {0x2}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x33c)
openat$fuse(0xffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$SNDCTL_FM_LOAD_INSTR(0xffffffffffffffff, 0x40285107)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000001c0)={'wlan0\x00', &(0x7f0000000780)=@ethtool_gstrings={0x1b, 0x1}})
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x185802, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_SET_STATUS64(r5, 0x80041284, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0xfffffffffffff7f3, 0x2, 0x0, 0x5, 0x90, 0x8, "995e4c8b0ba6f8ed413b1ee5f3a7c862bbf64092868fd6943a428277be3c0fd8c867f86e662e0c2dd39186b32ee0690c16eb180e81ed3e5e2ebe64446497c2fc", "a6fafe5554ac908cc641df63c82e3d2347ef4230f37485c698954b3d8be9b663e59116e54ef137506743aa54d43eeef70999ee41524cf2aef5653e90d68d5ac5", "0286bcec3e402f381e7bdad53f9018befdba9800b9e9fd123eafd0d13d4c50ed", [0x0, 0x9]})
sendfile(r4, r4, 0x0, 0x200000)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x4000006f, 0x0, 0x6}]})

6.786549866s ago: executing program 2 (id=2494):
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x400000000010, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0x541b, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x206)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
mount$cgroup(0x0, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x2010042, &(0x7f00000000c0)={[{@subsystem='cpu'}, {@subsystem='net_cls'}, {@clone_children}, {@none}], [{@measure}, {@obj_type={'obj_type', 0x3d, ',!'}}]})
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0), 0x161)
unshare(0x40020000)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x3, {0x4, 0x21}, 0x14, 0x1})

5.450581945s ago: executing program 3 (id=2499):
setuid(0xee01) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x21, &(0x7f00000004c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
setxattr$incfs_size(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000100)=0x2, 0x8, 0x2)

5.35904154s ago: executing program 3 (id=2500):
r0 = socket$key(0xf, 0x3, 0x2)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0207e80702"], 0x10}}, 0x40044)
r1 = socket$inet6(0xa, 0x3, 0x7b)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000480)={{{@in=@multicast2, @in6=@remote, 0x0, 0x56, 0x2, 0x0, 0x2}, {0x0, 0x80, 0x0, 0x0, 0xdffffffffffffffb, 0xffffffffffffffff, 0x9, 0x3}, {0x6, 0x0, 0x4}, 0x1, 0x0, 0x1}, {{@in=@empty, 0x0, 0x2b}, 0xa, @in=@rand_addr=0x64010100, 0x3507, 0x4, 0x0, 0x0, 0x3, 0x0, 0x4}}, 0xe8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}}, 0x1c) (fail_nth: 2)

4.759638653s ago: executing program 0 (id=2501):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beefff", 0x12)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9cde14b4b725c073}], 0x1, 0x448d4)
recvmsg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000600)=""/85, 0x5}, {&(0x7f0000000680)=""/106, 0x20000253}], 0x2}, 0x6020)

4.684574426s ago: executing program 3 (id=2502):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x7d, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r0, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000300)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000280)}}], 0x2, 0x400000a0, 0x0)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x1, 0x4)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x7, 0xfffffffffffffffd, 0x8, 0x5})

4.683589978s ago: executing program 0 (id=2504):
syz_open_procfs(0x0, &(0x7f00000006c0)='pagemap\x00')
timerfd_create(0x7, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000240)=""/159, 0x9f}], 0x1, 0xffffffff, 0xfff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
io_setup(0x5, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000001b00)="a6", 0x1, 0x20000045, &(0x7f0000000140)={0xa, 0x4001, 0x9, @loopback, 0x6}, 0x1c)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r2, 0x89f4, &(0x7f0000000000))
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSBRKP(r7, 0x5425, 0x0)

4.278175015s ago: executing program 2 (id=2506):
syz_emit_ethernet(0x2a, &(0x7f00000005c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000008060001080006040003000000000000ac1414bbbbbbbbbbbbbbac1414bb61526ee9aa7422ab1b4247f7b55b17c0ca156a557874d2dc16320f6e05460f6c2c3402eb3b4bb4d40f8728ab64083fb974ed26592351af224f9e69c324d35d6ceaa0a4859973bc1a3261873dd274f2bc551d30f80747a0456f872c562135bc6b5c"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x21, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRES32, @ANYRES32=r2])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x24db, 0x10400}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r3, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf408006a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x8000, 0x1ff}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1)
socket$nl_route(0x10, 0x3, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$BLKPG(r6, 0x1269, &(0x7f0000000040)={0x1, 0x0, 0x98, &(0x7f0000000140)={0x8000000, 0x1000, 0x1}})
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000006d4dd2c29693d514a12987071b8e5f7bb41d573a6fcac9c5247fb69f738536292f516594810900c9e9f7fd772e5ade5e43f36fdab864e25a41bbfe361faacdfa8e"], 0x50)

4.118814299s ago: executing program 0 (id=2507):
close(0xffffffffffffffff)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x42, 0x2}, 0x2}}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

3.504303927s ago: executing program 1 (id=2508):
io_uring_setup(0x2255, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x50, 0xffffffffffffffff, 0x80000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
fcntl$setstatus(r1, 0x4, 0x40800)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10)
shutdown(0xffffffffffffffff, 0x1)
syz_open_dev$video4linux(0x0, 0x40, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1, 0x8}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x240cc080)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x77359400}}, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r3, 0x2000009)
sendfile(r1, r3, 0x0, 0x7ffff004)

2.465794894s ago: executing program 1 (id=2509):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$qrtr(0x2a, 0x2, 0x0)
getpeername$qrtr(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r4 = socket$caif_stream(0x25, 0x1, 0x2)
unshare(0x2c020400)
r5 = msgget$private(0x0, 0x0)
msgsnd(r5, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0)
msgrcv(r5, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000)
setsockopt$CAIFSO_REQ_PARAM(r4, 0x116, 0x80, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={0x0, 0xffffff59}}, 0x40440c1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000480)=ANY=[@ANYBLOB="94000000", @ANYRES16=r7, @ANYBLOB="010000000000000000000a000000800004801300010062726f6164636173742d6c696e6b00002400078008000300000000000800030007000000080001000000000008000300050000002c000780080002000100000008000400000100000800030004000000080001001500000008332101f89e4f0481000200030000006a00010073797a30000000000900010073797a3100000000"], 0x94}}, 0x0)
socket$netlink(0x10, 0x3, 0x6)
r8 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x37}, 0x10, 0x0, 0x0, 0x5}})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0000040042800c000180062106009039"], 0x34}, 0x1, 0x0, 0x0, 0x4000895}, 0xc000)

2.457988395s ago: executing program 0 (id=2510):
openat$nullb(0xffffffffffffff9c, 0x0, 0x84042, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000002c0)=[{{&(0x7f0000000140)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, 0x80, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/197, 0xc5}, {&(0x7f0000000040)=""/16, 0x10}, {&(0x7f0000000380)=""/178, 0xb2}, {&(0x7f0000000440)=""/230, 0xe6}, {&(0x7f00000020c0)=""/4096, 0x1000}], 0x5, &(0x7f0000001640)=""/199, 0xc7}, 0x1}], 0x1, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x5, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x7, 0x81}, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r3, r2, &(0x7f0000002080)=0x3a, 0x23b)

2.348681298s ago: executing program 2 (id=2511):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2)
r1 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$apparmor_exec(r1, &(0x7f0000000080)={'exec ', ':\x00'}, 0x7)
write$apparmor_exec(r1, &(0x7f0000000040)={'stack ', ':\x00'}, 0x8)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="800100001000010000000000ffdbdf25fe880000000000000000000000000001ac1414aa00000000000000000000000000000001000000000a0020005c1d0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000033000000fc020000000000000000000000000001000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff0000000000000000000000000000000000000000000002000000000000000000000000000a000480000000008d001400736d33000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000802000000000000ab84411f518dc9d5565b9e05de67830aeb529f334e285efe3786823a0a1e08b53bec30240d4d6f58f05cd36e941758cf60d4c5a818aca82c12697c43daf8000000000000"], 0x180}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0xe0d, 0x1, 0x2})
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc0f8565c, &(0x7f0000000580)={0x4, 0x401, 0x1, {0x1, @pix={0x4, 0x6, 0x41414770, 0x3, 0xfffffff9, 0x8001, 0xa, 0x9, 0x0, 0x1, 0x0, 0x5}}, 0x6})
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x1a, 0x80, @udp='udp:syz1\x00'}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x20000040)
listxattr(&(0x7f0000000080)='./cgroup\x00', 0x0, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x4, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000000)={0x15, 0x1, 0x0, "6106007722366ccef4ba566c4acd3d00e7bfeb8cace586d84a500000000800"})

2.26791066s ago: executing program 2 (id=2512):
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
read$FUSE(r0, &(0x7f0000002980)={0x2020}, 0xffffff36)

1.625136443s ago: executing program 1 (id=2513):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000400)={0x2, 0x0, {&(0x7f0000000080)=""/169, 0xa9, 0x0, 0x2, 0x2}}, 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r2 = openat2(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x8400, 0x1a9, 0x3c}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f0000006680))
r3 = socket$inet6(0x10, 0x3, 0x0)
syz_clone3(&(0x7f0000000240)={0x4e102000, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58)
syz_clone3(&(0x7f0000000580)={0x100000, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x1}, 0x58)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000d40)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10)
fchmod(r3, 0x29)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x28, 0x1, 0x4, 0x3, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_MODE={0xa, 0x2, {0x38c, 0x1}}]}, 0x28}, 0x1, 0x0, 0x0, 0x44041}, 0x0)

1.624819657s ago: executing program 3 (id=2514):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beefff5d564c", 0x15)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9cde14b4b725c073}], 0x1, 0x448d4)
recvmsg(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000600)=""/85, 0x5}, {&(0x7f0000000680)=""/106, 0x20000253}], 0x2}, 0x6020)

1.567454403s ago: executing program 3 (id=2515):
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x400000000010, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0x541b, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x206)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
mount$cgroup(0x0, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x2010042, &(0x7f00000000c0)={[{@subsystem='cpu'}, {@subsystem='net_cls'}, {@clone_children}, {@none}], [{@measure}, {@obj_type={'obj_type', 0x3d, ',!'}}]})
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0), 0x161)
unshare(0x40020000)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x3, {0x4, 0x21}, 0x14, 0x1})

1.567007642s ago: executing program 0 (id=2516):
userfaultfd(0x80001)
open(0x0, 0x2a4c0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000180), 0x0}, 0x1c)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, 0x0, 0x0)
r4 = openat$binfmt(0xffffffffffffff9c, r2, 0x2, 0x0)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r6, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r8, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000001240)=[{0x10, 0x110, 0x1, "dc"}], 0x10}, 0xc010)
close_range(r7, 0xffffffffffffffff, 0x0)

1.378210097s ago: executing program 2 (id=2517):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000ae000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='fscache_resize\x00', r0, 0x0, 0x2}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4, r2}, 0xc)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r6, 0x400, 0x1)
open$dir(&(0x7f0000000080)='./file1\x00', 0x8000, 0x30)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r7, &(0x7f0000001440)=""/123, 0x7b, 0x841)
close_range(r5, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
pipe(&(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
vmsplice(r9, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
splice(r10, 0x0, r9, 0x0, 0x10000008ebc, 0x0)
splice(r8, 0x0, r11, 0x0, 0x25a5, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
semget$private(0x0, 0x4, 0x4)

1.307385688s ago: executing program 1 (id=2518):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x235, &(0x7f0000000500)={0x0, 0x4533, 0x10100, 0x0, 0x24c, 0x0, r1}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1})
io_uring_enter(r2, 0x234f, 0x2d59, 0x2, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x5})
fcntl$lock(r5, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
mknodat$loop(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x800, 0x1)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x2000, 0x2dd8806920477201, 0x0)
syz_fuse_handle_req(r6, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
timer_settime(0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
fcntl$lock(r5, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9}) (fail_nth: 2)

1.10481957s ago: executing program 2 (id=2519):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000100000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x408c}, 0x94)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r1, 0x54a3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000040)=ANY=[@ANYRES32], &(0x7f0000000300)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41100, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x38}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeeb, 0x8031, r2, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r6 = syz_io_uring_setup(0x88e, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x80000002, 0x1b9}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x28, 0x4007, @fd_index=0x8, 0x1000, &(0x7f00000000c0), 0x0, 0x1, 0x1})
io_uring_enter(r6, 0x47f6, 0x0, 0x2, 0x0, 0x0)

936.971177ms ago: executing program 1 (id=2520):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x140)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000001280)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000380)=""/226, 0xe2}, {&(0x7f0000000300)=""/33, 0x21}, {&(0x7f0000000480)=""/185, 0xb9}, {&(0x7f00000005c0)=""/83, 0x53}], 0x4}, 0x7fb7}, {{&(0x7f0000000700)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000780)=""/87, 0x57}, {&(0x7f0000000900)=""/194, 0xc2}, {&(0x7f0000000a00)=""/76, 0x4c}, {&(0x7f0000000b00)=""/245, 0xf5}, {&(0x7f0000000c00)=""/67, 0x43}, {&(0x7f0000000c80)=""/87, 0x57}], 0x6, &(0x7f0000000d00)=""/152, 0x98}, 0x3}, {{&(0x7f0000000dc0)=@in={0x2, 0x0, @private}, 0x80, &(0x7f0000001180)=[{&(0x7f0000000e40)=""/135, 0x87}, {&(0x7f0000000a80)=""/60, 0x3c}, {&(0x7f0000000f80)=""/221, 0xdd}, {&(0x7f0000000f00)=""/34, 0x22}, {&(0x7f0000001080)=""/236, 0xec}], 0x5}, 0xeaff}, {{&(0x7f00000011c0)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000001240)}, 0xfd32}], 0x4, 0x122, 0x0)
mount(&(0x7f0000000080)=@nullb, 0x0, &(0x7f00000000c0)='affs\x00', 0xa48410, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f2b, 0x5, 0x10000, 0x4, 0x5, 0xcc7, 0x8, 0x3, 0xa, 0x100, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x1, 0x6, 0x0, 0xfffffff8]})
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
sendmmsg$inet6(r3, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0, 0x0, 0x0, 0x0, 0xc0fe}}], 0x17fd147c801ae9af, 0xff14)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400}}, 0xb4}}, 0x4c050)
syz_emit_ethernet(0x46, &(0x7f00000009c0)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra}}}}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)

46.494833ms ago: executing program 1 (id=2521):
syz_open_procfs(0x0, &(0x7f00000006c0)='pagemap\x00')
timerfd_create(0x7, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000240)=""/159, 0x9f}], 0x1, 0xffffffff, 0xfff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
io_setup(0x5, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000001b00)="a6", 0x1, 0x20000045, &(0x7f0000000140)={0xa, 0x4001, 0x9, @loopback, 0x6}, 0x1c)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r2, 0x89f4, &(0x7f0000000000))
r3 = dup(0xffffffffffffffff)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r3}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD)
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSBRKP(r7, 0x5425, 0x0)

0s ago: executing program 0 (id=2522):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, 0x0, 0x240400c2)
openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
sendto(r1, &(0x7f0000000280)="dad3d6c775f3c0c7c63926f86cd935ef9e5bf36291658307dd5e254378c54158d1045e2d266a1cdb56590f1af42ed5dd337e12d21d84a251506757721e622947", 0x40, 0x4001, &(0x7f00000003c0)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e20, @empty}, 0x1, 0x4, 0x2, 0x4}}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x599, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, r5, 0x0, 0x1ba8847c99}, 0x38) (fail_nth: 2)

kernel console output (not intermixed with test programs):

x10/0x10
[  487.417665][T13039]  ? aa_file_perm+0x29e/0x1560
[  487.417696][T13039]  seq_read_iter+0x71e/0x12d0
[  487.417732][T13039]  kernfs_fop_read_iter+0x46c/0x610
[  487.417763][T13039]  do_iter_readv_writev+0x743/0x9e0
[  487.417788][T13039]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  487.417818][T13039]  ? rw_verify_area+0xcf/0x6c0
[  487.417841][T13039]  vfs_readv+0x4cb/0x8b0
[  487.417863][T13039]  ? trace_contention_end+0xdd/0x110
[  487.417890][T13039]  ? __pfx_vfs_readv+0x10/0x10
[  487.417910][T13039]  ? fdget_pos+0x2a2/0x370
[  487.417935][T13039]  ? find_held_lock+0x2b/0x80
[  487.417971][T13039]  ? __fget_files+0x20e/0x3c0
[  487.417992][T13039]  ? __fget_files+0x1f0/0x3c0
[  487.418020][T13039]  ? do_readv+0x132/0x340
[  487.418040][T13039]  do_readv+0x132/0x340
[  487.418061][T13039]  ? __pfx_do_readv+0x10/0x10
[  487.418083][T13039]  ? do_user_addr_fault+0x843/0x1370
[  487.418110][T13039]  __do_fast_syscall_32+0xe8/0x680
[  487.418130][T13039]  do_fast_syscall_32+0x32/0x80
[  487.418147][T13039]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  487.418166][T13039] RIP: 0023:0xf7fc7579
[  487.418180][T13039] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  487.418195][T13039] RSP: 002b:00000000f549555c EFLAGS: 00000296 ORIG_RAX: 0000000000000091
[  487.418212][T13039] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000340
[  487.418222][T13039] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  487.418233][T13039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  487.418241][T13039] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  487.418250][T13039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  487.418274][T13039]  </TASK>
[  487.542011][T13019] hsr_slave_0: entered promiscuous mode
[  487.544400][T13019] hsr_slave_1: entered promiscuous mode
[  487.546579][T13019] debugfs: 'hsr0' already exists in 'hsr'
[  487.548596][T13019] Cannot create hsr debugfs directory
[  487.636496][T13019] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  487.640373][T13019] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.782626][T13019] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  487.786076][T13019] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.903476][T13019] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  487.906730][T13019] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.994350][T13019] bond0: (slave netdevsim0): Releasing backup interface
[  488.007546][T13019] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  488.011210][T13019] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.199727][T13019] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  488.213015][T13019] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  488.218419][T13019] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  488.224449][T13019] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  488.296317][T13019] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.309750][T13019] 8021q: adding VLAN 0 to HW filter on device team0
[  488.315770][ T7112] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.318127][ T7112] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.324657][ T4813] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.326978][ T4813] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.452513][T13019] 8021q: adding VLAN 0 to HW filter on device batadv0
[  488.481265][T13019] veth0_vlan: entered promiscuous mode
[  488.486335][T13019] veth1_vlan: entered promiscuous mode
[  488.505532][T13019] veth0_macvtap: entered promiscuous mode
[  488.509443][T13019] veth1_macvtap: entered promiscuous mode
[  488.517518][T13019] batman_adv: batadv0: Interface activated: batadv_slave_0
[  488.634415][T13019] batman_adv: batadv0: Interface activated: batadv_slave_1
[  488.656841][ T8609] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  488.660075][ T8609] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  488.664955][ T8609] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  488.667829][ T8609] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  488.718700][ T5956] Bluetooth: hci4: command tx timeout
[  488.724254][ T7112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  488.726918][ T7112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  488.763461][ T1175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  488.766021][ T1175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  489.027569][T13068] kvm: kvm [13062]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  489.264754][T13070] netlink: 'syz.2.1989': attribute type 9 has an invalid length.
[  489.267323][T13070] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1989'.
[  489.427282][T13078] vlan0: entered promiscuous mode
[  489.756477][T13092] fuse: Bad value for 'group_id'
[  489.758160][T13092] fuse: Bad value for 'group_id'
[  489.773354][T13088] sp0: Synchronizing with TNC
[  490.350122][T13108] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  490.604691][T13119] FAULT_INJECTION: forcing a failure.
[  490.604691][T13119] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  490.610098][T13119] CPU: 0 UID: 0 PID: 13119 Comm: syz.1.1999 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  490.610126][T13119] Tainted: [L]=SOFTLOCKUP
[  490.610130][T13119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  490.610136][T13119] Call Trace:
[  490.610140][T13119]  <TASK>
[  490.610145][T13119]  dump_stack_lvl+0x16c/0x1f0
[  490.610165][T13119]  should_fail_ex+0x512/0x640
[  490.610180][T13119]  _copy_from_user+0x2e/0xd0
[  490.610193][T13119]  generic_map_update_batch+0x38d/0x620
[  490.610214][T13119]  ? __pfx_generic_map_update_batch+0x10/0x10
[  490.610232][T13119]  ? __pfx_generic_map_update_batch+0x10/0x10
[  490.610249][T13119]  bpf_map_do_batch+0x5be/0x680
[  490.610263][T13119]  __sys_bpf+0x482c/0x4980
[  490.610273][T13119]  ? lock_acquire+0x179/0x330
[  490.610284][T13119]  ? __pfx___sys_bpf+0x10/0x10
[  490.610292][T13119]  ? finish_task_switch.isra.0+0x202/0xbd0
[  490.610307][T13119]  ? rcu_is_watching+0x12/0xc0
[  490.610321][T13119]  ? finish_task_switch.isra.0+0x207/0xbd0
[  490.610334][T13119]  ? lockdep_hardirqs_on+0x7c/0x110
[  490.610344][T13119]  ? finish_task_switch.isra.0+0x207/0xbd0
[  490.610358][T13119]  ? rcu_is_watching+0x12/0xc0
[  490.610372][T13119]  ? __schedule+0x10b9/0x6150
[  490.610386][T13119]  ? __schedule+0x114c/0x6150
[  490.610410][T13119]  ? fput+0x70/0xf0
[  490.610422][T13119]  ? rcu_is_watching+0x12/0xc0
[  490.610438][T13119]  __ia32_sys_bpf+0x76/0xe0
[  490.610447][T13119]  ? lockdep_hardirqs_on+0x7c/0x110
[  490.610456][T13119]  __do_fast_syscall_32+0xe8/0x680
[  490.610467][T13119]  do_fast_syscall_32+0x32/0x80
[  490.610477][T13119]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  490.610490][T13119] RIP: 0023:0xf7fe5579
[  490.610499][T13119] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  490.610508][T13119] RSP: 002b:00000000f549455c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  490.610518][T13119] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 00000000800001c0
[  490.610525][T13119] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  490.610532][T13119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  490.610537][T13119] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  490.610543][T13119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  490.610579][T13119]  </TASK>
[  490.634965][T13122] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  490.799950][ T5956] Bluetooth: hci4: command tx timeout
[  491.308825][T13131] ceph: No mds server is up or the cluster is laggy
[  492.141070][T13158] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  492.891317][ T5956] Bluetooth: hci4: command tx timeout
[  493.995015][T13166] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  494.761722][T13198] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  494.962410][ T5956] Bluetooth: hci4: command tx timeout
[  495.443112][T13216] kvm: kvm [13207]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  496.255012][T13233] fuse: Bad value for 'group_id'
[  496.256619][T13233] fuse: Bad value for 'group_id'
[  496.617266][T13234] fuse: Bad value for 'group_id'
[  496.620841][T13234] fuse: Bad value for 'group_id'
[  497.877872][T13240] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  497.929433][T13242] kvm: kvm [13235]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  498.001295][T13247] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  498.003707][T13247] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  498.034095][T13247] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  498.039896][T13247] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  498.054006][T13247] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  498.056018][T13247] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  498.065289][T13247] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  498.070105][T13247] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  498.126227][T13252] kvm: kvm [13243]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  498.394849][ T6173] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  498.554730][ T6173] usb 5-1: Using ep0 maxpacket: 8
[  498.560150][ T6173] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  498.563358][ T6173] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  498.566719][ T6173] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  498.570538][ T6173] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  498.573752][ T6173] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  498.577873][ T6173] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  498.581097][ T6173] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.747067][T13263] FAULT_INJECTION: forcing a failure.
[  498.747067][T13263] name failslab, interval 1, probability 0, space 0, times 0
[  498.751197][T13263] CPU: 0 UID: 0 PID: 13263 Comm: syz.1.2036 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  498.751215][T13263] Tainted: [L]=SOFTLOCKUP
[  498.751218][T13263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  498.751225][T13263] Call Trace:
[  498.751240][T13263]  <TASK>
[  498.751246][T13263]  dump_stack_lvl+0x16c/0x1f0
[  498.751267][T13263]  should_fail_ex+0x512/0x640
[  498.751280][T13263]  ? kmem_cache_alloc_noprof+0x62/0x770
[  498.751294][T13263]  should_failslab+0xc2/0x120
[  498.751323][T13263]  kmem_cache_alloc_noprof+0x83/0x770
[  498.751335][T13263]  ? security_file_alloc+0x34/0x2b0
[  498.751352][T13263]  ? security_file_alloc+0x34/0x2b0
[  498.751364][T13263]  security_file_alloc+0x34/0x2b0
[  498.751378][T13263]  init_file+0x93/0x4c0
[  498.751390][T13263]  alloc_empty_file+0x73/0x1e0
[  498.751401][T13263]  path_openat+0xde/0x3140
[  498.751416][T13263]  ? __do_fast_syscall_32+0xe8/0x680
[  498.751426][T13263]  ? do_fast_syscall_32+0x32/0x80
[  498.751436][T13263]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  498.751453][T13263]  ? __pfx_path_openat+0x10/0x10
[  498.751470][T13263]  ? __lock_acquire+0x436/0x2890
[  498.751482][T13263]  do_filp_open+0x20b/0x470
[  498.751497][T13263]  ? __pfx_do_filp_open+0x10/0x10
[  498.751522][T13263]  ? _raw_spin_unlock+0x28/0x50
[  498.751536][T13263]  ? alloc_fd+0x471/0x7d0
[  498.751555][T13263]  do_sys_openat2+0x121/0x290
[  498.751567][T13263]  ? __pfx_do_sys_openat2+0x10/0x10
[  498.751580][T13263]  ? __fget_files+0x20e/0x3c0
[  498.751596][T13263]  __ia32_compat_sys_openat+0x16d/0x210
[  498.751609][T13263]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  498.751621][T13263]  ? ksys_write+0x1ac/0x250
[  498.751637][T13263]  ? do_user_addr_fault+0x843/0x1370
[  498.751652][T13263]  __do_fast_syscall_32+0xe8/0x680
[  498.751664][T13263]  do_fast_syscall_32+0x32/0x80
[  498.751674][T13263]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  498.751687][T13263] RIP: 0023:0xf7fe5579
[  498.751696][T13263] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  498.751706][T13263] RSP: 002b:00000000f54b54f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  498.751716][T13263] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f72c7de9
[  498.751723][T13263] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7476ff4
[  498.751729][T13263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  498.751734][T13263] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  498.751740][T13263] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  498.751759][T13263]  </TASK>
[  498.849455][T13254] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.853736][T13254] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.861756][T13263] [U] 
[  498.862758][T13263] [U] 
[  498.863846][T13263] [U] 
[  498.865015][T13263] [U] 
[  498.866691][T13263] [U] 
[  498.867577][T13263] [U] 
[  498.868455][T13263] [U] 
[  498.869349][T13263] [U] 
[  498.870344][T13263] [U] 
[  498.871237][T13263] [U] 
[  498.872110][T13263] [U] 
[  498.873016][T13263] [U] 
[  498.874000][T13263] [U] 
[  498.874910][T13263] [U] 
[  498.875791][T13263] [U] 
[  498.876672][T13263] [U] 
[  498.878084][T13263] [U] 
[  498.878992][T13263] [U] 
[  498.879864][T13263] [U] 
[  498.880729][T13263] [U] 
[  498.881669][T13263] [U] 
[  498.882627][T13263] [U] 
[  498.883515][T13263] [U] 
[  498.884389][T13263] [U] 
[  498.886312][T13263] [U] 
[  498.887212][T13263] [U] 
[  498.888093][T13263] [U] 
[  498.888974][T13263] [U] 
[  498.889916][T13263] [U] 
[  498.890820][T13263] [U] 
[  498.891778][T13263] [U] 
[  498.892668][T13263] [U] 
[  498.893664][T13263] [U] 
[  498.894554][T13263] [U] 
[  498.895415][T13263] [U] 
[  498.896295][T13263] [U] 
[  498.897288][T13263] [U] 
[  498.898172][T13263] [U] 
[  498.899066][T13263] [U] 
[  498.899947][T13263] [U] 
[  498.900925][T13263] [U] 
[  498.901845][T13263] [U] 
[  498.902733][T13263] [U] 
[  498.903621][T13263] [U] 
[  498.904558][T13263] [U] 
[  498.905429][T13263] [U] 
[  498.906271][T13263] [U] 
[  498.907142][T13263] [U] 
[  498.908446][T13263] [U] 
[  498.909326][T13263] [U] 
[  498.910187][T13263] [U] 
[  498.911068][T13263] [U] 
[  498.912223][T13263] [U] 
[  498.913166][T13263] [U] 
[  498.914053][T13263] [U] 
[  498.914951][T13263] [U] 
[  498.916428][T13263] [U] 
[  498.917292][T13263] [U] 
[  498.918142][T13263] [U] 
[  498.919000][T13263] [U] 
[  498.920090][T13263] [U] 
[  498.920968][T13263] [U] 
[  498.921877][T13263] [U] 
[  498.922796][T13263] [U] 
[  498.926205][T13263] [U] 
[  498.927188][T13263] [U] 
[  498.928131][T13263] [U] 
[  498.929238][T13263] [U] 
[  498.936191][T13263] [U] 
[  498.937412][T13263] [U] 
[  498.938630][T13263] [U] 
[  498.939833][T13263] [U] 
[  498.941301][T13263] [U] 
[  498.942571][T13263] [U] 
[  498.943780][T13263] [U] 
[  498.944997][T13263] [U] 
[  498.949381][T13263] [U] 
[  498.950606][T13263] [U] 
[  498.951552][T13263] [U] 
[  498.952434][T13263] [U] 
[  498.956706][T13263] [U] 
[  498.957605][T13263] [U] 
[  498.958495][T13263] [U] 
[  498.959383][T13263] [U] 
[  498.960320][T13263] [U] 
[  498.961204][T13263] [U] 
[  498.962097][T13263] [U] 
[  498.962993][T13263] [U] 
[  498.963941][T13263] [U] 
[  498.964844][T13263] [U] 
[  498.965725][T13263] [U] 
[  498.966611][T13263] [U] 
[  498.967820][T13263] [U] 
[  498.968706][T13263] [U] 
[  498.969587][T13263] [U] 
[  498.970464][T13263] [U] 
[  498.971419][T13263] [U] 
[  498.972326][T13263] [U] 
[  498.973205][T13263] [U] 
[  498.974087][T13263] [U] 
[  498.975169][T13263] [U] 
[  498.976061][T13263] [U] 
[  498.976939][T13263] [U] 
[  498.977819][T13263] [U] 
[  498.978781][T13263] [U] 
[  498.979687][T13263] [U] 
[  498.980573][T13263] [U] 
[  498.981448][T13263] [U] 
[  498.982411][T13263] [U] 
[  498.983297][T13263] [U] 
[  498.984175][T13263] [U] 
[  498.985061][T13263] [U] 
[  498.986148][T13263] [U] 
[  498.987041][T13263] [U] 
[  498.987919][T13263] [U] 
[  498.988795][T13263] [U] 
[  498.989731][T13263] [U] 
[  498.990622][T13263] [U] 
[  498.991537][T13263] [U] 
[  498.992431][T13263] [U] 
[  498.993378][T13263] [U] 
[  498.994265][T13263] [U] 
[  498.995168][T13263] [U] 
[  498.996047][T13263] [U] 
[  498.997027][T13263] [U] 
[  498.997916][T13263] [U] 
[  498.998803][T13263] [U] 
[  499.437697][ T6173] usb 5-1: usb_control_msg returned -32
[  499.564074][ T6173] usbtmc 5-1:16.0: can't read capabilities
[  499.587209][ T6173] usb 5-1: USB disconnect, device number 54
[  499.606232][T13261] [U] 
[  499.772951][T13271] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  500.065566][ T6173] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  500.077201][T13279] MTD: Couldn't look up '': -22
[  500.194399][T13283] ubi: mtd0 is already attached to ubi31
[  500.235703][ T6173] usb 5-1: Using ep0 maxpacket: 8
[  500.501509][ T6173] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  500.507820][ T6173] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  500.514278][ T6173] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  500.520233][ T6173] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  500.523282][T13295] overlayfs: missing 'workdir'
[  500.528200][ T6173] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  500.534569][ T6173] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.748947][ T6173] usb 5-1: GET_CAPABILITIES returned 0
[  500.752682][ T6173] usbtmc 5-1:16.0: can't read capabilities
[  501.004276][T13269] FAULT_INJECTION: forcing a failure.
[  501.004276][T13269] name failslab, interval 1, probability 0, space 0, times 0
[  501.017715][T13269] CPU: 3 UID: 0 PID: 13269 Comm: syz.0.2038 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  501.017736][T13269] Tainted: [L]=SOFTLOCKUP
[  501.017755][T13269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  501.017763][T13269] Call Trace:
[  501.017767][T13269]  <TASK>
[  501.017772][T13269]  dump_stack_lvl+0x16c/0x1f0
[  501.017795][T13269]  should_fail_ex+0x512/0x640
[  501.017808][T13269]  ? fs_reclaim_acquire+0xae/0x150
[  501.017827][T13269]  should_failslab+0xc2/0x120
[  501.017844][T13269]  __kmalloc_noprof+0xeb/0x910
[  501.017857][T13269]  ? tomoyo_encode2+0x100/0x3e0
[  501.017874][T13269]  ? tomoyo_encode2+0x100/0x3e0
[  501.017889][T13269]  tomoyo_encode2+0x100/0x3e0
[  501.017905][T13269]  tomoyo_encode+0x29/0x50
[  501.017920][T13269]  tomoyo_realpath_from_path+0x18f/0x6e0
[  501.017940][T13269]  tomoyo_path_number_perm+0x245/0x580
[  501.017953][T13269]  ? tomoyo_path_number_perm+0x237/0x580
[  501.017967][T13269]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  501.017995][T13269]  ? find_held_lock+0x2b/0x80
[  501.018009][T13269]  ? hook_file_ioctl_common+0x144/0x410
[  501.018026][T13269]  ? __fget_files+0x20e/0x3c0
[  501.018041][T13269]  ? __fput_deferred+0x470/0x480
[  501.018055][T13269]  security_file_ioctl_compat+0x9b/0x240
[  501.018071][T13269]  __ia32_compat_sys_ioctl+0xc3/0x370
[  501.018087][T13269]  __do_fast_syscall_32+0xe8/0x680
[  501.018100][T13269]  do_fast_syscall_32+0x32/0x80
[  501.018111][T13269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  501.018125][T13269] RIP: 0023:0xf708d579
[  501.018134][T13269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  501.018144][T13269] RSP: 002b:00000000f547d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  501.018155][T13269] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005b23
[  501.018162][T13269] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  501.018168][T13269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  501.018174][T13269] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  501.018180][T13269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  501.018195][T13269]  </TASK>
[  501.018270][T13269] ERROR: Out of memory at tomoyo_realpath_from_path.
[  501.190414][T13328] kvm: kvm [13312]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  501.253630][   T75] usb 5-1: USB disconnect, device number 55
[  501.547672][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  501.547745][   T40] audit: type=1326 audit(1768628466.311:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.557910][   T40] audit: type=1326 audit(1768628466.321:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.568010][   T40] audit: type=1326 audit(1768628466.331:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.576830][T13338] /dev/nullb0: Can't open blockdev
[  501.579580][   T40] audit: type=1326 audit(1768628466.341:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.593245][   T40] audit: type=1326 audit(1768628466.351:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.600525][   T40] audit: type=1326 audit(1768628466.351:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.612275][   T40] audit: type=1326 audit(1768628466.371:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.657632][   T40] audit: type=1326 audit(1768628466.371:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.664711][   T40] audit: type=1326 audit(1768628466.381:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.671775][   T40] audit: type=1326 audit(1768628466.381:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13333 comm="syz.3.2046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  501.822343][T13342] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  503.795245][T13375] kvm: kvm [13371]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  504.065780][T13377] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  504.681949][T13384] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  505.279599][T13391] random: crng reseeded on system resumption
[  505.376581][T13394] [U] 
[  505.377543][T13394] [U] 
[  505.378454][T13394] [U] 
[  505.379406][T13394] [U] 
[  505.380431][T13394] [U] 
[  505.381364][T13394] [U] 
[  505.382345][T13394] [U] 
[  505.383271][T13394] [U] 
[  505.384297][T13394] [U] 
[  505.385216][T13394] [U] 
[  505.386143][T13394] [U] 
[  505.387073][T13394] [U] 
[  505.388044][T13394] [U] 
[  505.389014][T13394] [U] 
[  505.389953][T13394] [U] 
[  505.390872][T13394] [U] 
[  505.392097][T13394] [U] 
[  505.393162][T13394] [U] 
[  505.394100][T13394] [U] 
[  505.395069][T13394] [U] 
[  505.396208][T13394] [U] 
[  505.397176][T13394] [U] 
[  505.398093][T13394] [U] 
[  505.399054][T13394] [U] 
[  505.400272][T13394] [U] 
[  505.401204][T13394] [U] 
[  505.402193][T13394] [U] 
[  505.403101][T13394] [U] 
[  505.404125][T13394] [U] 
[  505.405063][T13394] [U] 
[  505.405970][T13394] [U] 
[  505.406972][T13394] [U] 
[  505.409498][T13394] [U] 
[  505.410462][T13394] [U] 
[  505.411364][T13394] [U] 
[  505.412346][T13394] [U] 
[  505.413361][T13394] [U] 
[  505.414309][T13394] [U] 
[  505.415233][T13394] [U] 
[  505.416138][T13394] [U] 
[  505.417202][T13394] [U] 
[  505.418137][T13394] [U] 
[  505.419128][T13394] [U] 
[  505.420376][T13394] [U] 
[  505.421543][T13394] [U] 
[  505.422559][T13394] [U] 
[  505.423463][T13394] [U] 
[  505.424369][T13394] [U] 
[  505.425401][T13394] [U] 
[  505.426306][T13394] [U] 
[  505.427232][T13394] [U] 
[  505.428139][T13394] [U] 
[  505.429226][T13394] [U] 
[  505.430163][T13394] [U] 
[  505.431082][T13394] [U] 
[  505.432030][T13394] [U] 
[  505.433243][T13394] [U] 
[  505.434147][T13394] [U] 
[  505.435079][T13394] [U] 
[  505.435987][T13394] [U] 
[  505.437022][T13394] [U] 
[  505.437950][T13394] [U] 
[  505.438877][T13394] [U] 
[  505.439819][T13394] [U] 
[  505.440927][T13394] [U] 
[  505.441903][T13394] [U] 
[  505.442850][T13394] [U] 
[  505.443760][T13394] [U] 
[  505.444768][T13394] [U] 
[  505.445679][T13394] [U] 
[  505.446725][T13394] [U] 
[  505.447636][T13394] [U] 
[  505.448656][T13394] [U] 
[  505.449628][T13394] [U] 
[  505.450573][T13394] [U] 
[  505.451532][T13394] [U] 
[  505.452631][T13394] [U] 
[  505.453570][T13394] [U] 
[  505.454501][T13394] [U] 
[  505.455387][T13394] [U] 
[  505.456397][T13394] [U] 
[  505.457352][T13394] [U] 
[  505.458264][T13394] [U] 
[  505.459210][T13394] [U] 
[  505.460272][T13394] [U] 
[  505.461193][T13394] [U] 
[  505.462145][T13394] [U] 
[  505.463074][T13394] [U] 
[  505.464429][T13394] [U] 
[  505.465337][T13394] [U] 
[  505.466250][T13394] [U] 
[  505.467206][T13394] [U] 
[  505.468330][T13394] [U] 
[  505.469301][T13394] [U] 
[  505.470212][T13394] [U] 
[  505.471132][T13394] [U] 
[  505.472292][T13394] [U] 
[  505.473234][T13394] [U] 
[  505.474132][T13394] [U] 
[  505.475079][T13394] [U] 
[  505.476100][T13394] [U] 
[  505.477027][T13394] [U] 
[  505.477967][T13394] [U] 
[  505.478903][T13394] [U] 
[  505.480225][T13394] [U] 
[  505.481163][T13394] [U] 
[  505.482106][T13394] [U] 
[  505.483008][T13394] [U] 
[  505.484031][T13394] [U] 
[  505.484967][T13394] [U] 
[  505.485873][T13394] [U] 
[  505.486798][T13394] [U] 
[  505.487841][T13394] [U] 
[  505.488745][T13394] [U] 
[  505.489684][T13394] [U] 
[  505.490609][T13394] [U] 
[  505.491719][T13394] [U] 
[  505.492667][T13394] [U] 
[  505.493600][T13394] [U] 
[  505.494537][T13394] [U] 
[  505.495630][T13394] [U] 
[  505.496551][T13394] [U] 
[  505.497468][T13394] [U] 
[  505.498378][T13394] [U] 
[  505.499472][T13394] [U] 
[  505.500412][T13394] [U] 
[  505.501290][T13394] [U] 
[  506.262162][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  506.264300][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  506.402592][T13409] [U] 
[  506.403613][T13409] [U] 
[  506.404593][T13409] [U] 
[  506.405587][T13409] [U] 
[  506.406560][T13409] [U] 
[  506.407578][T13409] [U] 
[  506.408532][T13409] [U] 
[  506.409491][T13409] [U] 
[  506.410473][T13409] [U] 
[  506.411605][T13409] [U] 
[  506.412577][T13409] [U] 
[  506.413524][T13409] [U] 
[  506.414504][T13409] [U] 
[  506.415792][T13409] [U] 
[  506.416981][T13409] [U] 
[  506.418162][T13409] [U] 
[  506.419384][T13409] [U] 
[  506.420946][T13409] [U] 
[  506.421932][T13409] [U] 
[  506.422835][T13409] [U] 
[  506.423723][T13409] [U] 
[  506.424712][T13409] [U] 
[  506.425632][T13409] [U] 
[  506.426528][T13409] [U] 
[  506.427429][T13409] [U] 
[  506.428600][T13409] [U] 
[  506.429746][T13409] [U] 
[  506.430947][T13409] [U] 
[  506.432166][T13409] [U] 
[  506.435363][T13409] [U] 
[  506.436333][T13409] [U] 
[  506.437270][T13409] [U] 
[  506.438208][T13409] [U] 
[  506.439249][T13409] [U] 
[  506.440440][T13409] [U] 
[  506.441957][T13409] [U] 
[  506.443271][T13409] [U] 
[  506.444485][T13409] [U] 
[  506.445449][T13409] [U] 
[  506.446384][T13409] [U] 
[  506.447534][T13409] [U] 
[  506.448627][T13409] [U] 
[  506.449602][T13409] [U] 
[  506.450632][T13409] [U] 
[  506.451567][T13409] [U] 
[  506.452709][T13409] [U] 
[  506.453631][T13409] [U] 
[  506.454606][T13409] [U] 
[  506.455552][T13409] [U] 
[  506.456558][T13409] [U] 
[  506.457499][T13409] [U] 
[  506.458452][T13409] [U] 
[  506.459381][T13409] [U] 
[  506.460645][T13409] [U] 
[  506.461549][T13409] [U] 
[  506.462583][T13409] [U] 
[  506.463578][T13409] [U] 
[  506.464607][T13409] [U] 
[  506.465575][T13409] [U] 
[  506.466684][T13409] [U] 
[  506.467843][T13409] [U] 
[  506.469199][T13409] [U] 
[  506.470111][T13409] [U] 
[  506.471020][T13409] [U] 
[  506.471941][T13409] [U] 
[  506.473491][T13409] [U] 
[  506.474404][T13409] [U] 
[  506.475337][T13409] [U] 
[  506.476223][T13409] [U] 
[  506.477523][T13409] [U] 
[  506.478449][T13409] [U] 
[  506.479349][T13409] [U] 
[  506.480250][T13409] [U] 
[  506.481529][T13409] [U] 
[  506.482482][T13409] [U] 
[  506.483367][T13409] [U] 
[  506.484293][T13409] [U] 
[  506.485421][T13409] [U] 
[  506.486327][T13409] [U] 
[  506.487227][T13409] [U] 
[  506.488172][T13409] [U] 
[  506.489880][T13409] [U] 
[  506.490825][T13409] [U] 
[  506.491799][T13409] [U] 
[  506.492678][T13409] [U] 
[  506.493909][T13409] [U] 
[  506.494832][T13409] [U] 
[  506.495741][T13409] [U] 
[  506.496625][T13409] [U] 
[  506.497868][T13409] [U] 
[  506.498787][T13409] [U] 
[  506.499688][T13409] [U] 
[  506.500574][T13409] [U] 
[  506.501876][T13409] [U] 
[  506.502800][T13409] [U] 
[  506.503691][T13409] [U] 
[  506.504588][T13409] [U] 
[  506.505546][T13409] [U] 
[  506.506445][T13409] [U] 
[  506.507318][T13409] [U] 
[  506.508202][T13409] [U] 
[  506.509149][T13409] [U] 
[  506.510058][T13409] [U] 
[  506.510954][T13409] [U] 
[  506.511855][T13409] [U] 
[  506.512988][T13409] [U] 
[  506.513887][T13409] [U] 
[  506.514799][T13409] [U] 
[  506.515683][T13409] [U] 
[  506.516625][T13409] [U] 
[  506.517512][T13409] [U] 
[  506.518398][T13409] [U] 
[  506.519296][T13409] [U] 
[  506.520373][T13409] [U] 
[  506.521284][T13409] [U] 
[  506.522186][T13409] [U] 
[  506.523079][T13409] [U] 
[  506.524025][T13409] [U] 
[  506.524920][T13409] [U] 
[  506.525811][T13409] [U] 
[  506.526736][T13409] [U] 
[  506.527698][T13409] [U] 
[  506.528607][T13409] [U] 
[  506.529541][T13409] [U] 
[  506.530441][T13409] [U] 
[  506.531556][T13409] [U] 
[  506.532479][T13409] [U] 
[  506.533380][T13409] [U] 
[  506.664482][T13420] FAULT_INJECTION: forcing a failure.
[  506.664482][T13420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  506.668791][T13420] CPU: 2 UID: 0 PID: 13420 Comm: syz.2.2070 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  506.668808][T13420] Tainted: [L]=SOFTLOCKUP
[  506.668812][T13420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  506.668818][T13420] Call Trace:
[  506.668822][T13420]  <TASK>
[  506.668827][T13420]  dump_stack_lvl+0x16c/0x1f0
[  506.668848][T13420]  should_fail_ex+0x512/0x640
[  506.668863][T13420]  _copy_from_user+0x2e/0xd0
[  506.668876][T13420]  kstrtouint_from_user+0xd6/0x1d0
[  506.668892][T13420]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  506.668906][T13420]  ? __lock_acquire+0x436/0x2890
[  506.668923][T13420]  proc_fail_nth_write+0x83/0x220
[  506.668934][T13420]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  506.668948][T13420]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  506.668957][T13420]  vfs_write+0x2a0/0x11d0
[  506.668973][T13420]  ? __pfx___mutex_lock+0x10/0x10
[  506.668985][T13420]  ? __pfx_vfs_write+0x10/0x10
[  506.668999][T13420]  ? find_held_lock+0x2b/0x80
[  506.669016][T13420]  ? __fget_files+0x20e/0x3c0
[  506.669034][T13420]  ksys_write+0x12a/0x250
[  506.669048][T13420]  ? __pfx_ksys_write+0x10/0x10
[  506.669064][T13420]  ? do_user_addr_fault+0x843/0x1370
[  506.669079][T13420]  __do_fast_syscall_32+0xe8/0x680
[  506.669092][T13420]  do_fast_syscall_32+0x32/0x80
[  506.669102][T13420]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  506.669115][T13420] RIP: 0023:0xf707d579
[  506.669123][T13420] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  506.669134][T13420] RSP: 002b:00000000f546d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  506.669144][T13420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f546d620
[  506.669151][T13420] RDX: 0000000000000001 RSI: 00000000f7416ff4 RDI: 0000000000000000
[  506.669157][T13420] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  506.669163][T13420] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  506.669169][T13420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  506.669182][T13420]  </TASK>
[  507.121001][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  507.121014][   T40] audit: type=1326 audit(1768628471.868:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  507.130843][T13407] [U] 
[  507.147031][   T40] audit: type=1326 audit(1768628471.878:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  507.155706][   T40] audit: type=1326 audit(1768628471.888:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf707d579 code=0x7ffc0000
[  507.458646][   T40] audit: type=1326 audit(1768628472.208:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  507.477070][   T40] audit: type=1326 audit(1768628472.208:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  507.553926][   T40] audit: type=1326 audit(1768628472.308:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf707d579 code=0x7ffc0000
[  507.565353][   T40] audit: type=1326 audit(1768628472.308:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  507.572146][   T40] audit: type=1326 audit(1768628472.308:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  508.145735][T13465] l2tp_ppp: sess 2/0: no socket in recv
[  509.079305][T13490] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2084'.
[  509.535951][T13501] ufs: You didn't specify the type of your ufs filesystem
[  509.535951][T13501] 
[  509.535951][T13501] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  509.535951][T13501] 
[  509.535951][T13501] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  509.548249][T13501] ufs: ufstype=old is supported read-only
[  509.605053][T13503] FAULT_INJECTION: forcing a failure.
[  509.605053][T13503] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  509.610752][T13503] CPU: 3 UID: 0 PID: 13503 Comm: syz.3.2088 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  509.610781][T13503] Tainted: [L]=SOFTLOCKUP
[  509.610788][T13503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  509.610798][T13503] Call Trace:
[  509.610805][T13503]  <TASK>
[  509.610813][T13503]  dump_stack_lvl+0x16c/0x1f0
[  509.610844][T13503]  should_fail_ex+0x512/0x640
[  509.610868][T13503]  _copy_from_iter+0x2a4/0x16c0
[  509.610891][T13503]  ? __alloc_skb+0x220/0x410
[  509.610910][T13503]  ? __alloc_skb+0x35d/0x410
[  509.610930][T13503]  ? __pfx__copy_from_iter+0x10/0x10
[  509.610948][T13503]  ? netlink_autobind.isra.0+0x158/0x370
[  509.610982][T13503]  netlink_sendmsg+0x820/0xdd0
[  509.611011][T13503]  ? __pfx_netlink_sendmsg+0x10/0x10
[  509.611038][T13503]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  509.611061][T13503]  ____sys_sendmsg+0xa5d/0xc30
[  509.611081][T13503]  ? __pfx_____sys_sendmsg+0x10/0x10
[  509.611096][T13503]  ? get_compat_msghdr+0x11a/0x170
[  509.611129][T13503]  ___sys_sendmsg+0x134/0x1d0
[  509.611153][T13503]  ? __pfx____sys_sendmsg+0x10/0x10
[  509.611186][T13503]  ? find_held_lock+0x2b/0x80
[  509.611223][T13503]  __sys_sendmsg+0x16d/0x220
[  509.611246][T13503]  ? __pfx___sys_sendmsg+0x10/0x10
[  509.611278][T13503]  ? do_user_addr_fault+0x843/0x1370
[  509.611303][T13503]  __do_fast_syscall_32+0xe8/0x680
[  509.611324][T13503]  do_fast_syscall_32+0x32/0x80
[  509.611340][T13503]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  509.611360][T13503] RIP: 0023:0xf7fc7579
[  509.611373][T13503] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  509.611390][T13503] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  509.611407][T13503] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800002c0
[  509.611424][T13503] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  509.611448][T13503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  509.611458][T13503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  509.611473][T13503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  509.611496][T13503]  </TASK>
[  510.004652][T13511] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2091'.
[  510.030085][T13519] binder_alloc: 13518: pid 13518 spamming oneway? 1 buffers allocated for a total size of 4096
[  510.035091][T13519] binder_alloc: 13518: pid 13518 spamming oneway? 2 buffers allocated for a total size of 5120
[  511.274766][T13552] 9p: Bad value for 'rfdno'
[  512.083836][T13578] kvm: kvm [13574]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  514.465285][T13618] kvm: kvm [13611]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  514.649136][T13630] nbd: must specify at least one socket
[  515.065036][ T6766] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  515.224998][ T6766] usb 5-1: Using ep0 maxpacket: 8
[  515.228697][ T6766] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  515.231792][ T6766] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  515.241533][ T6766] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  515.244661][ T6766] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  515.248959][ T6766] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  515.252713][ T6766] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  515.255859][ T6766] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.449231][T13659] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  515.485434][ T6766] usb 5-1: usb_control_msg returned -32
[  515.487944][ T6766] usbtmc 5-1:16.0: can't read capabilities
[  515.638792][T13668] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  515.641379][T13668] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  515.648194][T13668] vhci_hcd vhci_hcd.0: Device attached
[  515.663349][T13668] random: crng reseeded on system resumption
[  515.842547][T13674] kvm: kvm [13671]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  515.925568][ T6027] usb 40-1: SetAddress Request (2) to port 0
[  515.928204][ T6027] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  516.352518][T13669] vhci_hcd: connection reset by peer
[  516.354440][  T785] vhci_hcd vhci_hcd.1: stop threads
[  516.356342][  T785] vhci_hcd vhci_hcd.1: release socket
[  516.358229][  T785] vhci_hcd vhci_hcd.1: disconnect device
[  516.849083][T13689] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2146'.
[  517.033631][T13691] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  517.332367][T13716] kvm: kvm [13700]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  517.616882][T13728] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.2156'.
[  517.706657][ T5988] usb 5-1: USB disconnect, device number 56
[  517.749436][T13730] FAULT_INJECTION: forcing a failure.
[  517.749436][T13730] name failslab, interval 1, probability 0, space 0, times 0
[  517.756131][T13730] CPU: 2 UID: 0 PID: 13730 Comm: syz.0.2157 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  517.756151][T13730] Tainted: [L]=SOFTLOCKUP
[  517.756156][T13730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  517.756162][T13730] Call Trace:
[  517.756166][T13730]  <TASK>
[  517.756171][T13730]  dump_stack_lvl+0x16c/0x1f0
[  517.756193][T13730]  should_fail_ex+0x512/0x640
[  517.756206][T13730]  ? kmem_cache_alloc_noprof+0x62/0x770
[  517.756220][T13730]  should_failslab+0xc2/0x120
[  517.756236][T13730]  kmem_cache_alloc_noprof+0x83/0x770
[  517.756249][T13730]  ? mas_alloc_nodes+0x27b/0x380
[  517.756265][T13730]  ? mas_alloc_nodes+0x27b/0x380
[  517.756278][T13730]  mas_alloc_nodes+0x27b/0x380
[  517.756293][T13730]  mas_preallocate+0x5e3/0xee0
[  517.756302][T13730]  ? __memcg_slab_post_alloc_hook+0x412/0x880
[  517.756316][T13730]  ? __pfx_mas_preallocate+0x10/0x10
[  517.756329][T13730]  ? anon_vma_name+0x81/0x2f0
[  517.756341][T13730]  __split_vma+0x34a/0x1050
[  517.756356][T13730]  ? __pfx___split_vma+0x10/0x10
[  517.756374][T13730]  vms_gather_munmap_vmas+0x3aa/0x1340
[  517.756389][T13730]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  517.756403][T13730]  ? __pfx___might_resched+0x10/0x10
[  517.756419][T13730]  ? should_fail_alloc_page+0xee/0x130
[  517.756450][T13730]  do_vmi_align_munmap+0x286/0x7e0
[  517.756467][T13730]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  517.756479][T13730]  ? find_held_lock+0x2b/0x80
[  517.756511][T13730]  do_vmi_munmap+0x204/0x3e0
[  517.756525][T13730]  do_munmap+0xb6/0xf0
[  517.756540][T13730]  ? __pfx_do_munmap+0x10/0x10
[  517.756561][T13730]  ? __pfx_down_write_killable+0x10/0x10
[  517.756580][T13730]  mremap_to+0x236/0x450
[  517.756593][T13730]  do_mremap+0xd89/0x2020
[  517.756606][T13730]  ? get_pid_task+0x106/0x250
[  517.756617][T13730]  ? proc_fail_nth_write+0x9f/0x220
[  517.756628][T13730]  ? find_held_lock+0x2b/0x80
[  517.756640][T13730]  ? __pfx_do_mremap+0x10/0x10
[  517.756654][T13730]  ? find_held_lock+0x2b/0x80
[  517.756667][T13730]  ? ksys_write+0x190/0x250
[  517.756685][T13730]  __do_sys_mremap+0x119/0x170
[  517.756697][T13730]  ? __pfx___do_sys_mremap+0x10/0x10
[  517.756708][T13730]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  517.756728][T13730]  ? do_user_addr_fault+0x843/0x1370
[  517.756744][T13730]  __do_fast_syscall_32+0xe8/0x680
[  517.756757][T13730]  do_fast_syscall_32+0x32/0x80
[  517.756769][T13730]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  517.756787][T13730] RIP: 0023:0xf708d579
[  517.756799][T13730] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  517.756813][T13730] RSP: 002b:00000000f547d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000a3
[  517.756831][T13730] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600600
[  517.756837][T13730] RDX: 0000000000200000 RSI: 0000000000000003 RDI: 0000000080a00000
[  517.756843][T13730] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  517.756850][T13730] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  517.756855][T13730] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  517.756869][T13730]  </TASK>
[  517.912062][T13732] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  518.617041][ T6140] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  518.767183][ T6140] usb 6-1: Using ep0 maxpacket: 8
[  518.770993][ T6140] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  518.773767][ T6140] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  518.776843][ T6140] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  518.784016][ T6140] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  518.793973][ T6140] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  518.798080][ T6140] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  518.800886][ T6140] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.018035][ T6140] usb 6-1: usb_control_msg returned -32
[  519.019858][ T6140] usbtmc 6-1:16.0: can't read capabilities
[  519.222255][T13765] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.302762][T13765] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.364525][T13765] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.448871][T13765] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  519.485522][T13772] kvm: kvm [13764]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  519.517237][   T92] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  519.531877][   T92] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  519.546093][   T92] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  519.561168][   T92] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  520.292301][T13785] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2176'.
[  520.297262][T13785] Set syz0 is full, maxelem 0 reached
[  520.301516][T13785] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  520.349536][T13788] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  520.349536][T13788]    program syz.0.2177 not setting count and/or reply_len properly
[  520.403228][T13792] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2178'.
[  520.885339][T13797] kvm: kvm [13794]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  520.887890][T13799] FAULT_INJECTION: forcing a failure.
[  520.887890][T13799] name failslab, interval 1, probability 0, space 0, times 0
[  520.893908][T13799] CPU: 3 UID: 0 PID: 13799 Comm: syz.3.2181 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  520.893936][T13799] Tainted: [L]=SOFTLOCKUP
[  520.893942][T13799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  520.893953][T13799] Call Trace:
[  520.893959][T13799]  <TASK>
[  520.893966][T13799]  dump_stack_lvl+0x16c/0x1f0
[  520.893998][T13799]  should_fail_ex+0x512/0x640
[  520.894018][T13799]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  520.894042][T13799]  should_failslab+0xc2/0x120
[  520.894068][T13799]  kmem_cache_alloc_node_noprof+0x86/0x800
[  520.894089][T13799]  ? __alloc_skb+0x156/0x410
[  520.894115][T13799]  ? __alloc_skb+0x156/0x410
[  520.894149][T13799]  __alloc_skb+0x156/0x410
[  520.894168][T13799]  ? __alloc_skb+0x35d/0x410
[  520.894187][T13799]  ? __pfx___alloc_skb+0x10/0x10
[  520.894209][T13799]  ? __pfx___might_resched+0x10/0x10
[  520.894238][T13799]  netlink_alloc_large_skb+0x69/0x140
[  520.894266][T13799]  netlink_sendmsg+0x698/0xdd0
[  520.894318][T13799]  ? __pfx_netlink_sendmsg+0x10/0x10
[  520.894346][T13799]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  520.894369][T13799]  __sys_sendto+0x4a3/0x520
[  520.894392][T13799]  ? __pfx___sys_sendto+0x10/0x10
[  520.894411][T13799]  ? __lock_acquire+0x436/0x2890
[  520.894456][T13799]  __ia32_compat_sys_socketcall+0x62a/0x780
[  520.894482][T13799]  ? __fget_files+0x20e/0x3c0
[  520.894505][T13799]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  520.894534][T13799]  ? fput+0x70/0xf0
[  520.894556][T13799]  ? do_user_addr_fault+0x843/0x1370
[  520.894583][T13799]  __do_fast_syscall_32+0xe8/0x680
[  520.894612][T13799]  do_fast_syscall_32+0x32/0x80
[  520.894630][T13799]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  520.894650][T13799] RIP: 0023:0xf7fc7579
[  520.894665][T13799] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  520.894681][T13799] RSP: 002b:00000000f54b5430 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[  520.894695][T13799] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f54b5444
[  520.894704][T13799] RDX: 0000000000000000 RSI: 00000000f54b5560 RDI: 00000000f7456ff4
[  520.894712][T13799] RBP: 00000000f54b5560 R08: 0000000000000000 R09: 0000000000000000
[  520.894720][T13799] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  520.894730][T13799] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  520.894752][T13799]  </TASK>
[  520.978759][ T6027] usb 40-1: device descriptor read/8, error -110
[  521.293807][ T6007] usb 6-1: USB disconnect, device number 11
[  521.399905][ T6027] usb usb40-port1: attempt power cycle
[  521.557482][T13816] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2186'.
[  521.975142][ T6027] usb usb40-port1: unable to enumerate USB device
[  522.490022][T13823] netlink: 'syz.1.2188': attribute type 1 has an invalid length.
[  522.515521][T13823] 8021q: adding VLAN 0 to HW filter on device bond1
[  522.538734][T13823] bond1: (slave gretap1): making interface the new active one
[  522.543107][T13823] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  522.578129][T13826] vti0: entered promiscuous mode
[  522.580520][T13826] vti0: entered allmulticast mode
[  523.191364][T13838] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  523.193712][T13838] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  523.199944][T13838] vhci_hcd vhci_hcd.0: Device attached
[  523.242886][T13838] netlink: 'syz.0.2192': attribute type 12 has an invalid length.
[  523.505502][T13839] vhci_hcd: connection closed
[  523.506560][ T8149] vhci_hcd vhci_hcd.0: stop threads
[  523.511624][ T8149] vhci_hcd vhci_hcd.0: release socket
[  523.519999][ T8149] vhci_hcd vhci_hcd.0: disconnect device
[  523.530064][   T61] usb 38-1: enqueue for inactive port 0
[  524.021405][   T61] usb usb38-port1: attempt power cycle
[  524.621161][   T61] usb usb38-port1: unable to enumerate USB device
[  524.671531][T13848] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2195'.
[  524.867595][T13870] siw: device registration error -23
[  525.429140][T13886] fuse: Bad value for 'user_id'
[  525.431502][T13886] fuse: Bad value for 'user_id'
[  525.624132][T13887] ceph: No mds server is up or the cluster is laggy
[  525.643826][   T61] libceph: connect (1)[c::]:6789 error -101
[  525.647301][   T61] libceph: mon0 (1)[c::]:6789 connect error
[  526.068136][T13904] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2210'.
[  526.465380][T13913] fuse: Bad value for 'group_id'
[  526.467065][T13913] fuse: Bad value for 'group_id'
[  526.529520][T13912] kvm: kvm [13905]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  528.743005][T13952] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2222'.
[  529.336559][T13957] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2223'.
[  529.551678][T13969] kvm: kvm [13960]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  530.186746][ T4813] Bluetooth: Error in BCSP hdr checksum
[  530.818696][   T40] audit: type=1326 audit(1768628495.554:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.827528][   T40] audit: type=1326 audit(1768628495.554:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.835851][   T40] audit: type=1326 audit(1768628495.554:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.844506][   T40] audit: type=1326 audit(1768628495.574:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.858980][   T40] audit: type=1326 audit(1768628495.574:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.867966][   T40] audit: type=1326 audit(1768628495.594:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.876215][   T40] audit: type=1326 audit(1768628495.594:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.884926][   T40] audit: type=1326 audit(1768628495.594:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.893105][   T40] audit: type=1326 audit(1768628495.594:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf708d579 code=0x7ffc0000
[  530.901892][   T40] audit: type=1326 audit(1768628495.594:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.0.2232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  531.209323][T14004] overlayfs: failed to resolve 'appraise': -2
[  531.668048][T10005] usb 8-1: new high-speed USB device number 51 using dummy_hcd
[  531.844991][T10005] usb 8-1: Using ep0 maxpacket: 8
[  531.848482][T10005] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  531.851989][T10005] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  531.855138][T10005] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  531.859032][T10005] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  531.862467][T10005] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  532.185317][ T5948] Bluetooth: hci3: command 0x1003 tx timeout
[  532.189619][ T5956] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  532.372352][T10005] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  532.376315][T10005] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.561341][T14023] kvm: kvm [14020]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  532.621039][T10005] usb 8-1: usb_control_msg returned -32
[  532.624548][T10005] usbtmc 8-1:16.0: can't read capabilities
[  534.308829][ T5988] usb 8-1: USB disconnect, device number 51
[  535.274636][T14068] kvm: kvm [14064]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  535.991106][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  535.991119][   T40] audit: type=1326 audit(1768628500.730:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  535.995055][T14079] /dev/nullb0: Can't open blockdev
[  536.017522][   T40] audit: type=1326 audit(1768628500.730:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  536.024463][   T40] audit: type=1326 audit(1768628500.730:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  536.037487][   T40] audit: type=1326 audit(1768628500.750:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  536.044466][   T40] audit: type=1326 audit(1768628500.750:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  536.057659][   T40] audit: type=1326 audit(1768628500.760:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  536.065060][   T40] audit: type=1326 audit(1768628500.780:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  536.075193][   T40] audit: type=1326 audit(1768628500.780:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  536.085383][   T40] audit: type=1326 audit(1768628500.780:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  536.095517][   T40] audit: type=1326 audit(1768628500.780:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14073 comm="syz.1.2255" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  539.013894][T14119] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2266'.
[  542.101110][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  542.101126][   T40] audit: type=1326 audit(1768628506.827:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.109647][   T40] audit: type=1326 audit(1768628506.827:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.161676][   T40] audit: type=1326 audit(1768628506.897:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.168240][   T40] audit: type=1326 audit(1768628506.897:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.211403][   T40] audit: type=1326 audit(1768628506.947:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.238775][   T40] audit: type=1326 audit(1768628506.947:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.251221][   T40] audit: type=1326 audit(1768628506.947:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.257891][   T40] audit: type=1326 audit(1768628506.947:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.281161][   T40] audit: type=1326 audit(1768628506.947:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.290235][   T40] audit: type=1326 audit(1768628506.947:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.2.2270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  542.544488][T14164] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2276'.
[  543.668472][T14177] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2281'.
[  546.039743][T14206] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2287'.
[  546.401256][T14213] fuse: Bad value for 'group_id'
[  546.403082][T14213] fuse: Bad value for 'group_id'
[  546.893515][T14221] netlink: 'syz.1.2293': attribute type 2 has an invalid length.
[  546.896684][T14221] netlink: 'syz.1.2293': attribute type 1 has an invalid length.
[  546.899889][T14221] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2293'.
[  547.190793][T14226] binder: BINDER_SET_CONTEXT_MGR already set
[  547.194450][T14226] binder: 14225:14226 ioctl 4018620d 800002c0 returned -16
[  548.530828][T14255] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2301'.
[  548.548983][T14255] macsec1: entered allmulticast mode
[  548.550844][T14255] bridge0: entered allmulticast mode
[  548.556135][T14255] bridge0: port 3(macsec1) entered blocking state
[  548.558971][T14255] bridge0: port 3(macsec1) entered disabled state
[  548.589760][T14255] bridge0: left allmulticast mode
[  548.965305][T14268] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2302'.
[  549.214537][T14261] FAULT_INJECTION: forcing a failure.
[  549.214537][T14261] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  549.225089][T14261] CPU: 1 UID: 0 PID: 14261 Comm: syz.2.2303 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  549.225119][T14261] Tainted: [L]=SOFTLOCKUP
[  549.225123][T14261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  549.225131][T14261] Call Trace:
[  549.225135][T14261]  <TASK>
[  549.225139][T14261]  dump_stack_lvl+0x16c/0x1f0
[  549.225160][T14261]  should_fail_ex+0x512/0x640
[  549.225176][T14261]  __fpu_restore_sig+0x90c/0x1370
[  549.225195][T14261]  ? __pfx___fpu_restore_sig+0x10/0x10
[  549.225218][T14261]  ? __might_fault+0xe3/0x190
[  549.225229][T14261]  ? __might_fault+0x13b/0x190
[  549.225243][T14261]  fpu__restore_sig+0x151/0x190
[  549.225264][T14261]  ia32_restore_sigcontext+0x44a/0x630
[  549.225276][T14261]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  549.225290][T14261]  ? rcu_is_watching+0x12/0xc0
[  549.225305][T14261]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.225320][T14261]  ? lockdep_hardirqs_on+0x7c/0x110
[  549.225332][T14261]  __do_compat_sys_rt_sigreturn+0x18c/0x270
[  549.225343][T14261]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  549.225356][T14261]  ? rcu_is_watching+0x12/0xc0
[  549.225371][T14261]  do_int80_emulation+0x104/0x480
[  549.225383][T14261]  asm_int80_emulation+0x1a/0x20
[  549.225393][T14261] RIP: 0023:0xf707d577
[  549.225402][T14261] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  549.225412][T14261] RSP: 002b:00000000f546d55c EFLAGS: 00000296
[  549.225421][T14261] RAX: 0000000000000036 RBX: 0000000000000003 RCX: 0000000000002285
[  549.225427][T14261] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000
[  549.225433][T14261] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  549.225439][T14261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  549.225445][T14261] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  549.225458][T14261]  </TASK>
[  549.370842][T14274] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  549.374463][T14274] overlayfs: failed to set xattr on upper
[  549.377203][T14274] overlayfs: ...falling back to redirect_dir=nofollow.
[  549.379985][T14274] overlayfs: ...falling back to index=off.
[  549.382463][T14274] overlayfs: ...falling back to uuid=null.
[  550.522820][T14299] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  550.525614][T14299] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  550.529122][T14299] vhci_hcd vhci_hcd.0: Device attached
[  550.733424][T14305] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  550.796137][   T53] usb 44-1: SetAddress Request (14) to port 0
[  550.798631][   T53] usb 44-1: new SuperSpeed USB device number 14 using vhci_hcd
[  550.847959][T14305] /dev/sr0: Can't open blockdev
[  550.997175][T14300] vhci_hcd: connection reset by peer
[  551.016586][ T5050] vhci_hcd vhci_hcd.3: stop threads
[  551.018940][ T5050] vhci_hcd vhci_hcd.3: release socket
[  551.021341][ T5050] vhci_hcd vhci_hcd.3: disconnect device
[  551.078150][T14314] netlink: 'syz.0.2320': attribute type 1 has an invalid length.
[  551.127466][T14314] gretap1: entered allmulticast mode
[  551.129609][T14315] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2319'.
[  551.445355][T14319] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  551.522683][T14319] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  551.632998][T14319] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  551.730619][T14319] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  551.844590][T14330] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2324'.
[  551.897010][  T785] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  551.908025][  T785] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  551.920079][  T785] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  551.931169][  T785] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  552.967786][T14354] FAULT_INJECTION: forcing a failure.
[  552.967786][T14354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  552.973377][T14354] CPU: 2 UID: 0 PID: 14354 Comm: syz.1.2331 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  552.973403][T14354] Tainted: [L]=SOFTLOCKUP
[  552.973410][T14354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  552.973420][T14354] Call Trace:
[  552.973427][T14354]  <TASK>
[  552.973434][T14354]  dump_stack_lvl+0x16c/0x1f0
[  552.973547][T14354]  should_fail_ex+0x512/0x640
[  552.973577][T14354]  _copy_from_user+0x2e/0xd0
[  552.973600][T14354]  get_compat_msghdr+0xa7/0x170
[  552.973623][T14354]  ? __pfx_get_compat_msghdr+0x10/0x10
[  552.973655][T14354]  ___sys_sendmsg+0x1ae/0x1d0
[  552.973683][T14354]  ? __pfx____sys_sendmsg+0x10/0x10
[  552.973719][T14354]  ? find_held_lock+0x2b/0x80
[  552.973760][T14354]  __sys_sendmsg+0x16d/0x220
[  552.973785][T14354]  ? __pfx___sys_sendmsg+0x10/0x10
[  552.973820][T14354]  ? do_user_addr_fault+0x843/0x1370
[  552.973869][T14354]  __do_fast_syscall_32+0xe8/0x680
[  552.973891][T14354]  do_fast_syscall_32+0x32/0x80
[  552.973910][T14354]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  552.973932][T14354] RIP: 0023:0xf7fe5579
[  552.973948][T14354] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  552.973966][T14354] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  552.973983][T14354] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000580
[  552.974027][T14354] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  552.974039][T14354] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  552.974049][T14354] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  552.974059][T14354] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  552.974084][T14354]  </TASK>
[  553.447316][T14369] kvm: kvm [14357]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  553.673187][T14372] 
[  555.019099][ T6140] usb 8-1: new high-speed USB device number 52 using dummy_hcd
[  555.168541][ T6140] usb 8-1: Using ep0 maxpacket: 8
[  555.172351][ T6140] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  555.176080][ T6140] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  555.180386][ T6140] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  555.184437][ T6140] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  555.189059][ T6140] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  555.194651][ T6140] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  555.198564][ T6140] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.309278][T14386] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2341'.
[  555.403805][T14390] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2332'.
[  555.413490][T14390] openvswitch: netlink: Flow actions attr not present in new flow.
[  555.481443][T14393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2343'.
[  555.494121][T14393] input: syz0 as /devices/virtual/input/input9
[  555.685296][ T6140] usb 8-1: usb_control_msg returned -32
[  555.688216][ T6140] usbtmc 8-1:16.0: can't read capabilities
[  555.879072][   T53] usb 44-1: device descriptor read/8, error -110
[  556.490298][   T53] usb usb44-port1: attempt power cycle
[  556.594058][T14414] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  556.596183][T14414] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  556.609572][T14414] vhci_hcd vhci_hcd.0: Device attached
[  556.879588][ T6027] usb 38-1: SetAddress Request (18) to port 0
[  556.882260][ T6027] usb 38-1: new SuperSpeed USB device number 18 using vhci_hcd
[  557.062976][   T53] usb usb44-port1: unable to enumerate USB device
[  557.127633][T14415] vhci_hcd: connection reset by peer
[  557.137690][ T8149] vhci_hcd vhci_hcd.0: stop threads
[  557.146024][ T8149] vhci_hcd vhci_hcd.0: release socket
[  557.155560][ T8149] vhci_hcd vhci_hcd.0: disconnect device
[  557.275163][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  557.275175][   T40] audit: type=1326 audit(1768628521.998:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.283828][   T40] audit: type=1326 audit(1768628521.998:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.290544][   T40] audit: type=1326 audit(1768628521.998:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.315029][   T40] audit: type=1326 audit(1768628522.038:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.321971][   T40] audit: type=1326 audit(1768628522.038:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.328613][   T40] audit: type=1326 audit(1768628522.038:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.340583][   T40] audit: type=1326 audit(1768628522.058:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.347364][   T40] audit: type=1326 audit(1768628522.058:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.354401][   T40] audit: type=1326 audit(1768628522.058:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.361444][   T40] audit: type=1326 audit(1768628522.058:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14423 comm="syz.1.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  557.676809][ T6140] usb 8-1: USB disconnect, device number 52
[  557.940471][T14450] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2356'.
[  559.028884][T14463] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2357'.
[  559.321012][ T5988] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  559.541052][ T5988] usb 6-1: Using ep0 maxpacket: 8
[  559.545163][ T5988] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  559.561200][ T5988] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  559.565274][ T5988] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  559.569285][ T5988] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  559.580998][ T5988] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  559.591014][ T5988] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  559.594808][ T5988] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.822782][ T5988] usb 6-1: usb_control_msg returned -32
[  559.831258][ T5988] usbtmc 6-1:16.0: can't read capabilities
[  561.511958][T14491] kvm: kvm [14483]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  561.806705][T14495] /dev/nullb0: Can't open blockdev
[  561.962408][ T6027] usb 38-1: device descriptor read/8, error -110
[  561.993884][ T5988] usb 6-1: USB disconnect, device number 12
[  562.372989][ T6027] usb usb38-port1: attempt power cycle
[  562.953843][ T6027] usb usb38-port1: unable to enumerate USB device
[  563.099750][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  563.099768][   T40] audit: type=1326 audit(1768628527.815:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.125099][   T40] audit: type=1326 audit(1768628527.815:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.203545][   T40] audit: type=1326 audit(1768628527.915:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.230822][   T40] audit: type=1326 audit(1768628527.925:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.246560][   T40] audit: type=1326 audit(1768628527.955:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.258123][   T40] audit: type=1326 audit(1768628527.955:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.278431][   T40] audit: type=1326 audit(1768628527.955:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.279848][T14525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  563.308963][   T40] audit: type=1326 audit(1768628527.955:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.320814][   T40] audit: type=1326 audit(1768628527.955:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.335551][   T40] audit: type=1326 audit(1768628527.955:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.0.2370" exe="/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf708d579 code=0x7ffc0000
[  563.835677][T14533] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2374'.
[  564.636575][T14538] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.793790][T14538] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.089669][T14549] kvm: kvm [14541]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  565.097919][T14550] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2378'.
[  565.113572][T14538] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.219012][T14538] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.361596][ T7112] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  565.375789][ T7112] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  565.383669][ T7112] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  565.394090][ T7112] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  565.632331][T14556] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  565.637203][T14556] block device autoloading is deprecated and will be removed.
[  566.227168][T14569] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2385'.
[  566.427604][T14570] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2383'.
[  566.874325][T14577] FAULT_INJECTION: forcing a failure.
[  566.874325][T14577] name failslab, interval 1, probability 0, space 0, times 0
[  566.879774][T14577] CPU: 1 UID: 0 PID: 14577 Comm: syz.1.2388 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  566.879800][T14577] Tainted: [L]=SOFTLOCKUP
[  566.879805][T14577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  566.879815][T14577] Call Trace:
[  566.879821][T14577]  <TASK>
[  566.879829][T14577]  dump_stack_lvl+0x16c/0x1f0
[  566.879859][T14577]  should_fail_ex+0x512/0x640
[  566.879885][T14577]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  566.879912][T14577]  should_failslab+0xc2/0x120
[  566.879935][T14577]  kmem_cache_alloc_node_noprof+0x86/0x800
[  566.879954][T14577]  ? __alloc_skb+0x156/0x410
[  566.879977][T14577]  ? __alloc_skb+0x156/0x410
[  566.879994][T14577]  __alloc_skb+0x156/0x410
[  566.880015][T14577]  ? __alloc_skb+0x35d/0x410
[  566.880032][T14577]  ? __pfx___alloc_skb+0x10/0x10
[  566.880073][T14577]  ? is_bpf_text_address+0x8a/0x1a0
[  566.880094][T14577]  ? bpf_ksym_find+0x124/0x1c0
[  566.880114][T14577]  alloc_skb_with_frags+0xe0/0x860
[  566.880137][T14577]  ? unwind_get_return_address+0x59/0xa0
[  566.880161][T14577]  sock_alloc_send_pskb+0x7f9/0x980
[  566.880180][T14577]  ? __lock_acquire+0x436/0x2890
[  566.880205][T14577]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  566.880224][T14577]  ? __pfx___might_resched+0x10/0x10
[  566.880244][T14577]  ? find_held_lock+0x2b/0x80
[  566.880267][T14577]  ? aa_sk_perm+0x2f2/0xae0
[  566.880287][T14577]  hci_sock_sendmsg+0x1c7/0x26b0
[  566.880315][T14577]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  566.880338][T14577]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  566.880359][T14577]  sock_write_iter+0x566/0x610
[  566.880377][T14577]  ? __pfx_sock_write_iter+0x10/0x10
[  566.880400][T14577]  ? bpf_lsm_file_permission+0x9/0x10
[  566.880419][T14577]  ? security_file_permission+0x71/0x210
[  566.880440][T14577]  ? rw_verify_area+0xcf/0x6c0
[  566.880462][T14577]  vfs_write+0x7d3/0x11d0
[  566.880485][T14577]  ? __pfx_sock_write_iter+0x10/0x10
[  566.880503][T14577]  ? __pfx_vfs_write+0x10/0x10
[  566.880522][T14577]  ? find_held_lock+0x2b/0x80
[  566.880555][T14577]  ksys_write+0x1f8/0x250
[  566.880575][T14577]  ? __pfx_ksys_write+0x10/0x10
[  566.880597][T14577]  ? do_user_addr_fault+0x843/0x1370
[  566.880619][T14577]  __do_fast_syscall_32+0xe8/0x680
[  566.880638][T14577]  do_fast_syscall_32+0x32/0x80
[  566.880654][T14577]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  566.880673][T14577] RIP: 0023:0xf7fe5579
[  566.880687][T14577] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  566.880701][T14577] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  566.880717][T14577] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  566.880728][T14577] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[  566.880736][T14577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  566.880745][T14577] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  566.880754][T14577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  566.880776][T14577]  </TASK>
[  566.935504][ T6173] usb 8-1: new high-speed USB device number 53 using dummy_hcd
[  567.136667][T14583] kvm: kvm [14579]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  567.739717][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  567.744055][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  568.095800][ T6173] usb 8-1: Using ep0 maxpacket: 8
[  568.099872][ T6173] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  568.104033][ T6173] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  568.108198][ T6173] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  568.113507][ T6173] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  568.117946][ T6173] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  568.123532][ T6173] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  568.127603][ T6173] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.334690][ T6173] usb 8-1: usb_control_msg returned -32
[  568.335275][T14572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  568.337115][ T6173] usbtmc 8-1:16.0: can't read capabilities
[  568.342088][T14572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  568.347727][T14572] FAULT_INJECTION: forcing a failure.
[  568.347727][T14572] name failslab, interval 1, probability 0, space 0, times 0
[  568.351815][T14572] CPU: 1 UID: 0 PID: 14572 Comm: syz.3.2386 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  568.351833][T14572] Tainted: [L]=SOFTLOCKUP
[  568.351837][T14572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  568.351843][T14572] Call Trace:
[  568.351847][T14572]  <TASK>
[  568.351852][T14572]  dump_stack_lvl+0x16c/0x1f0
[  568.351885][T14572]  should_fail_ex+0x512/0x640
[  568.351899][T14572]  ? fs_reclaim_acquire+0xae/0x150
[  568.351916][T14572]  should_failslab+0xc2/0x120
[  568.351932][T14572]  __kmalloc_noprof+0xeb/0x910
[  568.351944][T14572]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  568.351962][T14572]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  568.351976][T14572]  tomoyo_realpath_from_path+0xc2/0x6e0
[  568.351992][T14572]  ? tomoyo_profile+0x47/0x60
[  568.352010][T14572]  tomoyo_path_number_perm+0x245/0x580
[  568.352022][T14572]  ? tomoyo_path_number_perm+0x237/0x580
[  568.352035][T14572]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  568.352062][T14572]  ? find_held_lock+0x2b/0x80
[  568.352076][T14572]  ? hook_file_ioctl_common+0x144/0x410
[  568.352092][T14572]  ? __fget_files+0x20e/0x3c0
[  568.352106][T14572]  ? __fput_deferred+0x470/0x480
[  568.352123][T14572]  security_file_ioctl_compat+0x9b/0x240
[  568.352138][T14572]  __ia32_compat_sys_ioctl+0xc3/0x370
[  568.352153][T14572]  __do_fast_syscall_32+0xe8/0x680
[  568.352166][T14572]  do_fast_syscall_32+0x32/0x80
[  568.352177][T14572]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  568.352190][T14572] RIP: 0023:0xf7fc7579
[  568.352199][T14572] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  568.352210][T14572] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  568.352220][T14572] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0145b0d
[  568.352227][T14572] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  568.352233][T14572] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  568.352239][T14572] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  568.352245][T14572] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  568.352258][T14572]  </TASK>
[  568.352287][T14572] ERROR: Out of memory at tomoyo_realpath_from_path.
[  568.434344][   T75] usb 8-1: USB disconnect, device number 53
[  569.172023][T14605] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2395'.
[  569.521448][T14614] geneve3: entered promiscuous mode
[  569.522216][ T7112] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 44587 - 0
[  569.526697][ T7112] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 44587 - 0
[  569.526723][ T7112] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 44587 - 0
[  569.526739][ T7112] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 44587 - 0
[  570.141168][T14634] kvm: kvm [14621]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  570.244740][T14636] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2403'.
[  571.515833][T14651] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2407'.
[  571.575666][T14653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  571.715932][T14655] netlink: 'syz.0.2410': attribute type 52 has an invalid length.
[  571.719347][T14655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2410'.
[  573.528055][T14682] netlink: 830 bytes leftover after parsing attributes in process `syz.2.2418'.
[  574.335110][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  574.351804][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  574.363761][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  574.435842][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  574.531886][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  574.552028][ T5956] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  574.555812][ T5956] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  574.561506][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  574.569638][ T5956] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  574.573604][ T5956] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  574.884933][ T8149] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  574.892738][ T8149] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 44587 - 0
[  574.988535][ T8149] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  574.995769][ T8149] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 44587 - 0
[  575.079681][ T8149] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  575.084479][ T8149] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 44587 - 0
[  575.101534][T14691] chnl_net:caif_netlink_parms(): no params data found
[  575.184221][ T8149] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  575.188088][ T8149] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 44587 - 0
[  575.213718][T14691] bridge0: port 1(bridge_slave_0) entered blocking state
[  575.217206][T14691] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.219970][T14691] bridge_slave_0: entered allmulticast mode
[  575.222872][T14691] bridge_slave_0: entered promiscuous mode
[  575.226842][T14691] bridge0: port 2(bridge_slave_1) entered blocking state
[  575.229398][T14691] bridge0: port 2(bridge_slave_1) entered disabled state
[  575.234314][T14691] bridge_slave_1: entered allmulticast mode
[  575.237022][T14691] bridge_slave_1: entered promiscuous mode
[  575.271493][T14691] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  575.276666][T14691] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  575.498079][T14691] team0: Port device team_slave_0 added
[  575.502952][T14691] team0: Port device team_slave_1 added
[  575.525134][T14691] batman_adv: batadv0: Adding interface: batadv_slave_0
[  575.528102][T14691] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  575.538971][T14691] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  575.545131][T14691] batman_adv: batadv0: Adding interface: batadv_slave_1
[  575.548078][T14691] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  575.562637][T14691] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  576.043936][   T40] audit: type=1326 audit(1768628540.758:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.053161][   T40] audit: type=1326 audit(1768628540.758:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.063269][   T40] audit: type=1326 audit(1768628540.758:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.074273][   T40] audit: type=1326 audit(1768628540.758:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.082611][   T40] audit: type=1326 audit(1768628540.758:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.091229][   T40] audit: type=1326 audit(1768628540.758:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.099112][   T40] audit: type=1326 audit(1768628540.758:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.099547][ T8149] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  576.109537][   T40] audit: type=1326 audit(1768628540.758:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.117854][   T40] audit: type=1326 audit(1768628540.758:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.120127][ T8149] bond0 (unregistering): Released all slaves
[  576.124432][   T40] audit: type=1326 audit(1768628540.758:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14726 comm="syz.2.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  576.128449][T14728] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  576.136161][T14728] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  576.139945][T14728] vhci_hcd vhci_hcd.0: Device attached
[  576.148541][ T8149] bond1 (unregistering): Released all slaves
[  576.183819][T14691] hsr_slave_0: entered promiscuous mode
[  576.184599][T14691] hsr_slave_1: entered promiscuous mode
[  576.185143][T14691] debugfs: 'hsr0' already exists in 'hsr'
[  576.185162][T14691] Cannot create hsr debugfs directory
[  576.294356][T14737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2431'.
[  576.400386][ T6173] usb 42-1: SetAddress Request (10) to port 0
[  576.402929][ T6173] usb 42-1: new SuperSpeed USB device number 10 using vhci_hcd
[  576.610564][ T5956] Bluetooth: hci3: command tx timeout
[  576.879615][T14729] vhci_hcd: connection reset by peer
[  576.886417][   T92] vhci_hcd vhci_hcd.2: stop threads
[  576.888188][   T92] vhci_hcd vhci_hcd.2: release socket
[  576.890012][   T92] vhci_hcd vhci_hcd.2: disconnect device
[  577.124624][ T6027] usb 8-1: new high-speed USB device number 54 using dummy_hcd
[  577.271929][ T6027] usb 8-1: Using ep0 maxpacket: 8
[  577.275097][ T6027] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  577.277803][ T6027] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  577.281127][ T6027] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  577.284247][ T6027] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  577.287405][ T6027] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  577.292896][ T6027] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  577.295866][ T6027] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.507692][ T6027] usb 8-1: usb_control_msg returned -32
[  577.510765][ T6027] usbtmc 8-1:16.0: can't read capabilities
[  577.529626][ T6027] usb 8-1: USB disconnect, device number 54
[  578.020987][T14691] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  578.098909][T14691] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  578.137409][T14691] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  578.234170][T14691] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  578.701616][ T5956] Bluetooth: hci3: command tx timeout
[  579.763748][T14691] 8021q: adding VLAN 0 to HW filter on device bond0
[  579.776381][T14691] 8021q: adding VLAN 0 to HW filter on device team0
[  579.782285][ T1175] bridge0: port 1(bridge_slave_0) entered blocking state
[  579.784964][ T1175] bridge0: port 1(bridge_slave_0) entered forwarding state
[  579.802756][ T8609] bridge0: port 2(bridge_slave_1) entered blocking state
[  579.805506][ T8609] bridge0: port 2(bridge_slave_1) entered forwarding state
[  580.070225][T14691] 8021q: adding VLAN 0 to HW filter on device batadv0
[  580.341841][T14691] veth0_vlan: entered promiscuous mode
[  580.352255][T14691] veth1_vlan: entered promiscuous mode
[  580.352668][T14805] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2441'.
[  580.367781][T14691] veth0_macvtap: entered promiscuous mode
[  580.374508][T14691] veth1_macvtap: entered promiscuous mode
[  580.384255][T14691] batman_adv: batadv0: Interface activated: batadv_slave_0
[  580.400325][T14691] batman_adv: batadv0: Interface activated: batadv_slave_1
[  580.419017][ T1175] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  580.435230][ T8609] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  580.438106][ T8609] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  580.441305][ T8609] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  580.498179][ T8609] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  580.503683][ T8609] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  580.536575][ T1175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  580.539804][ T1175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  580.735576][T14826] FAULT_INJECTION: forcing a failure.
[  580.735576][T14826] name failslab, interval 1, probability 0, space 0, times 0
[  580.740629][T14826] CPU: 1 UID: 0 PID: 14826 Comm: syz.1.2446 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  580.740654][T14826] Tainted: [L]=SOFTLOCKUP
[  580.740660][T14826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  580.740670][T14826] Call Trace:
[  580.740677][T14826]  <TASK>
[  580.740684][T14826]  dump_stack_lvl+0x16c/0x1f0
[  580.740715][T14826]  should_fail_ex+0x512/0x640
[  580.740740][T14826]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  580.740766][T14826]  should_failslab+0xc2/0x120
[  580.740790][T14826]  kmem_cache_alloc_node_noprof+0x86/0x800
[  580.740810][T14826]  ? __alloc_skb+0x156/0x410
[  580.740834][T14826]  ? __alloc_skb+0x156/0x410
[  580.740852][T14826]  __alloc_skb+0x156/0x410
[  580.740869][T14826]  ? __alloc_skb+0x35d/0x410
[  580.740888][T14826]  ? __pfx___alloc_skb+0x10/0x10
[  580.740907][T14826]  ? netlink_autobind.isra.0+0x158/0x370
[  580.740939][T14826]  netlink_alloc_large_skb+0x69/0x140
[  580.740965][T14826]  netlink_sendmsg+0x698/0xdd0
[  580.740993][T14826]  ? __pfx_netlink_sendmsg+0x10/0x10
[  580.741020][T14826]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  580.741042][T14826]  ____sys_sendmsg+0xa5d/0xc30
[  580.741061][T14826]  ? __pfx_____sys_sendmsg+0x10/0x10
[  580.741076][T14826]  ? get_compat_msghdr+0x11a/0x170
[  580.741108][T14826]  ___sys_sendmsg+0x134/0x1d0
[  580.741132][T14826]  ? __pfx____sys_sendmsg+0x10/0x10
[  580.741166][T14826]  ? find_held_lock+0x2b/0x80
[  580.741202][T14826]  __sys_sendmsg+0x16d/0x220
[  580.741224][T14826]  ? __pfx___sys_sendmsg+0x10/0x10
[  580.741256][T14826]  ? do_user_addr_fault+0x843/0x1370
[  580.741280][T14826]  __do_fast_syscall_32+0xe8/0x680
[  580.741300][T14826]  do_fast_syscall_32+0x32/0x80
[  580.741317][T14826]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  580.741338][T14826] RIP: 0023:0xf7fe5579
[  580.741352][T14826] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  580.741368][T14826] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  580.741385][T14826] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  580.741396][T14826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  580.741405][T14826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  580.741415][T14826] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  580.741425][T14826] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  580.741448][T14826]  </TASK>
[  580.792703][ T5956] Bluetooth: hci3: command tx timeout
[  580.950478][T14832] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2448'.
[  580.967679][T14832] sp0: Synchronizing with TNC
[  580.973843][T14832] [U] è
[  581.497965][ T6173] usb 42-1: device descriptor read/8, error -110
[  581.686972][T14842] kvm: kvm [14837]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  581.788591][T14847] FAULT_INJECTION: forcing a failure.
[  581.788591][T14847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.802323][T14847] CPU: 2 UID: 0 PID: 14847 Comm: syz.0.2452 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  581.802353][T14847] Tainted: [L]=SOFTLOCKUP
[  581.802359][T14847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  581.802370][T14847] Call Trace:
[  581.802377][T14847]  <TASK>
[  581.802385][T14847]  dump_stack_lvl+0x16c/0x1f0
[  581.802417][T14847]  should_fail_ex+0x512/0x640
[  581.802441][T14847]  _copy_from_user+0x2e/0xd0
[  581.802461][T14847]  compat_do_replace+0x310/0x520
[  581.802482][T14847]  ? __lock_acquire+0x360/0x2890
[  581.802497][T14847]  ? __pfx_compat_do_replace+0x10/0x10
[  581.802515][T14847]  ? sockopt_release_sock+0x52/0x60
[  581.802537][T14847]  ? __local_bh_enable_ip+0xa4/0x120
[  581.802567][T14847]  ? bpf_lsm_capable+0x9/0x10
[  581.802586][T14847]  ? security_capable+0x7e/0x260
[  581.802606][T14847]  do_ip6t_set_ctl+0x5ed/0xbc0
[  581.802624][T14847]  ? find_held_lock+0x2b/0x80
[  581.802645][T14847]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  581.802666][T14847]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  581.802686][T14847]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  581.802702][T14847]  ? __pfx___might_resched+0x10/0x10
[  581.802731][T14847]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  581.802750][T14847]  nf_setsockopt+0x8d/0xf0
[  581.802768][T14847]  ipv6_setsockopt+0x135/0x170
[  581.802798][T14847]  tcp_setsockopt+0xa7/0x100
[  581.802822][T14847]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  581.802849][T14847]  do_sock_setsockopt+0xf3/0x1d0
[  581.802876][T14847]  __sys_setsockopt+0x120/0x1a0
[  581.802900][T14847]  __ia32_sys_setsockopt+0xbc/0x160
[  581.802919][T14847]  ? __do_fast_syscall_32+0x9a/0x680
[  581.802936][T14847]  ? lockdep_hardirqs_on+0x7c/0x110
[  581.802950][T14847]  __do_fast_syscall_32+0xe8/0x680
[  581.802969][T14847]  do_fast_syscall_32+0x32/0x80
[  581.802987][T14847]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  581.803007][T14847] RIP: 0023:0xf7fe5579
[  581.803021][T14847] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  581.803035][T14847] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  581.803053][T14847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  581.803063][T14847] RDX: 0000000000000040 RSI: 0000000080000780 RDI: 0000000000000508
[  581.803074][T14847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  581.803083][T14847] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  581.803093][T14847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  581.803115][T14847]  </TASK>
[  581.907827][ T6173] usb usb42-port1: attempt power cycle
[  581.943385][   T40] kauditd_printk_skb: 49 callbacks suppressed
[  581.943403][   T40] audit: type=1326 audit(1768628546.645:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14848 comm="syz.1.2453" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x0
[  582.472360][   T40] audit: type=1326 audit(1768628547.174:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14854 comm="syz.0.2455" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x0
[  582.534635][ T6173] usb usb42-port1: unable to enumerate USB device
[  582.575276][T14858] FAULT_INJECTION: forcing a failure.
[  582.575276][T14858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  582.580870][T14858] CPU: 2 UID: 0 PID: 14858 Comm: syz.0.2455 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  582.580899][T14858] Tainted: [L]=SOFTLOCKUP
[  582.580905][T14858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  582.580916][T14858] Call Trace:
[  582.580924][T14858]  <TASK>
[  582.580931][T14858]  dump_stack_lvl+0x16c/0x1f0
[  582.580964][T14858]  should_fail_ex+0x512/0x640
[  582.580991][T14858]  _copy_to_iter+0x29f/0x1710
[  582.581018][T14858]  ? __pfx__copy_to_iter+0x10/0x10
[  582.581041][T14858]  ? aa_file_perm+0x29e/0x1560
[  582.581074][T14858]  seq_read_iter+0x71e/0x12d0
[  582.581109][T14858]  kernfs_fop_read_iter+0x46c/0x610
[  582.581144][T14858]  do_iter_readv_writev+0x743/0x9e0
[  582.581170][T14858]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  582.581200][T14858]  ? rw_verify_area+0xcf/0x6c0
[  582.581225][T14858]  vfs_readv+0x4cb/0x8b0
[  582.581249][T14858]  ? trace_contention_end+0xdd/0x110
[  582.581273][T14858]  ? __pfx_vfs_readv+0x10/0x10
[  582.581295][T14858]  ? fdget_pos+0x2a2/0x370
[  582.581321][T14858]  ? find_held_lock+0x2b/0x80
[  582.581358][T14858]  ? __fget_files+0x20e/0x3c0
[  582.581380][T14858]  ? __fget_files+0x1f0/0x3c0
[  582.581411][T14858]  ? do_readv+0x132/0x340
[  582.581432][T14858]  do_readv+0x132/0x340
[  582.581453][T14858]  ? __pfx_do_readv+0x10/0x10
[  582.581476][T14858]  ? do_user_addr_fault+0x843/0x1370
[  582.581503][T14858]  __do_fast_syscall_32+0xe8/0x680
[  582.581525][T14858]  do_fast_syscall_32+0x32/0x80
[  582.581545][T14858]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  582.581567][T14858] RIP: 0023:0xf7fe5579
[  582.581583][T14858] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  582.581600][T14858] RSP: 002b:00000000f54b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000091
[  582.581620][T14858] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000340
[  582.581632][T14858] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  582.581642][T14858] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  582.581653][T14858] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  582.581664][T14858] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  582.581691][T14858]  </TASK>
[  582.854441][ T5956] Bluetooth: hci3: command tx timeout
[  583.294268][T14877] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2460'.
[  583.895221][T14881] FAULT_INJECTION: forcing a failure.
[  583.895221][T14881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  583.900943][T14881] CPU: 1 UID: 0 PID: 14881 Comm: syz.0.2462 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.900973][T14881] Tainted: [L]=SOFTLOCKUP
[  583.900979][T14881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  583.900991][T14881] Call Trace:
[  583.900997][T14881]  <TASK>
[  583.901005][T14881]  dump_stack_lvl+0x16c/0x1f0
[  583.901037][T14881]  should_fail_ex+0x512/0x640
[  583.901062][T14881]  _copy_to_user+0x32/0xd0
[  583.901084][T14881]  simple_read_from_buffer+0xcb/0x170
[  583.901110][T14881]  proc_fail_nth_read+0x197/0x240
[  583.901139][T14881]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  583.901169][T14881]  ? rw_verify_area+0xcf/0x6c0
[  583.901191][T14881]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  583.901218][T14881]  vfs_read+0x1e4/0xcf0
[  583.901244][T14881]  ? __pfx___mutex_lock+0x10/0x10
[  583.901264][T14881]  ? __pfx_vfs_read+0x10/0x10
[  583.901285][T14881]  ? find_held_lock+0x2b/0x80
[  583.901315][T14881]  ? __fget_files+0x20e/0x3c0
[  583.901347][T14881]  ksys_read+0x12a/0x250
[  583.901369][T14881]  ? __pfx_ksys_read+0x10/0x10
[  583.901401][T14881]  __do_fast_syscall_32+0xe8/0x680
[  583.901422][T14881]  do_fast_syscall_32+0x32/0x80
[  583.901440][T14881]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  583.901462][T14881] RIP: 0023:0xf7fe5579
[  583.901476][T14881] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  583.901494][T14881] RSP: 002b:00000000f54d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  583.901512][T14881] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54d6620
[  583.901524][T14881] RDX: 000000000000000f RSI: 00000000f7476ff4 RDI: 0000000000000000
[  583.901536][T14881] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  583.901546][T14881] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  583.901557][T14881] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  583.901581][T14881]  </TASK>
[  584.409252][T14886] CIFS mount error: No usable UNC path provided in device string!
[  584.409252][T14886] 
[  584.413598][T14886] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  584.820001][T14899] FAULT_INJECTION: forcing a failure.
[  584.820001][T14899] name failslab, interval 1, probability 0, space 0, times 0
[  584.824371][T14899] CPU: 0 UID: 0 PID: 14899 Comm: syz.2.2466 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  584.824390][T14899] Tainted: [L]=SOFTLOCKUP
[  584.824393][T14899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  584.824399][T14899] Call Trace:
[  584.824404][T14899]  <TASK>
[  584.824408][T14899]  dump_stack_lvl+0x16c/0x1f0
[  584.824429][T14899]  should_fail_ex+0x512/0x640
[  584.824442][T14899]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  584.824457][T14899]  should_failslab+0xc2/0x120
[  584.824474][T14899]  kmem_cache_alloc_node_noprof+0x86/0x800
[  584.824486][T14899]  ? __alloc_skb+0x156/0x410
[  584.824502][T14899]  ? __alloc_skb+0x156/0x410
[  584.824513][T14899]  __alloc_skb+0x156/0x410
[  584.824524][T14899]  ? __alloc_skb+0x35d/0x410
[  584.824536][T14899]  ? __pfx___alloc_skb+0x10/0x10
[  584.824549][T14899]  ? netlink_autobind.isra.0+0x158/0x370
[  584.824569][T14899]  netlink_alloc_large_skb+0x69/0x140
[  584.824586][T14899]  netlink_sendmsg+0x698/0xdd0
[  584.824604][T14899]  ? __pfx_netlink_sendmsg+0x10/0x10
[  584.824621][T14899]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  584.824635][T14899]  ____sys_sendmsg+0xa5d/0xc30
[  584.824648][T14899]  ? __pfx_____sys_sendmsg+0x10/0x10
[  584.824658][T14899]  ? get_compat_msghdr+0x11a/0x170
[  584.824678][T14899]  ___sys_sendmsg+0x134/0x1d0
[  584.824693][T14899]  ? __pfx____sys_sendmsg+0x10/0x10
[  584.824718][T14899]  ? find_held_lock+0x2b/0x80
[  584.824740][T14899]  __sys_sendmsg+0x16d/0x220
[  584.824755][T14899]  ? __pfx___sys_sendmsg+0x10/0x10
[  584.824795][T14899]  ? do_user_addr_fault+0x843/0x1370
[  584.824818][T14899]  __do_fast_syscall_32+0xe8/0x680
[  584.824838][T14899]  do_fast_syscall_32+0x32/0x80
[  584.824856][T14899]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  584.824877][T14899] RIP: 0023:0xf707d579
[  584.824891][T14899] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  584.824904][T14899] RSP: 002b:00000000f546d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  584.824915][T14899] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000280
[  584.824922][T14899] RDX: 0000000000040004 RSI: 0000000000000000 RDI: 0000000000000000
[  584.824928][T14899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  584.824934][T14899] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  584.824940][T14899] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  584.824953][T14899]  </TASK>
[  584.952575][T14902] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  585.201377][T14902] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  585.290114][T14902] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  585.455682][T14902] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  586.174852][ T8609] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  586.188599][ T8609] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  586.202387][ T8609] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  586.223323][  T785] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  586.516859][T14928] netlink: 'syz.3.2471': attribute type 1 has an invalid length.
[  586.579845][T14932] kvm: kvm [14924]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  586.903458][T14936] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  589.625397][T14987] netlink: zone id is out of range
[  589.627666][T14987] netlink: zone id is out of range
[  589.726851][ T5956] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  589.732292][ T5956] CPU: 3 UID: 0 PID: 5956 Comm: kworker/u33:8 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  589.732324][ T5956] Tainted: [L]=SOFTLOCKUP
[  589.732330][ T5956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  589.732344][ T5956] Workqueue: hci3 hci_rx_work
[  589.732372][ T5956] Call Trace:
[  589.732379][ T5956]  <TASK>
[  589.732388][ T5956]  dump_stack_lvl+0x16c/0x1f0
[  589.732420][ T5956]  sysfs_warn_dup+0x7f/0xa0
[  589.732442][ T5956]  sysfs_create_dir_ns+0x24b/0x2b0
[  589.732463][ T5956]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  589.732483][ T5956]  ? find_held_lock+0x2b/0x80
[  589.732512][ T5956]  ? do_raw_spin_unlock+0x172/0x230
[  589.732535][ T5956]  kobject_add_internal+0x2c4/0x9d0
[  589.732560][ T5956]  kobject_add+0x16e/0x240
[  589.732579][ T5956]  ? __pfx_kobject_add+0x10/0x10
[  589.732603][ T5956]  ? kobject_put+0xaf/0x6f0
[  589.732619][ T5956]  ? _raw_spin_unlock+0x28/0x50
[  589.732652][ T5956]  device_add+0x288/0x1980
[  589.732679][ T5956]  ? __pfx_dev_set_name+0x10/0x10
[  589.732697][ T5956]  ? __pfx_device_add+0x10/0x10
[  589.732721][ T5956]  ? mgmt_send_event_skb+0x2fb/0x460
[  589.732754][ T5956]  hci_conn_add_sysfs+0x1a8/0x260
[  589.732784][ T5956]  le_conn_complete_evt+0x11ed/0x1fa0
[  589.732816][ T5956]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  589.732849][ T5956]  hci_le_conn_complete_evt+0x23c/0x3a0
[  589.732880][ T5956]  hci_le_meta_evt+0x357/0x610
[  589.732906][ T5956]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  589.732936][ T5956]  hci_event_packet+0x685/0x1210
[  589.732961][ T5956]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  589.732997][ T5956]  ? __pfx_hci_event_packet+0x10/0x10
[  589.733026][ T5956]  ? kcov_remote_start+0x399/0x680
[  589.733054][ T5956]  ? lockdep_hardirqs_on+0x7c/0x110
[  589.733078][ T5956]  hci_rx_work+0x2c9/0x1020
[  589.733107][ T5956]  process_one_work+0x9ba/0x1b20
[  589.733138][ T5956]  ? __pfx_process_one_work+0x10/0x10
[  589.733185][ T5956]  ? assign_work+0x1a0/0x250
[  589.733208][ T5956]  worker_thread+0x6c8/0xf10
[  589.733242][ T5956]  ? __pfx_worker_thread+0x10/0x10
[  589.733263][ T5956]  kthread+0x3c5/0x780
[  589.733282][ T5956]  ? __pfx_kthread+0x10/0x10
[  589.733303][ T5956]  ? rcu_is_watching+0x12/0xc0
[  589.733330][ T5956]  ? __pfx_kthread+0x10/0x10
[  589.733349][ T5956]  ret_from_fork+0x983/0xb10
[  589.733368][ T5956]  ? __pfx_ret_from_fork+0x10/0x10
[  589.733389][ T5956]  ? __switch_to+0x7af/0x10d0
[  589.733411][ T5956]  ? __pfx_kthread+0x10/0x10
[  589.733429][ T5956]  ret_from_fork_asm+0x1a/0x30
[  589.733469][ T5956]  </TASK>
[  589.733596][ T5956] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  589.843411][ T5956] Bluetooth: hci3: failed to register connection device
[  590.710445][T15006] kvm: kvm [15001]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6
[  592.391281][T15040] FAULT_INJECTION: forcing a failure.
[  592.391281][T15040] name failslab, interval 1, probability 0, space 0, times 0
[  592.396315][T15040] CPU: 2 UID: 0 PID: 15040 Comm: syz.3.2500 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  592.396340][T15040] Tainted: [L]=SOFTLOCKUP
[  592.396346][T15040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  592.396356][T15040] Call Trace:
[  592.396361][T15040]  <TASK>
[  592.396368][T15040]  dump_stack_lvl+0x16c/0x1f0
[  592.396396][T15040]  should_fail_ex+0x512/0x640
[  592.396419][T15040]  should_failslab+0xc2/0x120
[  592.396441][T15040]  kmem_cache_alloc_noprof+0x83/0x770
[  592.396459][T15040]  ? dst_alloc+0x99/0x1a0
[  592.396482][T15040]  ? dst_alloc+0x99/0x1a0
[  592.396498][T15040]  dst_alloc+0x99/0x1a0
[  592.396517][T15040]  rt_dst_alloc+0x35/0x3a0
[  592.396535][T15040]  ip_route_output_key_hash_rcu+0x87a/0x28e0
[  592.396562][T15040]  ip_route_output_key_hash+0x10f/0x2b0
[  592.396582][T15040]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  592.396601][T15040]  ? find_held_lock+0x2b/0x80
[  592.396629][T15040]  __ip4_datagram_connect+0x846/0x14c0
[  592.396655][T15040]  __ip6_datagram_connect+0xcf0/0x1480
[  592.396682][T15040]  ? __pfx___ip6_datagram_connect+0x10/0x10
[  592.396715][T15040]  ? ip6_datagram_connect_v6_only+0x73/0xa0
[  592.396734][T15040]  ip6_datagram_connect_v6_only+0x73/0xa0
[  592.396755][T15040]  inet_dgram_connect+0x143/0x200
[  592.396774][T15040]  ? __pfx_inet_dgram_connect+0x10/0x10
[  592.396790][T15040]  __sys_connect_file+0x141/0x1a0
[  592.396810][T15040]  __sys_connect+0x13b/0x160
[  592.396827][T15040]  ? __pfx___sys_connect+0x10/0x10
[  592.396853][T15040]  ? __pfx_ksys_write+0x10/0x10
[  592.396875][T15040]  ? do_user_addr_fault+0x843/0x1370
[  592.396895][T15040]  __ia32_sys_connect+0x71/0xb0
[  592.396911][T15040]  ? lockdep_hardirqs_on+0x7c/0x110
[  592.396926][T15040]  __do_fast_syscall_32+0xe8/0x680
[  592.396945][T15040]  do_fast_syscall_32+0x32/0x80
[  592.396960][T15040]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  592.396978][T15040] RIP: 0023:0xf7fc7579
[  592.396990][T15040] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  592.397004][T15040] RSP: 002b:00000000f549555c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  592.397019][T15040] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[  592.397029][T15040] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  592.397037][T15040] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  592.397046][T15040] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  592.397056][T15040] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  592.397078][T15040]  </TASK>
[  592.959551][   T40] audit: type=1326 audit(1768628557.669:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  592.989162][   T40] audit: type=1326 audit(1768628557.669:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.005697][   T40] audit: type=1326 audit(1768628557.689:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.035431][   T40] audit: type=1326 audit(1768628557.739:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.043459][   T40] audit: type=1326 audit(1768628557.739:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.078827][   T40] audit: type=1326 audit(1768628557.779:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.094685][   T40] audit: type=1326 audit(1768628557.779:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.113921][   T40] audit: type=1326 audit(1768628557.779:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.121487][   T40] audit: type=1326 audit(1768628557.779:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.128446][   T40] audit: type=1326 audit(1768628557.779:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15016 comm="syz.2.2494" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  593.379454][ T6766] usb 8-1: new high-speed USB device number 55 using dummy_hcd
[  593.416471][T15076] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2505'.
[  593.599512][ T6766] usb 8-1: Using ep0 maxpacket: 8
[  593.609159][ T6766] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  593.613216][ T6766] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  593.617424][ T6766] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  593.621929][ T6766] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  593.626319][ T6766] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  593.632501][ T6766] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  593.636493][ T6766] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.661761][T15088] fuse: Bad value for 'group_id'
[  593.663989][T15088] fuse: Bad value for 'group_id'
[  594.990633][T15102] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2507'.
[  595.384797][T15108] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2511'.
[  595.906279][T15110] syz.0.2510 (15110): drop_caches: 1
[  595.948837][T15110] syz.0.2510 (15110): drop_caches: 1
[  596.034214][ T6766] usb 8-1: usb_control_msg returned -71
[  596.036468][ T6766] usbtmc 8-1:16.0: can't read capabilities
[  596.050082][ T6766] usb 8-1: USB disconnect, device number 55
[  596.510316][T15147] FAULT_INJECTION: forcing a failure.
[  596.510316][T15147] name failslab, interval 1, probability 0, space 0, times 0
[  596.516810][T15147] CPU: 3 UID: 0 PID: 15147 Comm: syz.1.2518 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  596.516839][T15147] Tainted: [L]=SOFTLOCKUP
[  596.516846][T15147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  596.516876][T15147] Call Trace:
[  596.516884][T15147]  <TASK>
[  596.516891][T15147]  dump_stack_lvl+0x16c/0x1f0
[  596.516922][T15147]  should_fail_ex+0x512/0x640
[  596.516942][T15147]  ? kmem_cache_alloc_noprof+0x62/0x770
[  596.516967][T15147]  should_failslab+0xc2/0x120
[  596.516992][T15147]  kmem_cache_alloc_noprof+0x83/0x770
[  596.517013][T15147]  ? fcntl_setlk+0xaa/0xdf0
[  596.517039][T15147]  ? fcntl_setlk+0xaa/0xdf0
[  596.517062][T15147]  fcntl_setlk+0xaa/0xdf0
[  596.517086][T15147]  ? __pfx_fcntl_setlk+0x10/0x10
[  596.517110][T15147]  ? find_held_lock+0x2b/0x80
[  596.517132][T15147]  ? __might_fault+0xe3/0x190
[  596.517150][T15147]  ? __might_fault+0xe3/0x190
[  596.517169][T15147]  ? __might_fault+0x13b/0x190
[  596.517197][T15147]  do_compat_fcntl64+0x209/0x710
[  596.517218][T15147]  ? __pfx_do_compat_fcntl64+0x10/0x10
[  596.517240][T15147]  ? fput+0x70/0xf0
[  596.517258][T15147]  ? ksys_write+0x1ac/0x250
[  596.517284][T15147]  ? do_user_addr_fault+0x843/0x1370
[  596.517311][T15147]  __do_fast_syscall_32+0xe8/0x680
[  596.517333][T15147]  do_fast_syscall_32+0x32/0x80
[  596.517350][T15147]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  596.517373][T15147] RIP: 0023:0xf7fe5579
[  596.517387][T15147] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  596.517403][T15147] RSP: 002b:00000000f547b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000037
[  596.517421][T15147] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000007
[  596.517432][T15147] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[  596.517442][T15147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  596.517449][T15147] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  596.517459][T15147] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  596.517482][T15147]  </TASK>
[  597.722145][  T785] ------------[ cut here ]------------
[  597.724241][  T785] wlan1: Dropped data frame as no usable bitrate found while scanning and associated. Target station: 08:02:11:00:00:00 on 5 GHz band
[  597.728527][  T785] WARNING: net/mac80211/tx.c:751 at ieee80211_tx_h_rate_ctrl+0x139c/0x1ad0, CPU#0: kworker/u32:6/785
[  597.732723][  T785] Modules linked in:
[  597.734681][  T785] CPU: 0 UID: 0 PID: 785 Comm: kworker/u32:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  597.739294][  T785] Tainted: [L]=SOFTLOCKUP
[  597.741140][  T785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  597.745774][  T785] Workqueue: events_unbound cfg80211_wiphy_work
[  597.748509][  T785] RIP: 0010:ieee80211_tx_h_rate_ctrl+0x13ac/0x1ad0
[  597.751326][  T785] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 60 06 00 00 48 8d 3d 74 a1 a6 05 49 8b 77 68 89 d9 48 89 ea 48 81 c6 48 0a 00 00 <67> 48 0f b9 3a bb 01 00 00 00 e9 94 f8 ff ff e8 80 04 cc f6 e8 3b
[  597.759485][  T785] RSP: 0018:ffffc90003c7f588 EFLAGS: 00010282
[  597.762081][  T785] RAX: dffffc0000000000 RBX: 0000000000000005 RCX: 0000000000000005
[  597.765151][  T785] RDX: ffff8880132c1084 RSI: ffff8880730b97c8 RDI: ffffffff9098fb50
[  597.768239][  T785] RBP: ffff8880132c1084 R08: 0000000000000005 R09: 0000000000000000
[  597.771355][  T785] R10: 0000000000000000 R11: ffff888024fbaff0 R12: ffff888074808000
[  597.774662][  T785] R13: 0000000000000000 R14: ffff8880510f5e3d R15: ffffc90003c7f7e8
[  597.777805][  T785] FS:  0000000000000000(0000) GS:ffff8880976f9000(0000) knlGS:0000000000000000
[  597.781541][  T785] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  597.784394][  T785] CR2: 00000000800ae018 CR3: 0000000056d83000 CR4: 0000000000352ef0
[  597.787725][  T785] Call Trace:
[  597.789203][  T785]  <TASK>
[  597.790480][  T785]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  597.793134][  T785]  ? find_held_lock+0x2b/0x80
[  597.795176][  T785]  invoke_tx_handlers_late+0x1172/0x27d0
[  597.797554][  T785]  ? invoke_tx_handlers_early+0x669/0x28a0
[  597.800057][  T785]  ieee80211_tx+0x304/0x460
[  597.802177][  T785]  ? __pfx_ieee80211_tx+0x10/0x10
[  597.804365][  T785]  ? ieee80211_skb_resize+0x22a/0x630
[  597.806639][  T785]  ? ieee80211_set_qos_hdr+0xba/0x3f0
[  597.808432][  T785]  ieee80211_xmit+0x30f/0x3e0
[  597.809951][  T785]  __ieee80211_tx_skb_tid_band+0x2c2/0x720
[  597.811881][  T785]  ieee80211_scan_state_send_probe+0x34c/0xad0
[  597.813879][  T785]  ieee80211_scan_work+0x772/0x2080
[  597.815556][  T785]  ? preempt_schedule_thunk+0x16/0x30
[  597.817242][  T785]  ? __pfx_ieee80211_scan_work+0x10/0x10
[  597.819035][  T785]  ? preempt_schedule_thunk+0x16/0x30
[  597.820798][  T785]  cfg80211_wiphy_work+0x3fb/0x560
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  597.822530][  T785]  process_one_work+0x9ba/0x1b20
[  597.824262][  T785]  ? __pfx_process_one_work+0x10/0x10
[  597.825994][  T785]  ? assign_work+0x1a0/0x250
[  597.827432][  T785]  worker_thread+0x6c8/0xf10
[  597.828893][  T785]  ? __pfx_worker_thread+0x10/0x10
[  597.830771][  T785]  kthread+0x3c5/0x780
[  597.832607][  T785]  ? __pfx_kthread+0x10/0x10
[  597.834585][  T785]  ? rcu_is_watching+0x12/0xc0
[  597.836598][  T785]  ? __pfx_kthread+0x10/0x10
[  597.838548][  T785]  ret_from_fork+0x983/0xb10
[  597.840488][  T785]  ? __pfx_ret_from_fork+0x10/0x10
[  597.842715][  T785]  ? __switch_to+0x7af/0x10d0
[  597.844689][  T785]  ? __pfx_kthread+0x10/0x10
[  597.846629][  T785]  ret_from_fork_asm+0x1a/0x30
[  597.848655][  T785]  </TASK>
[  597.850006][  T785] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  597.853332][  T785] CPU: 0 UID: 0 PID: 785 Comm: kworker/u32:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  597.856712][  T785] Tainted: [L]=SOFTLOCKUP
[  597.858056][  T785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  597.861653][  T785] Workqueue: events_unbound cfg80211_wiphy_work
[  597.864062][  T785] Call Trace:
[  597.865144][  T785]  <TASK>
[  597.866089][  T785]  dump_stack_lvl+0x3d/0x1f0
[  597.867505][  T785]  vpanic+0x640/0x6f0
[  597.868757][  T785]  ? ieee80211_tx_h_rate_ctrl+0x139c/0x1ad0
[  597.870663][  T785]  panic+0xca/0xd0
[  597.871883][  T785]  ? __pfx_panic+0x10/0x10
[  597.873299][  T785]  ? check_panic_on_warn+0x1f/0xb0
[  597.874937][  T785]  check_panic_on_warn+0xab/0xb0
[  597.876698][  T785]  __warn+0x108/0x3c0
[  597.878404][  T785]  __report_bug+0x2a0/0x520
[  597.880402][  T785]  ? ieee80211_tx_h_rate_ctrl+0x139c/0x1ad0
[  597.882919][  T785]  ? __pfx___report_bug+0x10/0x10
[  597.884790][  T785]  ? ieee80211_probereq_get+0x6a/0x290
[  597.886501][  T785]  ? ieee80211_build_probe_req+0x1eb/0x430
[  597.888358][  T785]  ? ieee80211_scan_state_send_probe+0x49e/0xad0
[  597.890385][  T785]  report_bug_entry+0xe1/0x290
[  597.892034][  T785]  ? ieee80211_tx_h_rate_ctrl+0x13ac/0x1ad0
[  597.893882][  T785]  handle_bug+0x18a/0x260
[  597.895111][  T785]  exc_invalid_op+0x17/0x50
[  597.896547][  T785]  asm_exc_invalid_op+0x1a/0x20
[  597.898095][  T785] RIP: 0010:ieee80211_tx_h_rate_ctrl+0x13ac/0x1ad0
[  597.900132][  T785] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 60 06 00 00 48 8d 3d 74 a1 a6 05 49 8b 77 68 89 d9 48 89 ea 48 81 c6 48 0a 00 00 <67> 48 0f b9 3a bb 01 00 00 00 e9 94 f8 ff ff e8 80 04 cc f6 e8 3b
[  597.906284][  T785] RSP: 0018:ffffc90003c7f588 EFLAGS: 00010282
[  597.908187][  T785] RAX: dffffc0000000000 RBX: 0000000000000005 RCX: 0000000000000005
[  597.910758][  T785] RDX: ffff8880132c1084 RSI: ffff8880730b97c8 RDI: ffffffff9098fb50
[  597.914158][  T785] RBP: ffff8880132c1084 R08: 0000000000000005 R09: 0000000000000000
[  597.917434][  T785] R10: 0000000000000000 R11: ffff888024fbaff0 R12: ffff888074808000
[  597.920179][  T785] R13: 0000000000000000 R14: ffff8880510f5e3d R15: ffffc90003c7f7e8
[  597.923008][  T785]  ? ieee80211_tx_h_rate_ctrl+0x1378/0x1ad0
[  597.925027][  T785]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  597.927042][  T785]  ? find_held_lock+0x2b/0x80
[  597.928602][  T785]  invoke_tx_handlers_late+0x1172/0x27d0
[  597.930487][  T785]  ? invoke_tx_handlers_early+0x669/0x28a0
[  597.932401][  T785]  ieee80211_tx+0x304/0x460
[  597.933864][  T785]  ? __pfx_ieee80211_tx+0x10/0x10
[  597.935507][  T785]  ? ieee80211_skb_resize+0x22a/0x630
[  597.937247][  T785]  ? ieee80211_set_qos_hdr+0xba/0x3f0
[  597.938971][  T785]  ieee80211_xmit+0x30f/0x3e0
[  597.940613][  T785]  __ieee80211_tx_skb_tid_band+0x2c2/0x720
[  597.942887][  T785]  ieee80211_scan_state_send_probe+0x34c/0xad0
[  597.944945][  T785]  ieee80211_scan_work+0x772/0x2080
[  597.946610][  T785]  ? preempt_schedule_thunk+0x16/0x30
[  597.948451][  T785]  ? __pfx_ieee80211_scan_work+0x10/0x10
[  597.950809][  T785]  ? preempt_schedule_thunk+0x16/0x30
[  597.953101][  T785]  cfg80211_wiphy_work+0x3fb/0x560
[  597.955269][  T785]  process_one_work+0x9ba/0x1b20
[  597.957385][  T785]  ? __pfx_process_one_work+0x10/0x10
[  597.959625][  T785]  ? assign_work+0x1a0/0x250
[  597.961604][  T785]  worker_thread+0x6c8/0xf10
[  597.963566][  T785]  ? __pfx_worker_thread+0x10/0x10
[  597.965726][  T785]  kthread+0x3c5/0x780
[  597.967461][  T785]  ? __pfx_kthread+0x10/0x10
[  597.969438][  T785]  ? rcu_is_watching+0x12/0xc0
[  597.971491][  T785]  ? __pfx_kthread+0x10/0x10
[  597.973488][  T785]  ret_from_fork+0x983/0xb10
[  597.975476][  T785]  ? __pfx_ret_from_fork+0x10/0x10
[  597.977656][  T785]  ? __switch_to+0x7af/0x10d0
[  597.979636][  T785]  ? __pfx_kthread+0x10/0x10
[  597.981571][  T785]  ret_from_fork_asm+0x1a/0x30
[  597.983668][  T785]  </TASK>
[  597.985756][  T785] Kernel Offset: disabled
[  597.987605][  T785] Rebooting in 86400 seconds..