last executing test programs:

14m36.556743977s ago: executing program 1 (id=453):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file7\x00', 0x800, 0x100)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file7\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file3\x00', 0xfffffff0)

14m36.449383999s ago: executing program 1 (id=454):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x5c)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x10, 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_off}]}) (fail_nth: 25)

14m36.169154905s ago: executing program 1 (id=456):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
dup(r0)
socket$kcm(0x10, 0x2, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x88002, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$sock_int(r2, 0x1, 0x21, &(0x7f0000000540)=0x5, 0x4)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$FBIOPUT_CON2FBMAP(0xffffffffffffffff, 0x4610, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_emit_ethernet(0x4a, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r4, 0x9, 0x0)
write$tun(r4, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x3)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)

14m35.009372244s ago: executing program 1 (id=459):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast2, @in6=@mcast1, 0x4e20, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0xfffffffffffffffe}, {0x0, 0x0, 0xfffffffffffffffc, 0xff}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x3c}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x2, 0x0, 0xb7, 0xfffffffe, 0xffffff7e}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x4000000)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x11}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r8 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r8, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756a85d86dd", 0x12, 0x40, &(0x7f00000001c0)={0x11, 0x88a8, r7, 0x1, 0xd8, 0x6, @multicast}, 0x14)
umount2(&(0x7f0000000100)='./file0\x00', 0x8)

14m34.008623571s ago: executing program 1 (id=462):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
clock_gettime(0xffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0x333, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)
ftruncate(r0, 0xfffff7b7)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r3)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf253100000018000180140002"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)
socket$nl_generic(0x10, 0x3, 0x10)
lgetxattr(0x0, 0x0, 0x0, 0x0)

14m33.518119625s ago: executing program 1 (id=463):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
open$dir(&(0x7f0000000140)='./file0\x00', 0x2200, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sndtimer(0xffffff9c, &(0x7f0000000000), 0x8000)
r1 = accept4$unix(0xffffffffffffffff, &(0x7f0000000040), &(0x7f00000000c0)=0x6e, 0x80000)
sendmsg$unix(r1, &(0x7f0000000340)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000100)="1c2aadebc9d0e6f0cddcbddb1bf5d89ebcacc616f5ebf4762502926dd5f046ba6271a367", 0x24}, {&(0x7f00000003c0)="f0a63c1812ea9951ad164519e75ede93748cfa501c1f00ca7434c9a6b46e5df137f558655da350f24ad16682665c78b8227195baad30d47b74032ff6a00d0f1f32c9e355adb8ab9b6974d7eca020cc2bd1113fe11b28fbd9e21a83906e63447756ddbcb89050773b292352f408f8e837551b3f9266731d676d7b6cbfc986ac4696eb2c716cb568f4ad754f21807b0c6e8b61200a82f1a3edd8aa97f54045911a366614cb9a43dccaa5169624", 0xac}, {&(0x7f0000000500)="76b5af8990bd19af684d6b67391d5d5af7e55cde269e0b58a1f69da3b8737f7d1e9709194c4483f96b31a26b766f3c476b5c8b6d9025f07a05b274a1f1a60da29aee512f11f9e8a9868afb702ba84b8b81d11736c19223", 0x57}, {&(0x7f0000000580)="d9e1fa59729a6e9972fa47430a224d259b4f4c641592da518b6c51dcf281a9123f287f15dc0b0ca6768dac87c50f7d839872e8e3488dc7539150a4cc3c86bcef3f5cb37b3ef533d36bfd9c7c15c7b48fb4039c4006d7e737e57beef92007786ed61513bea8bbc5d8eee61641f3444e9635a7f3e018f9fed3c028e04ab9cc10a6bf1fccce34201e59e319c3a13704f166ccef69fa476c43391448a42fa715346474eb9ca2694d1ae9bd9d13981629f810d66af7cfe9ab59877579530ea01548ae7765cc4f92679a39f93efda66fdce0a58487b744030bde52a94bfd1dd918b28460e9708fa300a574", 0xe8}, {&(0x7f0000000680)="17c1290d14e130b133c19f696e81555a80660cb738745f5e830902d71d676c0bf19f2b71e27fe08fa1087509973345fbddd48354b6b6a407ecd2071f7e6b22218940cfa5c63ced1348e5c3fcda833369c77d9ead392f5e89dece3d03ec5624be79bd83401f61e3c43b8deae5da10841087156674cbd4cdeafb1f994c733235970efaeb7bad377cca811c9af3bb305444b991e6", 0x93}], 0x5, 0x0, 0x0, 0x40000}, 0x20008040)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x3)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xa, 0xd}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}, @TCA_RATE={0x6, 0x5, {0x9, 0x1b}}]}, 0x3c}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
recvmmsg$unix(r6, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500, 0x8d}}], 0x600, 0x0, 0x0)

14m33.434946111s ago: executing program 32 (id=463):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
open$dir(&(0x7f0000000140)='./file0\x00', 0x2200, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sndtimer(0xffffff9c, &(0x7f0000000000), 0x8000)
r1 = accept4$unix(0xffffffffffffffff, &(0x7f0000000040), &(0x7f00000000c0)=0x6e, 0x80000)
sendmsg$unix(r1, &(0x7f0000000340)={&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000100)="1c2aadebc9d0e6f0cddcbddb1bf5d89ebcacc616f5ebf4762502926dd5f046ba6271a367", 0x24}, {&(0x7f00000003c0)="f0a63c1812ea9951ad164519e75ede93748cfa501c1f00ca7434c9a6b46e5df137f558655da350f24ad16682665c78b8227195baad30d47b74032ff6a00d0f1f32c9e355adb8ab9b6974d7eca020cc2bd1113fe11b28fbd9e21a83906e63447756ddbcb89050773b292352f408f8e837551b3f9266731d676d7b6cbfc986ac4696eb2c716cb568f4ad754f21807b0c6e8b61200a82f1a3edd8aa97f54045911a366614cb9a43dccaa5169624", 0xac}, {&(0x7f0000000500)="76b5af8990bd19af684d6b67391d5d5af7e55cde269e0b58a1f69da3b8737f7d1e9709194c4483f96b31a26b766f3c476b5c8b6d9025f07a05b274a1f1a60da29aee512f11f9e8a9868afb702ba84b8b81d11736c19223", 0x57}, {&(0x7f0000000580)="d9e1fa59729a6e9972fa47430a224d259b4f4c641592da518b6c51dcf281a9123f287f15dc0b0ca6768dac87c50f7d839872e8e3488dc7539150a4cc3c86bcef3f5cb37b3ef533d36bfd9c7c15c7b48fb4039c4006d7e737e57beef92007786ed61513bea8bbc5d8eee61641f3444e9635a7f3e018f9fed3c028e04ab9cc10a6bf1fccce34201e59e319c3a13704f166ccef69fa476c43391448a42fa715346474eb9ca2694d1ae9bd9d13981629f810d66af7cfe9ab59877579530ea01548ae7765cc4f92679a39f93efda66fdce0a58487b744030bde52a94bfd1dd918b28460e9708fa300a574", 0xe8}, {&(0x7f0000000680)="17c1290d14e130b133c19f696e81555a80660cb738745f5e830902d71d676c0bf19f2b71e27fe08fa1087509973345fbddd48354b6b6a407ecd2071f7e6b22218940cfa5c63ced1348e5c3fcda833369c77d9ead392f5e89dece3d03ec5624be79bd83401f61e3c43b8deae5da10841087156674cbd4cdeafb1f994c733235970efaeb7bad377cca811c9af3bb305444b991e6", 0x93}], 0x5, 0x0, 0x0, 0x40000}, 0x20008040)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x3)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xa, 0xd}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}, @TCA_RATE={0x6, 0x5, {0x9, 0x1b}}]}, 0x3c}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
recvmmsg$unix(r6, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500, 0x8d}}], 0x600, 0x0, 0x0)

6.569774806s ago: executing program 3 (id=3924):
set_mempolicy(0x2, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
set_mempolicy(0x1, &(0x7f0000000000)=0x80000000, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x10, 0xfffff00c}, {0x6, 0x0, 0x0, 0xfffffffd}]}, 0x8)
sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x9010, r2, 0x563c000)

6.510433432s ago: executing program 3 (id=3925):
socket$pppoe(0x18, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7fffffff}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
syz_emit_ethernet(0x6e, &(0x7f0000000600)={@multicast, @random="68d4e408348b", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "d65c19", 0x0, 0x6c, 0x0, @remote, @mcast2, [], "1bc69f22fc91abf7"}}}}}}}, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0xffffffffffffffff, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x202080, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f00000003c0)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0x490420, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec0}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r4, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80c01, 0x0)
syz_fuse_handle_req(r4, &(0x7f0000008340)="40cc941ab4aa96fd51c3eb9433fd0bed878c4eb65a6c9a34d399e028fc2b9525a7ecfb2703d2ef667b7d18359925b23f2be24565f34c5be0c09a4614f0f8a75421a203d90c3fea86d0260dbf7c8d103576369d41cec03ee49874bb4dac583f057cae854062c1f8c4804fd66ebb186378bd7ddeda44fcbed1d6f08114587af825cbe455edc76b7e584df23e1b687e64c282cbe4d817c75585b2210d16ae21e9e7ebcd9d24cb5da7f2b23886930fff52b894cb98a3df1b5f0cfb9897a779341245516f99762a0e84076898a9dd4e0cde0d027bf0d0e3e31d49889ec41b9afcf2c189cc9b6550e0a92405e6b8bdcad8c62943f632a33b9a7175a1e3233496cd198db540622a830375315b7161ff29d022a1ae818eb624e0ce41a59397b6110cb69f24ce80502273bc4d6755255f55376e93b1450b06c860f7ef0bb6e7ca1f3a1b84d865aa79e73b63d3a231b98940fc7db0214b342601045dd47d21590a3afa33ec57027599d99c0c821fd8ca530863c6903257483716d499c74d5b1517ab08de7e903bb6c2d1b2c2f37ed2187b6987352a0ba1ef57bf57a88ad2e6f8c0417708b68209b17650b94374819b4f31e14f5e07c2a1c85ff36b8ef773ce4fddc6d6009d005f1af96ddb3f9d549d1a13ba937696359bac6d5c81ff00f0b2d1880da685e8ccb448fee18ab2028bfd5357a67148e182a9de0684bc753f47673fa3f25d4cda2a6456113e3ddc6b948636e7751438bdf65073886b4a3333a574e7c113e58728c16a1b82b97ca2a749d3b5a28fd030b519e3f5f939e4e3dea4743674fa3d0a8eb6de6653d0073681dda7c2d93da2489f28ef7adec6c10bb6ad938d6145de0dbe7cb566e8d19701af9768b68d0746e8bb79a5b9d00574d0df1b0000c67f9e896d7c2d7f4b0a053a15456691ae3c5e480a61d5a0aa0f2c92828dc4e7097410dc56cc0e7afc96a9dd78b1dfa5754e52ac7fed1f4a7f368e9ddbe83ce9fc892054dbb648e22b20ec300e46493c0bf6294fbe1bdf395ff52bac158dd6b2738db2b9427a8b8874d8dad94cf32ece3906716808b3b18c60c6360f642499130178905834af1fceaa632baf2778cdfb4ea34515e1a6c308362c9e4ad7032b2eaf1b8759892c8fc79e97f0519ccb4f5236cef1f289a4b23bff65d7c52a450dee509e8191ba81b54846dae309e9c45d31004cc0674e85e881a2ed417cd86400dc58a65630fde08b19fee13cf267280e92b731687fbc3f0a6c8ac99fd8a7422e1fc899bee60d89f9f6dc44c1c13834405f55feee313ab2873447ac01f446cb2d31b1e958e320700b4e88e673ff35b4474d2805f1c0fea201357b00f47d5a9a0aeae06f813f038263b8241c4211bdb3b390f25f50b08732fe80f8ffb9b47d695b61e713d4a8dff9d2a10b12b71e2ae8a6511bfbc3ddc4e46ae247cb8165ac32ebef0fb00e28ea116527dd1909aa900074cbf551d7981bd5777ec215f12222f5c7aac125a3e31640c1bc75116c3b9e751e3ee943921d8e24d9fd231f96f0414f9cd75fdc54d9bf3decb11c8918da5128996595c1e763146460bbcd024f2350500301245e989b91b2dcfabfdfc9ac105e9ae8516dde14264e53148548156f98db0fd0a59cb89041275b8c25066c47217af8d1af99ca73fff07ff330c0279f66ad6ab45a93097de71819da054ee382d2ee8e066e5331f80b10ebe91449f22aadc842a8930612af3cb308ea061302a415c35097f227583db8a93b33be98ed222dbeb37a1090e8be2cb5b24a8afe3acef9e4fa0a9e455bdf0ab49a7db138a53aaceed0afc52bd81aaad25e6679f1a8f9168cd8603d615d8e150a5ce45e6cb7e493ccea705515a6b24e63b7a39eaf4500696c32d3a1eb7462fff57a20b2a0bd81c8752792cb9cfcd59819ad4dd5fef9e2e3701dd6ded0445c8d70c94c7753987cfeeb3c9bdd261a1c1333330a1ef9b1779b1e4b52a46a73794155ba12275d29a1b03c8d4a03d9c66741b615f2ab7599b13ae82e469e978f4234f3625af2fdcc978d2e694970302b85f5b539c5cd14ca1064c3de6b011bfa5703cf99bbc846cbbbe7d2cbe7acc5842fd89629e9cb513c5952bb5af9d9fb86cfef471f92b4a6ebaae744e31931b00d65c7b2a017787f5a25566e1d0978fec12271b4e9f9f68cf3819a2615abf3f7297c4f160322632538daeef33cf8b4b7ebd6bcab07da676e6f03942076b9d0bfa1611079c38001a17d7598465ddcd0a5c62de44de4b0a25863c369c5cd1ae77694545bd197853269bfe76a6ec7428d8e79c0b902fcf5195663a615cf5f2d87edf82f6df298a66680fd287d73b632edb5be35f28bb1f620101cd46d63c90d78484d89b902122f239399c816cf7a768d96f7558c1ab339124265db00d7bf8d22f2714f7f21a47ee40ad81ebf2693fe0b58943fea557006c81c381b6167c403c999b68c09dfc9599a92f3dc1a81ba1d548bd9aa7d2caaaf31e0c0d535628c0096928cc7f74ad4459920ed0d25e01592b2fb240d5547a5d0d89f1fc0d2c123789d827ba93b8a8eee48d90fc570282c83ff24ef348c3a00186c554fe5a2309ccfffc666288ac4960eed6a1284c7e4b868e028fd590a4bad8118eec3ab334bc06d6db963f3e297986fafdd275da864cf6c6043559e08f54f48bdd7a46bd63a1e8c6d66a82493186976e6c2507a32ee309d8fe47b0e39c9d7f6131d6491f568e30b4893670d99aa2e50a5661085409f376af8ecaa4d7e3323c4d0e014623e3e6146128a6b8f6f396788380c25494c1dae9d5e674ffebf496e1cd27c87d709fcc271242574a7721d608fff7a94d339acb9686d3c13f8e1c4f2f0b7c433a418a7cbbef61af31a60931e5624cb92fbbd63a82b9725d4c1bb59a5c74366b87a3c8e2985c2dd8119c28f0c72e5a2b08384b12c249397d97e79d54556351494f6973b0fd9488353c7cbb623cb69a8aea2a1fd2a76ca85965570aa574ab4d914f9c9aafee919ee8ec40baa63250173141a195155396b2fdcd4a7cc918efba25ec183bd10c36389bfa5b40c17b26df6b2925f1232d243593c65d09bf2d0e456c5e49ba9a7015c30468b87fd4ad8989092fcd85345b4b00ec14c5a7d5ad1a9092a7a4a0eb91ee08c40051e16b9562d90c87fd10580efd58c4a24926b2e80df9bb23b19ab4b358a5796bdf158f0d49ccfa5054ac02eaf26e35a66332414819f1b4e013703b931b1bbc6cdfbf3f41583518d4a74931e5955ed6f7f3414cd30998aa692d27df0cb1d087454e260d889d11c8478a1cf8d35dd571c6b6f3395d58f1dbe11ea49b5f5be4924e25e422fe0e929f0af7852586365222ed1f3766555ac297ee3042dfdc009564d8da044f0f16ba1e739d9de3cb0e43dfce40cb07b3bc52033e7dc3cc9f3bbe7d8175e35bbd9680b67cfeab04110e753bd4cdfb4258408bddc54c3fce13199aa81c62a66a9e03af7db8cc95312882a598950d7347e63c65c3bc54899c0b26d1402a3e3f2ec09aed066d2df1a7a1961352b49fb6e5f772dd2fb9fb9ef92ee557eb0de3cfbe115433016e5294949da1a0565d087c84e03f201619b6d2ecb76438df0f3106175b9e7b0a08fa06e6db21e5b0845011eb8c4f698b3cb89d5da31e3c07cdeb99c9d053dbed3f2b0801a4e336d07349d517caa0559f38e746441b25a52ff8f89d0c2944f23f1f8bea4b22332d24205a75033e6a51cce095643114e7e583d8f6512cc89203e253b46ad5995e6dd1709e7450c3357241c23c80364ff8d6657bf73182360de75a3b89808615c8a956651eca48cf1edfd01ff0afa8a8a943b1a890203808e2cb65f7d52ed72acb72f00f17181b15dba4ff1a437c73d2b76b81e95fb3a5a80d6db7755179ed22ce149e8a9707481e7ab0d92ea90f0dddea221dbdf561320cc6ddf645bb1ebc1d64792e380792fccc66b0815b18ed14aa60a6091edced1a0e79484fe39eeb2e27c8504da4b716b321ec3122beb9d5a8d4d3e5f61275bba74e654bf1784d109c5afbe2de50e4ae71d7ca1effaec9efbb6a5a6ca2af88c8e25187aab5f3e4ea3136895b5b932b39d5161af9e2528fb78d663dff99f3df99b65b7383267429c759d663beed772a332436614c7d0f7b83779779e5b31fa69c0cedd50dc9cbef355384256aad1c6f208eeb37e9d868e014efe1fa6af78c4941c84751adeac7a52635defadc20c0eff68582cb8aa9a63ab50ae7b0205bda03661731dffa188cb8273772268739c2a4676761fa00ac25391e0918e13b96147df2b4ee9f313dc7c9bd201c531606dba937b97288a49342857931d5a80c9580de7220f07bd4795de05a059740094b169214d346743cf4a47d2ae64509087a8bd3d5d75e1ee29e40b061873ee8369a95c95ba32a2b8505ed07363f81a2e6e0c220a2cfd60adb7d52436e8d5d0ab0b9ab1c0db91171adc46cc6c1a1a56f685a9c99329563912502dc597682af4bee83ea05cb25f5c50ebfef11776a68027b8cd900e40388025e8ba8178d386ace4a58fcf4be66ad437436b11223407939456395a97b49c3dd66f954532b37131f1e8b51f15c8032992e8e702bd63b1dc47ea517120ccf2796bdde6e11104e59459190fa5e64295cb411cc451cee7720588bf32104369d7559443c25b5cf33c1c237a0b4deb6c1c3be6f412e777265d95004ce970be140ac4dfe9c78616ca3fd58a81baca8f9880ca56aeebcda642cbd02d1e2aaca47bcd0b42ba2561e5a5db469979301831bf4521ef811475fce3f616105e490070b687a0821dac10bc35393fac12ef8551d6f26969c26964f5808ee0313df8698261c2259c1815357f4f979f5bd0d01a35c6471a4b3e3cca2024b669541f109a5bd198b41b6870cffadd2664ae0cc717782cbdd9701fd4587c2e792c760e9e1c5d70ffe5809681bab4359d9d484d88edf7e8154cdcfb9790bd0816502a9126aeba7b7f3b5cfa2b83785bcaedca1f5cf4a4633206403cd59f198a7b83ef8b147865b520e5a7dddab7a70729c9af59862418311d55f21bd1c4a95a13e3cb9b3f9f6a70e23719936e644ad4160a570d5ae8d81740c26f7a4d73d6c44642db4721f12b03b6806bdf796e401d643443ca4970231a9a6d16040db7427734ef00fac010447fa93834cbfeb048fda928767d19dd7b08df12eab64503a3da8fba080520d6a861ddafb0ffa06e044ff58e75e2a61ab6b7c906f5e75fe8e4e49f2727038d0e77aba83644304942e294123ad3fe7ca5558e7450047939e433f3f755d3ba2ed143758d6a9145430b4052ff243811bf5ef7ef8819c1c763eed4cf8c9322f2171c164e22289d09c12ef9e7fdd438693282611ad7d0265beb43fa1edbf1a697b06b34dce457eefabd4d739f365f297f5b5f5ecf8a582812eefcecaf9abd20e9b31dd8b56ff3c4876004771a8b05cb80bb54686d9a742000952cc8fbb15df5a87f7bb5ca90aba0565c5e77bc599f5ceaec0834c0cef79c2f304755b323ecf376da8ddafa6f2fb1d96069aa7f9457690b48ab7c61bb902d47b275d6a592a97460edd8f185ccbffbb13d5ccee3b01a3bc3cfaf6f282b345d9ccc46b0d02022ad9f8f4a9683c30bc11b49458dbf2a39a1571cbfcdbdcc97b858a64526d9aa22991cfeec5cdd2ef66eb08af6196d32a467c33f80a836dff62cfaa9398ccf323162317a42c0ba152532d6fce23d6c6ee763f30c4de35e686d66d9d3e152b05052f448048e54f9cef338972be620218389fe6daf2898f1b65477c353397cecccac6ec79bb9cf5eb50aefaacca332894ce30ba8d7ab05ee024bef5c181e0d8e6bb696f12f75cfe7a8f66f4b840e8792e97b7d519d23dfe7d1d0e775f575e9f33f492b706352bd55a575d576e6d84f7e7dd3457a9af3bff750614b839d09c4bd625ff3a8abb21b5e98d5239cacfc4aecafe9b7cf49c6ef32483b3a4825142114258b625db5fab325a89613d70a0d64140564edf60fb36531f1d910cfd28bbdc2ae2b346168613e77f50162b609ee42cf0221a0b3fa79f43cef18adb3b42dd0a9273ba98799e7e286e590f6cd68ae89815da714084c30f989c10b0c92bfe0c7dd9495ebf10184f88b95ac9eb01bb67665ea245070ee591cc84ad36d717b5ed9177656432d3ff39e255c4799bbce948c7c1004bd2d2593a8587776d15298a172be1c6fd523c5eef928179f55b08a11050b63a31fc874908fa7b8cf525b8e7f2c63848f132dbdd200c33fbfcba4c36814205368c886cfc22247adce88c473d287e93c9dbdf99773a92feb14e9ab87152350c22de0affc1320b5d3b9d6b9c974f8fb4aa592364bfe9180dde99196a79dd07ab481764f65eabb811d45c6441e60c08801f9dac784eaadd461a3b270397c0a511917367d0ce4c2fa072248152bdf93d57977828e8bebffc1fbebcaeb10831181c363ff793709100eba432cc214197fa9a40a47a353e2b4bd95822656d84d9ff11735ed08b0cf42c4224d0544f54190208884404e5d4b374bbfb884f76894cb0cbbdd1983aee8297d1c884143f45a63bead73353870e64ebe7da94dcd35d60ee1a68062e270a84c62967d782992ddc1565d57ec2357c98a5e9af0667d42aea0b0ec82fdc35555c3b617b7821ede4054e1ccc130643f9f20d7519c785567a55cd3cc484694a59d61ab7bda7001c995a48f06591f1024ccfbc8ac43045ac75007e277c7f6305a2ae66251c55f870b919010c4dff1d9a1233f61f7f2bbac1c6edf3e5c477375ba43e1fe36ac26507afd3a6db10dc0e23028435bcf2bbff41275cc43bf3047cb547b1d48fd3534efff3197360d25c0b473ea2fb9a5ce1a37d0792e840d91015656b814a696a652f9e2950f4e1d4c965669ef4637c685030e323811934228373ac8528727646c6c3925393ef3476565b36b906f0f0d1256aaf17ddcc066c17b81696a700fca8a3b0cadfcb3a277927164676933e20f342d94e00842ac7aaec8db7d7391d4310762e1dc1bc6170630af3db6f47a1ffeb17251b26abc65e58aef56f7e8f7974d23ef11f7da647842a26b0b829fc5784bd08bfb12cfa00733252294a1b473b497ff9e93daf4b48b728af5b4025bed25211c6a22ef20b1e4798c65c19bc36aed2f7fb62f7fa3571cdb19410ae86472cc132057ae659e4dfd9b92bcbdf650de1714a5e488690b7016e8526792c9e5fcfb328fccdb8dd0ac4bb88374269e2f6b4cfe6b13399790012f7de8598540048c754949178b76ede7296653c9a33b2cea4e5a0e9a2eeec50e8a0ac4b7c326c81383122e577cbc36ba015646de9dbd7c9f2a5239d56ac3702781caad65ce641d270592f0e1135a4deecbd7659b2233a92d552f147823d57029ca30bbfd2626b4be518cb6ffcb76a82882f520b45d26e07196a83ff467ac152969d81bc2603c45a675419af024e705bb0bf9a585dcb3cf015bf6c3f91dd8d426fe5f1f49795d2b120ea5fd7ce0427aa4a10d6f4e4a09c61205dca43b496244017ea6a9f0a460bb9abc89a8d51ed4dc77246421ade6a74a0feda684212143092d5457baa2e189f2198b5a1900abd970ede7dedf82c1bcaf484dc09116d86d1de0702baa5c1549de90623eba1830a776cf5d76f05d14c82203c3216f999189b05a98372636facc7e88b9791903aca4ba09cdbb51900c3f431110b8461e57ad546dc72717fb5287ec3544f86c71a5e3f1f53513cb04bc8679c4beabe4eac3a9699c0b176ebb05127ae1f4da3223ab5ce7046cf367f5c678aedb22bef8ef2404b49b70e85ad420ee95ef7fa9fee9e6e588d6902b549d2bcaac5470007ca79e209ba7329e6b09ec45e6b1118f2457d9261b80a0ad28fbc6edefff441608de59fc0991abd2bdad053e84e510b64ff6eeb31faae70896ffe88c5853e7e079baccf83955bac7d02c30856cc25abe327f34f1e4116079794f4396fda6b08af8acda9f8dfb5f72d393841daad5696a2bb406f81e025afd906bf8d9b4cbc0e2f5e998d4fe92aa77b8fa46783bee16e3791eff2fd7aef52bf3e42c4bab959c5f5da16cb814d0f11f22e459f23b3e439f8522ab275aa0254a9c3e9a82f33834af0ca50836e520721e6c5144c013ee0d07c36f60b09092025fe111f631fcc93b02756111706a710e30aa2a1b8e8c31ee511674ac5abeb6f2b7c7f7919c8dbf42b97f69ad570c0aa13d90220249f1b2e661e19001ec0e667f97398d3d95733ce02608472d4a50e5b05baa4e217bab408cfb15d35401248b86cc861bd3e5b01b8e50abb6a203dd888203cbf63c2d33ce9482d09da1d2b3444e5f4cace0ff87c8b91eb750580917e27180c3f3ac6ea80b4bae07d9ef55442e09cfc01e9c4a2fb0b20ea574174afa9ca803ed35cbb373715568b713be744b23f7cc259ea2908829959a059b61095c2b05b0cdd56d1f6436efb660097adca5fcafd0a2e4a0093a89ffd4b65d8fc908cacbcfa7b18878125677efc83c4d7f054397637b811a67c3d7107da054f8100a29ca2995dbdd74bab54255062205cc7a382c60c0b66a5fa09ce934706d2200c886dd0ab21a7f7dd2d1b8ae2a254d9e4c421d6d424ca97b0eaf5ecb4ba5396a881a7eed523e9fb77767171349b3a3144ebcd9175171c6cf57cefe84eb39d7099d9474e1a0a60969d52fc48d3a929b2bda6db4d7a1f7c0e882a4ce11296fbe3d7ae6e2b96938f1c6b09857dd7691767389b790997b89e09c6eed21538d60d5f8e7ef00c67cc55d20303f670105932736f5e2a53e03d5c223075b52ce22840cf7c906eac7f855240e53e2e7c71a3a8d451abda57fff116b6ac515c1e8623ba908d8046f826327014bdea4f32a89bc56adcb62c75b3a9f8a3d43d2396cd860104c12b0ba4f5dc2f95555dabb8a9ba084cfbf0054be0dc227880a5615a0f773da1a9d6b584f441aa8a59ee33c6f561b957da0edd079484c9c73b60681c554335b32bfbf608abe870dbd6a1cb7213aac55c9fd8b795fff49709b80b36a8c755b240e865ded84426dff5200451f15f9979495bf8f4c3bd93243972917e944f6e7e9a8357bab44f9a341b29a6905b0a12a5ccda4f97e1c47a6ce640390bf6024a3dcc6593a133be79d058cddfae93626e261fa836ebb87e150ab0d3bbf9012b7a79705bf78e571343f03f5f19bdd226cc456c03b18663673d854acd70c019f177243a4288c3d6872ac80147611c3c9c15190ed36e1d430a0007230fb90b2999ea007504a7466b5910653feaf983bf18097d55c6f097cdfeeff52817fea74c026fda9e1fbc5b022937be18bbffa0d75aa724f7f174c3bfa33e523e32e9db8f2cce5e59d476cbd782bd0c5aeca2df64901a2b261765622dc0bd8eed1947b99587633bc60f3c8b50e3bdcbe2a51c30870af7b279e46b3bdae3aaccca0efea7a8f821c985c1b9c99fe5559b01569e2c61369438536ea52e8ed91a31f5062f8345155da95e5e722e7d15ae75e45cc1aa40814c8b82a83325265acae6d5d5adc7fd46ffdebff8ff7505c2eebba803d004ccaa553d27172734f8669f5288599c0ac06922a02d0a61ed1cf6f649f04452fe977318ee5cd5cb825b8f25349ef0298655029964978dd37a851f6fe20a3706291b72dc6d7fc33f0b3698b53295b5901675d758c8e9e625ad07434130ea66467b28efbb342c49ea044b033fee6a7a081e26fb0537a288486cf9f213430028722c841af2293b1ff0fc8f718b60e0881039acfaa11eec41130a67f9e052e43ab4f0635f8fa037c604786c3d16265c881666300e38995c40a9e0201c8e3526a832c5ad0ab17993849ec16e24bf1cc661ceaa71a46c47645f54adca6749f60896c191a6ffdaba493706082e61acb82def836a7196438d73f8770b695d2ac016ea279f1796b0493aa8edb33298e7183e497274442b18efc08ed1db8492aaaa7c2ee9f714e31eef7a6ca253a19763dc9a395048f0e1b0d553e0770f30d56f7df26e9ebce8b328b90cde798be8aa2a10b5c620075495fc5cb96751961e7a88f491bf73624d322cc4ccab6c891434d89bfe6b36506ca003f586b50db08b75cb4135db8644aa3c14141b10958b6709f93652c923abc67e2b773de2665c559fe6cb4bda1bcf41b667f6e5dce8d10957ff186ad2e20102d32a2dbfe41116a193eb2ee25c28edc0d723309ac11469936e6ecc681083c1f26b691b5e1a4066541b310a096941234a9bcf925ec9b1826e87e6271f405067190a3ba0b985b266fbec3d8f5d4a101a756948bd71ef2451ef1419f4cf1591c0973960360af4728d988823e87ecc65d3aad8637c5e65bd50b4aec49fa09bb22f0c629c7d3dec9b1f69500d48395be390da3d7d337d8715ad59fbbc355390269bf3e891e8a20c537f4ec755c21495caecb1a9d32363e0ac4a0caddd014e2dca33db6fd249cf3e9889800a8ed8d04159ddc3858e60db4247694fb0aa5a315f51db4743a0bba1fe8b1aaac6ec037d68f24f2e92dbab4a6ced9cf51ad27c70dbe081a6aa8f41ed0b89e0245a88e97eb14e1af0ce07567799e86c19e18255a8ea6a5fe8c61ed5c8d33e0e5bb6b17ee4ea3d07ece494a42b4f16dfe7df7c119219a2fe1debaabbe371d4297c5edaca61d440b3b6a8ba6366cdfe1e9402029a1773b05018bdf2950e1bdf546e6d5940acf1db3edb58b303ca99b5d0b257a4fa5a3d66d788171fd7cbb31377b7fe94dd36723d592ee72ce5b443f4c98116083b37ccc655271dcaf12bf4827efa74bbd31f7b3f4e32b421dc819fbf961835ef840b970a0f17ca9993a235cc20dca75849303814df26fa5f4cb671823a10e3e72902209a4abf745ad2515241883eaf3eacc8d01c3a9e700cbd9a1b7a73b4c4e791c99d6046d51aef95129c02fc077e0f643be44e2db3c36f4bfd49949e24fce67744a511babaf4b39e1b755a73e1e522b8212f2f148c0cea39e65e6e950854fd14381885f386186bc28681ab7c6fceaac7ebade8f4a485e28098cc42ed717b6745ad53d54396e0c66a5787e4afb28f30e4e6405181374bee9d66227562c2dd39c15120c3cd9a4464011e1b0009ebe361ae639b60b16357b97e918d35820fae25a42d86d956635a87e66b76bae0a5bea5657557e73bce6fdb3cd05046619314798ae8b14bd68792fa2cc0f42d581e4c1e5e40617ab4e78b46f8095f9670cfa136f8e4f2572141b3779d395180fb8a2e3c2084e5b164883cb7d85966ffab83fad4823cff7c00233058beb9fd9ac94b1a870c37947a21f0b84e5385bed60f99e48f4d81f628298d961d3e8a85d324a8b3d5c6c89e72e53039658ed052de9a249c4f6417730a76583cc88c287179096bf4686a7d2a57a49651b3a63f642e9087324b2ba3cc3f8f9f23c7cf9c12ac6747fa64e5f6fb6ec6019e473e044ff3fe8144d4d9df50904a574621b7609430d119745c1eab8e38a0b22ee89f5034eaf7e96804f3c806998ead1e039cf075b6b1d0da7887786e4a9fff1dbdfea459954ee2a848bcd935a80fe9c104e958afb4b4deec55167cc3e0172f3aa6c4c676d4dfafc336789bb748f2dc075312ab1cd74e7f647e7d7b124b86186e992be12e1b1201925963ed4b4ae882432de3ccdbe5ea104fcdf3fd7c3daec4550cea4e6983b2ff2aae929331a391ec9a4be09941efb2a6f22dcf75a6d55", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.958397198s ago: executing program 0 (id=3937):
unshare(0x4a000200)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='GPL\x00'}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@random="4be88fa3027b", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x8, 0x3a, 0xff, @local, @loopback, {[], @echo_request={0x80, 0x0, 0x0, 0x71, 0x7}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x469, 0x60000000, 0xc0fe, 0x0, 0x0, 0x0}, 0x50)

4.617905351s ago: executing program 0 (id=3938):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/profiling', 0x2, 0x184) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) (async)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x20) (async)
mkdir(&(0x7f0000000000)='./bus\x00', 0x1) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) (async)
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(r0, &(0x7f0000000000)='./file1\x00', 0x200)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000180)={0x1, 0x0, [{0x207, 0x0, 0x100000001}]}) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x202042, 0x0) (async)
fanotify_init(0x200, 0x0)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x88041, 0x2)
llistxattr(&(0x7f0000000740)='./file1\x00', 0x0, 0x0) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
fcntl$getown(r4, 0x9)

4.479478476s ago: executing program 0 (id=3939):
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0xfffc, 0x9, @mcast2, 0x26}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x1, 0xfffffffc, @rand_addr=' \x01\x00', 0xe79}, 0x1c)
mkdir(&(0x7f0000000280)='./file1\x00', 0xbc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newtaction={0x16c, 0x30, 0x1, 0x0, 0x0, {}, [{0x158, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_csum={0xe4, 0x15, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x76cdbd19, 0xd, 0x80, 0x40}, 0x7b}}]}, {0x99, 0x6, "5fbbe6b7f68c9d4a67d752d0f83c4acd4614487249ca37f5936b86d89a6f3aec4fdcb87972ab49f7394a94a9c19905d2d5283f169f8d9baca21a6f8123cba367c774e3b5ba1df2e918fc19342ba0ee08da59900c9233f31a86df1b370a74c00d4324eddb0542320a266daae477c89a66332a55d20b0b52839970d7d3ef668de2b598cdebb62e6026efaadbaf31ce6eb06919c8c88e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x16c}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
userfaultfd(0x80001)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CAP_X86_DISABLE_EXITS(r6, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0xe})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r6, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x6, 0x1, 0x2, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x1, 0x4, 0xd, 0x20000004}, {0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0x5}, {0x10001, 0x4, 0x9, 0x0, 0xe, 0x1d, 0x10, 0x5, 0x2, 0x0, 0x0, 0x0, 0x20000000000000}]})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000380)={[0xf, 0x3, 0x4, 0x1000000000000002, 0x102000000000002, 0x8000000d, 0x2004c8, 0xffff, 0x3, 0xffffffff, 0xffffffffffffffff, 0x7fffffffffffffff, 0xd0b, 0x4, 0x2000000000000003, 0x5], 0x80a0000, 0x4284})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_usb_connect$printer(0x5, 0x0, 0x0, 0x0)

3.420751665s ago: executing program 3 (id=3944):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, r1, 0x2, &(0x7f00000003c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRESOCT=r0, @ANYBLOB='\x00'/20, @ANYRESDEC=r3, @ANYRESHEX=r5, @ANYBLOB="000000000000000000000000000000000000000000dfffffff000000"], 0x48)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006880)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r9, {0x4, 0xa}, {}, {0x3, 0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r9, {0xc, 0xc}, {0x0, 0xfff1}, {0x0, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@empty, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x0, 0x80, 0x5c, r9, 0xee01}, {0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x100000000000}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in6=@mcast2, 0x4d2, 0x2b}, 0x0, @in=@broadcast, 0x0, 0x0, 0x0, 0xb7, 0xfffffffe}}, 0xe4)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)

2.717722964s ago: executing program 4 (id=3947):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = fanotify_init(0x200, 0x40000)
fanotify_mark(r3, 0x1, 0x8000018, r2, 0x0)
r4 = syz_io_uring_setup(0x497, &(0x7f00000004c0)={0x0, 0x465e, 0x400, 0x7, 0x31d}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITE={0x17, 0x40, 0x4004, @fd_index, 0xf, &(0x7f0000000bc0), 0x0, 0x2})
io_uring_enter(r4, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
r7 = syz_open_dev$loop(&(0x7f00000000c0), 0x47ffffa, 0x122842)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000000440)={r1, 0x0, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x13, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c18e8438ef2a565ef1e83323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a019363e8772fd29f35239d200", "24431a3977a68e174f005e95ac6a00"}})
ioctl$LOOP_CHANGE_FD(r7, 0x4c06, r1)
ioctl$FS_IOC_GETFSMAP(r7, 0x4c09, 0x0)

2.628912257s ago: executing program 2 (id=3948):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00')
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x13c, 0x10, 0x1, 0x0, 0x0, {{@in, @in=@multicast2}, {@in, 0x0, 0x32}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0xfffffdd7}}]}, 0x13c}}, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
mount(&(0x7f00000000c0)=@filename='./cgroup\x00', &(0x7f0000000100)='./cgroup\x00', 0x0, 0x2000, 0x0)

2.569804761s ago: executing program 2 (id=3949):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000200)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0)
read$FUSE(r0, &(0x7f0000008340)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x22000100, 0x0, 0x0, 0x0, 0x0, 0xf5}}, 0x50)

2.388010851s ago: executing program 3 (id=3950):
r0 = openat$ptp1(0xffffff9c, &(0x7f0000002180), 0x20001, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7020000c3000000bf230000000000002703000000fefeff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400011000000404000001007d60b7030000000000006a0a00fe800000008500000026000000b7000000000000009500001000000000acaa8e53a53cb864c300094c07000000000000d94cf0987b00a749a8e53b5c9491cd1f2b94a64f1de23d03a8f0362ebfc44c77511e60070e25510070f7778d3e77ad85319f0113abbac795f8c24abca246150226eb93fe39233add8f68f87699162334343befce832cb8075c5f0ae30cde221371ff00000067e4b75da95370ae6fd2b99ac18f98403494d4a94e95fb8dcd813487b2bdb006c6465c15f04485a9f8c8e49d00000097184c8e9d34b1e382b25e9614634e8e09194f7b83138f5275d9ab463797a2f6dcb45d5f278cd4fb74559575da3560c01cdf1eaa3fc7a3fb4f1689dfd5b626174770e4dfd1c82a694efc62f9ef9c8c0ea1efa5b949ce22827f6fd1dfc69d03482d8ec20bc22573f8594b91781cd8ff7f000000000000299ebf94588e60abe9a565c5bbdc0358226f8580dc1a83c6a44408de23475a74ef0deda8da4089269ccb4e728dee6320444576c87cc576291e5367a5f1a5d5a12f8313ffff0b7f73335279aa2b68c9f045831119881764c71bb65b5138c50e06024e80fd9656bc077e4e259695748989335ba9eeef288de73815f20fefd4acfb6813ffff00000b971aec1a3e618a08a94ecbd401c8109c87ee3f5c0501857538d2a766bfcf4128fbe726903aca577aa8943af747760718dee5a21396dce6f61c6f3c7e000000cb0868b48719e47296f2299df3ecfb5f3f0e42f6f1eb1dc64dcc8e397366d12033f6288edbda3b838100000000000000000000800000edd4e1266dc9d73223fe614f025a7f284de76b3b676a13c57a0ed24f6270c4cbbf93472eb8093d8296c68dfbb03ddedc3e029b08959b145a7b110068ba071e75d75716243052ad24b624fddc2f0f3a018c0085c2319c248d643cd09fa855b20a6d453f2e954ff0e55c010000008547c5a0ecefcc44cc9532f729167f215937357a4bb9746193c1ec000000000000dd43c108c2109d221b7b26b7c9c209000005b7918a6cd856b8fa806c85480443159c6bed51a0e021f05f7caa1b99cdb4d08d9031210ac00e67d8c40a18503cb7aabcc066dfbfd7f87abe1122f00e5454bec3563a19582e0000000000000000000000000084b27fc6a3f95bf02b4eb5f1599dd46edcad432cc216316fe07afe27649c89cf022a90d895a2d70fcde7a9c37ede0c47c27f44595ab4b1fb1ed5b1d91314b2d50f94a768fb605679485041a6376b8344a39af68aed2be39794dd86ae82f9660cf4f935255d71f9fab2e430ac42bba1f54141cf39d4d50c4ded504beacb0de210d7a3716dca7362c134b91cef3efc514fbcb4747e6814ac16449ac02a43d9d4151697b4b7890ec6b481c5f0ca8c52a6322f34a796fa5941d23409ecf73458223baaffb94a89ee2884df00000000000000739370d8dacf8b3ff4049711"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x36}, 0x48)
socket$kcm(0x29, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r1, 0x40000f0, 0xe40, 0xffffffff, &(0x7f0000000280)="7b5515ccc8bca12641e65d58fd1a12f639", 0x0, 0x8001}, 0x28)
ioctl$PTP_EXTTS_REQUEST2(r0, 0x40103d0b, &(0x7f00000021c0)={0x100, 0x2})

2.384582673s ago: executing program 4 (id=3951):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x81, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r1 = syz_socket_connect_nvme_tcp()
fgetxattr(r1, &(0x7f00000001c0)=@random={'os2.', 'fq_pie\x00'}, &(0x7f0000000280)=""/67, 0x43)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x90}, 0x1, 0x0, 0x0, 0x810}, 0x0)

2.240026633s ago: executing program 3 (id=3952):
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
userfaultfd(0x80801)
r0 = syz_usb_connect(0x5, 0x46, &(0x7f0000000780)=ANY=[@ANYBLOB="12010000e75fcc08c0070515c5b8010203010902340001000080000904ba00038e4ee2000905000000041a06010905010300001007c109050c04400006030f07059acbf5"], 0x0)
syz_usb_control_io$printer(r0, &(0x7f00000003c0)={0x14, 0x0, &(0x7f00000002c0)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, &(0x7f0000000000)="93", 0xf5)

2.23947328s ago: executing program 4 (id=3953):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000020c0)=ANY=[@ANYRES64=r1, @ANYRESDEC=r1, @ANYRESHEX=r1], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x8881)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r3, @ANYBLOB="0200000000008000800012000800010076746936740002"], 0xa0}}, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x12)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
remap_file_pages(&(0x7f0000299000/0x2000)=nil, 0x2000, 0x0, 0x5, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x3f, 0x2000, &(0x7f000078c000/0x2000)=nil})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}, 0x1, 0x0, 0x0, 0x48050}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = getpid()
syz_pidfd_open(r6, 0x0)
r7 = syz_open_procfs(r6, &(0x7f00000042c0)='fdinfo/3\x00')
read$FUSE(r7, &(0x7f0000000080)={0x2020}, 0x2037)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, 0x0, 0x0)
sendmsg$nl_route(r5, &(0x7f0000002140)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.689425912s ago: executing program 2 (id=3954):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[], 0xbc}, 0x1, 0x0, 0x0, 0x804}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'ip_vti0\x00', &(0x7f0000000640)={'erspan0\x00', <r1=>0x0, 0x8000, 0x700, 0xffffffff, 0x8, {{0x2e, 0x4, 0x1, 0x0, 0xb8, 0x67, 0x0, 0x0, 0x29, 0x0, @rand_addr=0x64010102, @broadcast, {[@noop, @timestamp_addr={0x44, 0x3c, 0xcd, 0x1, 0x1, [{@empty}, {@multicast2, 0x3}, {@multicast2, 0x8001}, {@empty, 0x5}, {@remote, 0x1}, {@empty, 0x5}, {@multicast2, 0x7}]}, @lsrr={0x83, 0x1b, 0x49, [@rand_addr=0x64010100, @local, @local, @empty, @dev={0xac, 0x14, 0x14, 0xe}, @broadcast]}, @timestamp={0x44, 0x2c, 0xfa, 0x0, 0x9, [0x7f, 0xbb8, 0x3, 0xfffffffa, 0x0, 0x101, 0xdc28, 0x8, 0x5, 0xa7a4]}, @noop, @cipso={0x86, 0x1a, 0x0, [{0x1, 0x4, "85fd"}, {0x6, 0x8, "4c40ebebb360"}, {0x7, 0x8, "5b03a4a64f23"}]}, @generic={0x86, 0x4, "2faa"}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000003c0)={'syztnl1\x00', &(0x7f0000000300)={'syztnl1\x00', r1, 0x2f, 0x77, 0x8, 0xd47, 0x2d, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, 0x1, 0x7, 0x47d, 0xfff}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8ec, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x8901, 0x400, 0x14, 0x2cf}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000600)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x5, 0x12, 0x0, 0x3}, 0x9c)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r9, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r9, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r8, 0x4068aea3, &(0x7f0000000400)={0x74, 0x0, 0x50})
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000000000140600fe8000000000006eed0000000000000000bbfe8000000000000000000000000000aa0000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500200009078ffff"], 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000900)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6000020000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a69a130ed3b1d3617884d914f4271e52ad2ab3510fcf25ed59c0544228ea4ce136b43173201de9f2203acbdc95859250a30ef94b34020825ac870cf5b912499a3b08a9de0023f2855b09cc8a181c144aa7696634d16fb0e638b3db8a980bc0a7ec91caf50581dd2ec1cef5efb6759bb538a7e1651fa8e43a4cd397760e3e8ba7345214cc44869ec5c433db1e7759c4fb0e897488046207fecfc9589d7d77ae7965a5070114602a2ca9d7fdd959d49b182329a248e51e82b8f088c343b8d346ee5e42beaf00b9b220b9597b77855d094fdb03be75e00b20b518080fce79b6a7562e696f13e90cc594f8b9ee0e2daf5021b06969135c7444afd0b870c39ed026df00288b701ddc9a8043a82f56908a61d79ed017e65628a1a901ee4c417add7b19a2d314e4e46344c710c15e308a94fdf44cea200363b7ca8c5a7feec348fe3a5daed452f4d56f173ceab79ccfb6b2e21d05"], 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x94}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x24, 0x2007, @fd, 0x800, 0x0, 0x0, 0x18, 0x0, {0x2}})
io_uring_enter(r5, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1.309190222s ago: executing program 4 (id=3955):
r0 = socket$packet(0x11, 0x2, 0x300)
syz_pidfd_open(0x0, 0x0)
prctl$PR_GET_TSC(0x19, 0x0)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000080)={'ip6erspan0\x00', 0x2})
gettid()
r1 = socket$inet(0xa, 0x801, 0x84)
getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000000)={'nat\x00', 0x0, [0x80000008, 0x21ff, 0x9, 0xffff7ffd, 0xfffffffe], '\x00', 0x700}, &(0x7f0000000200)=0x54)

1.019675288s ago: executing program 0 (id=3956):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100), 0x28041, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x5)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x18)

950.873724ms ago: executing program 4 (id=3957):
syz_emit_ethernet(0xbe, &(0x7f0000000240)=ANY=[@ANYBLOB="aa"], 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b9090000000b01000000e8fe55a1180015000600140000000012080004003e000000a80016000a00001c06000200036010fab94dcf5c0461c1a6ced67f6f94007134cf6ee08000a0e408e8d8ef52878516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d95322fe7c9ffeffffff16a4683f1aeb4edbb57a5025ccca9e02360db70100000040fad95667e006dcffff951f215ce3bb9ad809d5e1cace81c639df2d04c343eb7a9db9596bb727ed0bffece0b42a9ecbee5de6ccd4", 0xd8}], 0x1}, 0x20004880)
fcntl$lock(r0, 0x26, &(0x7f0000000380)={0x1, 0x2, 0x5, 0x7})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
read$FUSE(r0, 0x0, 0x0)

830.512345ms ago: executing program 3 (id=3958):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x145, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
shutdown(r4, 0x0)
close(0x3)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x14)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000000c0), &(0x7f00000001c0))
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, 0x0, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x3)
write$uinput_user_dev(r7, &(0x7f0000000080)={'syz1\x00', {0x3ff, 0x3, 0x4}, 0x4d, [0x10004, 0x6, 0x9, 0x8a4, 0xfffffffe, 0x2, 0x7fffffff, 0x80000001, 0x4, 0x1, 0xfd, 0x3c6, 0x7, 0x7, 0xf70, 0x3c04, 0xe7, 0x4007, 0x401, 0xbc5e, 0x7, 0x1, 0x8, 0xffff, 0xe, 0xe, 0x10, 0x20000000, 0x15098855, 0x6, 0x2, 0xfffffffb, 0x6, 0xc, 0xfffffff7, 0x4, 0xe79, 0x7, 0x1, 0x1, 0x1, 0x4, 0x401, 0x9, 0xbdc7, 0xb, 0x1, 0x9, 0x3, 0x1, 0x6, 0x2, 0x5, 0x49, 0x5, 0x9, 0x0, 0x1, 0x1000, 0x3, 0x2, 0x6, 0x7ff, 0xb8547353], [0x4, 0xffffffff, 0x4, 0x5, 0x7ffffdff, 0x1, 0x550, 0x6, 0x2, 0xfffffffc, 0x10001, 0xc, 0x36, 0x4, 0x6, 0x1, 0x9, 0x98, 0x8, 0xe56d, 0xa4, 0x9, 0x99d, 0x8, 0x0, 0xd, 0x10001, 0xfffffffe, 0x6e38, 0x8000, 0xa, 0x6, 0x3, 0x0, 0x5, 0x7, 0x4, 0xd, 0x9, 0xfff, 0x4, 0x0, 0x40000040, 0x1, 0x8, 0x5, 0x8, 0x0, 0x34f1, 0x1ff, 0x4, 0x1b2c5a97, 0x0, 0x9, 0x8, 0x0, 0x1, 0x1, 0x6, 0x6, 0xac, 0x2, 0x54, 0xcfb9], [0x5, 0xdb8, 0x9, 0x4, 0x2, 0x200006, 0x5, 0x5, 0x2, 0x80, 0xfffffffd, 0xc8d3, 0x33, 0x9a45, 0x0, 0xee40000, 0x1, 0x1, 0x4, 0x69d, 0x8, 0xffff, 0x0, 0x0, 0x40000008, 0x2, 0x4, 0x800, 0x7, 0x9, 0x10000, 0x0, 0x1, 0xfffffffe, 0x3, 0x0, 0x4, 0x8c0, 0x9, 0x2, 0x8, 0x7, 0x6, 0x2, 0x81, 0x8, 0x1, 0x55f2, 0xdf46, 0x1, 0x7f, 0x9, 0x8000, 0x40, 0x3, 0x2, 0x9, 0x6, 0x2, 0xffffff00, 0xda15, 0x82, 0x3, 0x10], [0x0, 0x897, 0x8, 0x246d, 0x6, 0x101, 0x7fffffff, 0xd, 0x7ff, 0x606, 0x5, 0x9, 0x80000001, 0x2, 0xb, 0x2, 0x7, 0x1, 0x7, 0x8, 0x7ff, 0xffffffff, 0x0, 0x2, 0x6, 0x20c, 0xffffffff, 0xa18, 0x61c8, 0x6, 0x7ff, 0x101, 0xff, 0x7, 0x9, 0x5, 0x7, 0x101, 0x9, 0x3000000, 0x20e, 0x4000006, 0x7, 0xfffffffd, 0x9, 0x1, 0x4, 0x100009, 0x100, 0x8, 0x3c, 0x1000, 0x3, 0x3, 0x15, 0x8000, 0x7, 0x81, 0x8, 0x7, 0xfffffffc, 0x4, 0x6, 0xeff]}, 0x45c)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r5, 0x1e, &(0x7f0000000040)={r5}, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = openat$ppp(0xffffff9c, &(0x7f0000000540), 0x800, 0x0)
ioctl$PPPIOCNEWUNIT(r9, 0xc004743e, &(0x7f00000005c0))
getsockopt$sock_int(r8, 0x1, 0x9, 0x0, &(0x7f0000000040))
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="180000002e00010026bdf000fcdbdf1b04000000040010"], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
close(0x3)
syz_usb_connect$uac1(0x3, 0xa2, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

618.081463ms ago: executing program 4 (id=3959):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, r1, 0x2, &(0x7f00000003c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRESOCT=r0, @ANYBLOB='\x00'/20, @ANYRESDEC=r3, @ANYRESHEX=r5, @ANYBLOB="000000000000000000000000000000000000000000dfffffff000000"], 0x48)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006880)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r9, {0x4, 0xa}, {}, {0x3, 0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r9, {0xc, 0xc}, {0x0, 0xfff1}, {0x0, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

80.434437ms ago: executing program 2 (id=3960):
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000000)=""/197) (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x1000)=nil, 0x1000, &(0x7f0000000080)='\x00\x00\x00') (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff7000/0x4000)=nil, 0x4000, &(0x7f0000000040)='--\x00')

80.231579ms ago: executing program 2 (id=3961):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000010000100000000f5ff0000000000000a34000000140affffffff00000000000002000009080003400000000a0900010073797a30000000000c0006"], 0x70}}, 0x0)

78.789679ms ago: executing program 0 (id=3962):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x18, 0x2e, 0x9, 0x70bd27, 0x0, {0x4, 0x0, 0x1615}, [@typed={0x4, 0x19}]}, 0x18}, 0x1, 0x0, 0x0, 0x42804}, 0x0)

279.532µs ago: executing program 2 (id=3963):
socket$unix(0x1, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xd, 0x0, &(0x7f0000000280))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x1c, 0x0, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x100}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc004}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRES64, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)
ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x800, 0x11c, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r4=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x200000, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0xe, r4, 0xfffffffe}, 0x10)

0s ago: executing program 0 (id=3964):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001200000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
socket$netlink(0x10, 0x3, 0x15)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000000c0)=@getlink={0x24, 0x12, 0x18efde40b3708357, 0x0, 0x0, {}, [@IFLA_PHYS_SWITCH_ID={0x4}]}, 0x24}}, 0x0)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r1, 0x0, 0x5004)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
close(0xffffffffffffffff)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)={0x18, 0x2e, 0x9, 0x70bd27, 0x0, {0x4, 0x0, 0x300}, [@nested={0x4, 0x1e}]}, 0x18}, 0x1, 0x0, 0x0, 0x42804}, 0x84)

0s ago: executing program 4 (id=3965):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_pressure(r1, &(0x7f0000000280)='memory.pressure\x00', 0x2, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sendfile64(r3, r2, 0x0, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x3, 0x13, &(0x7f0000000500)=ANY=[@ANYBLOB="180200008677000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c0000008500000006000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007500000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0xe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0xe, 0x0, &(0x7f00000004c0)="0000000000000081d5c7f80c857d", 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=r5, 0x35, 0x0, 0x6, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], <r7=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000014c0)=ANY=[@ANYRES32=r6, @ANYRES32, @ANYBLOB="30000000eb4b1e9991d601000000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=r7], 0x20)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={@fallback, 0xffffffffffffffff, 0xb, 0x0, 0xffffffffffffffff, @void, @value, @void, @void, r7}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f00000014c0)=@filename='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x14, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000000000000000008000000001801000020a7a5646c2100000000002020207b1af8ff00000000bf0800000000000000010000f8ffffffb702000000000000b7030000000013008522000070000000181100004bc508bfa190bb2669ac1f53e73bcb1a5f4031a181035a8ec084e4ffa00390751d7106cccf023b594baba76d52a55b503698e18393e23625441e77a6956f155ae8abafea4ca5cd1fe2d11fd0233c076996698aa0c0abbca406089599ddacbe24bab06930cb3a1b37641a71ab6dadcc6e15c92460081474a5", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000840)={r9}, 0xc)
r10 = openat$btrfs_control(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@ipv4_newrule={0x24, 0x1e, 0x1, 0x2, 0x200, {0x2, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x4}, [@FRA_DST={0x8, 0x1, @multicast2}]}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x0)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r10, &(0x7f0000000880)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x34, r12, 0x800, 0x70bd2b, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x40801)
socket$inet6_sctp(0xa, 0x5, 0x84)
futex_waitv(0x0, 0x40, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

kernel console output (not intermixed with test programs):

39'.
[  927.424816][T17944] bridge0: port 3(syz_tun) entered blocking state
[  927.427089][T17944] bridge0: port 3(syz_tun) entered forwarding state
[  927.440606][T17947] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3042'.
[  927.686206][ T6027] usb 37-1: new low-speed USB device number 4 using vhci_hcd
[  927.826408][T17944] 8021q: adding VLAN 0 to HW filter on device .`
[  927.927420][T17944] 8021q: adding VLAN 0 to HW filter on device team0
[  928.002267][T17959] overlayfs: missing 'lowerdir'
[  928.154619][T17944] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  928.219813][T17961] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3045'.
[  928.508152][T17822] block device autoloading is deprecated and will be removed.
[  928.842863][T17973] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3046'.
[  928.846125][T17973] nbd: device at index 64 is going down
[  929.344558][T17945] vhci_hcd: connection reset by peer
[  929.350195][ T7988] vhci_hcd vhci_hcd.0: stop threads
[  929.353042][ T7988] vhci_hcd vhci_hcd.0: release socket
[  929.362393][ T7988] vhci_hcd vhci_hcd.0: disconnect device
[  929.667679][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  929.673818][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  929.747741][T17980] overlayfs: missing 'workdir'
[  930.532951][T17991] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3050'.
[  930.910472][T18005] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3053'.
[  931.878388][T18014] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  932.099414][T17822] udevd[17822]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  932.112102][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  932.385724][T18019] overlayfs: missing 'lowerdir'
[  932.806629][ T6027] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  933.894796][T18053] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3063'.
[  935.018770][T18064] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  935.549540][T18072] FAULT_INJECTION: forcing a failure.
[  935.549540][T18072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  935.606554][T18072] CPU: 2 UID: 0 PID: 18072 Comm: syz.4.3065 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  935.606589][T18072] Tainted: [L]=SOFTLOCKUP
[  935.606596][T18072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  935.606607][T18072] Call Trace:
[  935.606615][T18072]  <TASK>
[  935.606623][T18072]  dump_stack_lvl+0x16c/0x1f0
[  935.606654][T18072]  should_fail_ex+0x512/0x640
[  935.606685][T18072]  _copy_to_user+0x32/0xd0
[  935.606707][T18072]  simple_read_from_buffer+0xcb/0x170
[  935.606734][T18072]  proc_fail_nth_read+0x197/0x240
[  935.606763][T18072]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  935.606791][T18072]  ? rw_verify_area+0xcf/0x6c0
[  935.606813][T18072]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  935.606841][T18072]  vfs_read+0x1e4/0xcf0
[  935.606867][T18072]  ? __pfx___mutex_lock+0x10/0x10
[  935.606895][T18072]  ? __pfx_vfs_read+0x10/0x10
[  935.606917][T18072]  ? find_held_lock+0x2b/0x80
[  935.606947][T18072]  ? __fget_files+0x20e/0x3c0
[  935.606980][T18072]  ksys_read+0x12a/0x250
[  935.607004][T18072]  ? __pfx_ksys_read+0x10/0x10
[  935.607028][T18072]  ? rcu_is_watching+0x12/0xc0
[  935.607060][T18072]  __do_fast_syscall_32+0xe8/0x680
[  935.607091][T18072]  do_fast_syscall_32+0x32/0x80
[  935.607119][T18072]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  935.607142][T18072] RIP: 0023:0xf7f92579
[  935.607157][T18072] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  935.607174][T18072] RSP: 002b:00000000f5444590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  935.607192][T18072] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f5444620
[  935.607204][T18072] RDX: 000000000000000f RSI: 00000000f7426ff4 RDI: 0000000000000000
[  935.607215][T18072] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  935.607227][T18072] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  935.607237][T18072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  935.607262][T18072]  </TASK>
[  935.702662][    C2] hpet: Lost 4 RTC interrupts
[  936.105094][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  936.108124][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  938.826195][T18102] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3073'.
[  939.403175][T18035] syz.0.3060 (18035) used greatest stack depth: 18888 bytes left
[  939.716595][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  939.724462][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  941.454359][T18125] netlink: 'syz.3.3080': attribute type 3 has an invalid length.
[  941.839740][T18143] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  942.620178][T18152] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3084'.
[  943.147746][T18162] 9p: Bad value for 'wfdno'
[  944.559654][T18190] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  945.471318][T18199] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3097'.
[  945.591090][T18189] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  945.595033][T18189] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  945.754577][T16133] IPVS: starting estimator thread 0...
[  945.866824][T18206] IPVS: using max 44 ests per chain, 105600 per kthread
[  946.313443][T18220] binder: BINDER_SET_CONTEXT_MGR already set
[  946.317185][T18220] binder: 18219:18220 ioctl 4018620d 800002c0 returned -16
[  948.451589][T18225] lo speed is unknown, defaulting to 1000
[  948.746008][T16817] usb 9-1: new high-speed USB device number 44 using dummy_hcd
[  948.907761][T16817] usb 9-1: config 0 has an invalid interface number: 204 but max is 0
[  948.910743][T16817] usb 9-1: config 0 has no interface number 0
[  948.916192][T16817] usb 9-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=29.3d
[  948.919301][T16817] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  948.922064][T16817] usb 9-1: Product: syz
[  948.925166][T18246] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  948.932279][T16817] usb 9-1: Manufacturer: syz
[  948.934285][T16817] usb 9-1: SerialNumber: syz
[  948.940230][T16817] usb 9-1: config 0 descriptor??
[  948.945719][T16817] ems_usb 9-1:0.204 (unnamed net_device) (uninitialized): couldn't initialize controller: -22
[  948.951810][T16817] ems_usb 9-1:0.204: probe with driver ems_usb failed with error -22
[  949.037087][T18250] netlink: 'syz.0.3113': attribute type 3 has an invalid length.
[  949.152148][T16817] usb 9-1: USB disconnect, device number 44
[  950.114250][T18266] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3116'.
[  950.243877][T18269] tmpfs: Unknown parameter 'usrquota_inode_hardlimi<�/��'
[  951.524845][T18282] netlink: 'syz.2.3122': attribute type 3 has an invalid length.
[  951.676916][T18288] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  953.566956][T18304] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3124'.
[  953.580792][T18304] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3124'.
[  954.358344][T18325] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3129'.
[  955.351544][T18336] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3135'.
[  955.381329][   T40] audit: type=1800 audit(2000000009.620:811): pid=18335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3134" name="cpuacct.usage_user" dev="tmpfs" ino=598 res=0 errno=0
[  956.180673][T18348] netlink: 'syz.4.3138': attribute type 21 has an invalid length.
[  956.267266][T17822] udevd[17822]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  956.272419][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  956.280108][T18348] netlink: 'syz.4.3138': attribute type 6 has an invalid length.
[  956.287380][T18348] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3138'.
[  956.329447][T18355] netlink: 'syz.4.3140': attribute type 1 has an invalid length.
[  956.344983][T18355] 8021q: adding VLAN 0 to HW filter on device bond1
[  956.357167][T18355] ip6erspan0: entered promiscuous mode
[  956.362546][T18355] bond1: (slave ip6erspan0): making interface the new active one
[  956.366164][T18355] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  956.677637][T18367] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3142'.
[  957.486655][T18380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3146'.
[  957.610104][T18383] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3145'.
[  958.595491][T18397] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3148'.
[  958.832883][T18406] overlayfs: missing 'workdir'
[  959.002201][T15546] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  959.147806][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  959.243803][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  959.649048][T18421] netlink: 'syz.2.3153': attribute type 3 has an invalid length.
[  959.783728][T18429] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3157'.
[  960.731274][T18444] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3159'.
[  961.266476][T17822] udevd[17822]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  961.430510][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  961.520389][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  961.593010][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  961.700044][T18465] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3163'.
[  961.703023][T18465] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3163'.
[  961.706246][T18465] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3163'.
[  961.709796][T18465] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3163'.
[  963.636635][T18500] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  963.639292][T18500] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  963.642940][T18500] vhci_hcd vhci_hcd.0: Device attached
[  963.808735][T18508] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  963.925950][T16133] usb 46-1: SetAddress Request (38) to port 0
[  963.928108][T16133] usb 46-1: new SuperSpeed USB device number 38 using vhci_hcd
[  964.007875][T18514] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3178'.
[  964.139526][T18501] vhci_hcd: connection closed
[  964.139762][T16167] vhci_hcd vhci_hcd.4: stop threads
[  964.144560][T16167] vhci_hcd vhci_hcd.4: release socket
[  964.147475][T16167] vhci_hcd vhci_hcd.4: disconnect device
[  964.525893][T16133] usb 46-1: enqueue for inactive port 0
[  965.009545][T18521] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3172'.
[  965.196719][T16133] usb usb46-port1: attempt power cycle
[  965.766708][T16133] usb usb46-port1: unable to enumerate USB device
[  965.865899][T13934] usb 9-1: new high-speed USB device number 45 using dummy_hcd
[  966.035909][T13934] usb 9-1: Using ep0 maxpacket: 8
[  966.039262][T13934] usb 9-1: config 0 has an invalid interface number: 186 but max is 0
[  966.042394][T13934] usb 9-1: config 0 has no interface number 0
[  966.044602][T13934] usb 9-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  966.048551][T13934] usb 9-1: config 0 interface 186 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  966.052766][T13934] usb 9-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  966.057028][T13934] usb 9-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  966.060746][T13934] usb 9-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  966.064007][T13934] usb 9-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  966.070593][T13934] usb 9-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  966.073710][T13934] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  966.076494][T13934] usb 9-1: Product: syz
[  966.077963][T13934] usb 9-1: Manufacturer: syz
[  966.079687][T13934] usb 9-1: SerialNumber: syz
[  966.082774][T13934] usb 9-1: config 0 descriptor??
[  966.347322][T13934] iowarrior 9-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  966.527371][T18542] iowarrior 9-1:0.186: Error -90 while submitting URB
[  966.534426][T13934] usb 9-1: USB disconnect, device number 45
[  966.674915][T18559] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3182'.
[  966.867658][T18568] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3181'.
[  966.946110][T18570] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  966.997983][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  967.513542][T18575] lo speed is unknown, defaulting to 1000
[  968.870737][T18597] loop2: detected capacity change from 0 to 7
[  968.887690][T18582] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3188'.
[  968.907159][T18597] Dev loop2: unable to read RDB block 7
[  968.909065][T18597]  loop2: AHDI p1 p2 p3
[  968.911039][T18597] loop2: partition table partially beyond EOD, truncated
[  968.928167][T18597] loop2: p1 start 1601398130 is beyond EOD, truncated
[  968.930405][T18597] loop2: p2 start 1702059890 is beyond EOD, truncated
[  969.999234][T18617] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  971.121267][T18635] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3200'.
[  971.487876][T18646] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3202'.
[  972.172741][T17822] udevd[17822]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  972.190381][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  972.704334][T18652] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  972.706698][T18652] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  972.710563][T18652] vhci_hcd vhci_hcd.0: Device attached
[  972.985915][ T6027] usb 38-1: SetAddress Request (55) to port 0
[  972.988888][ T6027] usb 38-1: new SuperSpeed USB device number 55 using vhci_hcd
[  972.991908][T18666] vhci_hcd: connection closed
[  972.992124][ T7988] vhci_hcd vhci_hcd.0: stop threads
[  972.996444][ T7988] vhci_hcd vhci_hcd.0: release socket
[  972.998414][ T7988] vhci_hcd vhci_hcd.0: disconnect device
[  973.005908][ T6027] usb 38-1: enqueue for inactive port 0
[  973.293263][T18668] overlayfs: failed to resolve './file1': -2
[  973.406895][ T6027] usb usb38-port1: attempt power cycle
[  973.677266][T18674] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  973.986695][ T6027] usb usb38-port1: unable to enumerate USB device
[  975.523884][T18697] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3214'.
[  975.709586][T18700] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3215'.
[  976.901632][T18717] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3220'.
[  976.904697][T18717] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3220'.
[  977.645968][ T6026] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  977.795923][ T6026] usb 8-1: Using ep0 maxpacket: 8
[  977.799000][ T6026] usb 8-1: config 0 has an invalid interface number: 186 but max is 0
[  977.801748][ T6026] usb 8-1: config 0 has no interface number 0
[  977.803788][ T6026] usb 8-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  977.807436][ T6026] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  977.810719][ T6026] usb 8-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  977.814630][ T6026] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  977.818466][ T6026] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  977.821770][ T6026] usb 8-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  977.828156][ T6026] usb 8-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  977.831171][ T6026] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  977.833831][ T6026] usb 8-1: Product: syz
[  977.835230][ T6026] usb 8-1: Manufacturer: syz
[  977.837125][ T6026] usb 8-1: SerialNumber: syz
[  977.851676][ T6026] usb 8-1: config 0 descriptor??
[  978.179330][ T6026] iowarrior 8-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  978.389712][T18726] iowarrior 8-1:0.186: Error -90 while submitting URB
[  978.393813][ T6008] usb 8-1: USB disconnect, device number 24
[  978.692471][T18744] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3227'.
[  978.830478][T17822] udevd[17822]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  978.836894][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  979.578326][T18756] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.3231'.
[  979.611083][T18760] fuse: Unknown parameter '01777777777777777777777�I�����SH��jlA�0|�\�G�υ^`%����ds�"����08g�-��K6�G �����<a�:҂g��Uߺ�>�G���n�rk�GI(���x"�'
[  979.711374][T18767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3234'.
[  979.714373][T18767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3234'.
[  979.948636][T18773] afs: Unknown parameter '>�L�f��Y��J���|b�bS>mJ�s��mk�6�>8J&���Ϣ��|#��^B$Pn''
[  980.405962][T18781] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  980.408235][T18781] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  980.412735][T18781] vhci_hcd vhci_hcd.0: Device attached
[  980.673562][ T6026] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  980.723143][T18799] netlink: 'syz.2.3244': attribute type 3 has an invalid length.
[  980.944684][T18782] vhci_hcd: connection reset by peer
[  980.946910][ T8026] vhci_hcd vhci_hcd.3: stop threads
[  980.949392][ T8026] vhci_hcd vhci_hcd.3: release socket
[  980.952496][ T8026] vhci_hcd vhci_hcd.3: disconnect device
[  981.600007][T18819] gfs2: Unknown parameter 'barrier'
[  982.003277][T18839] netlink: 'syz.2.3257': attribute type 3 has an invalid length.
[  982.162057][T18845] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3260'.
[  982.247048][ T5945] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  982.396011][ T5945] usb 8-1: Using ep0 maxpacket: 8
[  982.401589][ T5945] usb 8-1: config 0 has an invalid interface number: 186 but max is 0
[  982.406247][ T5945] usb 8-1: config 0 has no interface number 0
[  982.409250][ T5945] usb 8-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  982.414457][ T5945] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  982.419012][ T5945] usb 8-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  982.423938][ T5945] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  982.429853][ T5945] usb 8-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  982.437024][ T5945] usb 8-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  982.441440][ T5945] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  982.444118][ T5945] usb 8-1: Product: syz
[  982.445677][ T5945] usb 8-1: Manufacturer: syz
[  982.447514][ T5945] usb 8-1: SerialNumber: syz
[  982.450799][ T5945] usb 8-1: config 0 descriptor??
[  982.744778][ T5945] iowarrior 8-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  982.756097][ T5945] usb 8-1: USB disconnect, device number 25
[  983.223709][T18866] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  983.225883][T18866] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  983.228883][T18866] vhci_hcd vhci_hcd.0: Device attached
[  983.244157][T18869] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  983.246347][T18869] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  983.254615][T18869] vhci_hcd vhci_hcd.0: Device attached
[  983.265522][T18869] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  983.268606][T18869] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  983.278443][T18873] netlink: 'syz.3.3267': attribute type 3 has an invalid length.
[  983.485918][T13934] usb 45-1: new low-speed USB device number 3 using vhci_hcd
[  983.495913][T16133] usb 42-1: SetAddress Request (67) to port 0
[  983.497991][T16133] usb 42-1: new SuperSpeed USB device number 67 using vhci_hcd
[  983.881537][T18870] vhci_hcd: connection reset by peer
[  983.885032][  T102] vhci_hcd vhci_hcd.4: stop threads
[  983.886915][  T102] vhci_hcd vhci_hcd.4: release socket
[  983.889140][  T102] vhci_hcd vhci_hcd.4: disconnect device
[  983.926960][T18867] vhci_hcd: connection reset by peer
[  983.931847][ T6117] vhci_hcd vhci_hcd.2: stop threads
[  983.933700][ T6117] vhci_hcd vhci_hcd.2: release socket
[  983.935533][ T6117] vhci_hcd vhci_hcd.2: disconnect device
[  984.795141][T18900] loop4: detected capacity change from 0 to 8
[  984.911256][T17824] Dev loop4: unable to read RDB block 8
[  984.913724][T17824]  loop4: unable to read partition table
[  985.166095][T17824] loop4: partition table beyond EOD, truncated
[  985.312322][T18910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3278'.
[  985.708672][T18900] Dev loop4: unable to read RDB block 8
[  985.711244][T18900]  loop4: unable to read partition table
[  985.713774][T18900] loop4: partition table beyond EOD, truncated
[  985.721311][T18900] loop_reread_partitions: partition scan of loop4 (���������S�j̖�P=ý?�}X���	���%��`��ր����5) failed (rc=-5)
[  985.765989][ T6026] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  985.772413][T18920] [U] 
[  985.773599][T18920] [U] 
[  985.774536][T18920] [U] 
[  985.775479][T18920] [U] 
[  985.776983][T18920] [U] 
[  985.777915][T18920] [U] 
[  985.778983][T18920] [U] 
[  985.780081][T18920] [U] 
[  985.781128][T18920] [U] 
[  985.782072][T18920] [U] 
[  985.783025][T18920] [U] 
[  985.783997][T18920] [U] 
[  985.785244][T18920] [U] 
[  985.786265][T18920] [U] 
[  985.787363][T18920] [U] 
[  985.788361][T18920] [U] 
[  985.789389][T18920] [U] 
[  985.790426][T18920] [U] 
[  985.791382][T18920] [U] 
[  985.792301][T18920] [U] 
[  985.793234][T18920] [U] 
[  985.794156][T18920] [U] 
[  985.795069][T18920] [U] 
[  985.796012][T18920] [U] 
[  985.798070][T18920] [U] 
[  985.799500][T18920] [U] 
[  985.800506][T18920] [U] 
[  985.801541][T18920] [U] 
[  985.802492][T18920] [U] 
[  985.803448][T18920] [U] 
[  985.804420][T18920] [U] 
[  985.805368][T18920] [U] 
[  985.806958][T18920] [U] 
[  985.808066][T18920] [U] 
[  985.809009][T18920] [U] 
[  985.809936][T18920] [U] 
[  985.810902][T18920] [U] 
[  985.811891][T18920] [U] 
[  985.812922][T18920] [U] 
[  985.813848][T18920] [U] 
[  985.814793][T18920] [U] 
[  985.815755][T18920] [U] 
[  985.816722][T18920] [U] 
[  985.817737][T18920] [U] 
[  985.818814][T18920] [U] 
[  985.819750][T18920] [U] 
[  985.820693][T18920] [U] 
[  985.821629][T18920] [U] 
[  985.822644][T18920] [U] 
[  985.823597][T18920] [U] 
[  985.824575][T18920] [U] 
[  985.825590][T18920] [U] 
[  985.827174][T18920] [U] 
[  985.828204][T18920] [U] 
[  985.829158][T18920] [U] 
[  985.830096][T18920] [U] 
[  985.831622][T18920] [U] 
[  985.832679][T18920] [U] 
[  985.833619][T18920] [U] 
[  985.834552][T18920] [U] 
[  985.846435][T18902] Invalid logical block size (2)
[  985.886425][ T5350] Dev loop4: unable to read RDB block 8
[  985.888832][ T5350]  loop4: unable to read partition table
[  985.891318][ T5350] loop4: partition table beyond EOD, truncated
[  985.900994][T18925] [U] 
[  985.946841][T18928] netlink: 'syz.0.3284': attribute type 3 has an invalid length.
[  986.010227][T18935] /dev/nullb0: Can't open blockdev
[  986.231170][T18944] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 40
[  986.446471][T18948] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  986.448680][T18948] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  986.452144][T18948] vhci_hcd vhci_hcd.0: Device attached
[  986.467224][T18948] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3291'.
[  986.756026][ T6026] usb 43-1: device descriptor read/64, error -110
[  987.056055][T18960] netlink: 'syz.2.3295': attribute type 3 has an invalid length.
[  987.081720][ T6026] usb 43-1: new low-speed USB device number 3 using vhci_hcd
[  987.090794][T18949] vhci_hcd: connection reset by peer
[  987.093999][T16167] vhci_hcd vhci_hcd.3: stop threads
[  987.097741][T16167] vhci_hcd vhci_hcd.3: release socket
[  987.105635][T16167] vhci_hcd vhci_hcd.3: disconnect device
[  987.217306][T18974] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  987.219549][T18974] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  987.222388][T18974] vhci_hcd vhci_hcd.0: Device attached
[  988.024076][T18975] vhci_hcd: connection closed
[  988.024396][ T1162] vhci_hcd vhci_hcd.4: stop threads
[  988.028043][ T1162] vhci_hcd vhci_hcd.4: release socket
[  988.030204][ T1162] vhci_hcd vhci_hcd.4: disconnect device
[  988.248413][T18984] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  988.251139][T18984] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  988.254266][T18984] vhci_hcd vhci_hcd.0: Device attached
[  988.268629][T18984] netlink: 'syz.3.3302': attribute type 1 has an invalid length.
[  988.284866][T18984] 8021q: adding VLAN 0 to HW filter on device bond2
[  988.291663][T18985] vhci_hcd: connection closed
[  988.291862][T16167] vhci_hcd vhci_hcd.3: stop threads
[  988.295318][T16167] vhci_hcd vhci_hcd.3: release socket
[  988.299701][T16167] vhci_hcd vhci_hcd.3: disconnect device
[  988.566018][T16133] usb 42-1: device descriptor read/8, error -110
[  988.636206][T13934] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  988.958318][T16133] usb usb42-port1: attempt power cycle
[  989.060427][T18999] FAULT_INJECTION: forcing a failure.
[  989.060427][T18999] name failslab, interval 1, probability 0, space 0, times 0
[  989.065125][T18999] CPU: 3 UID: 0 PID: 18999 Comm: syz.3.3305 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  989.065145][T18999] Tainted: [L]=SOFTLOCKUP
[  989.065149][T18999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  989.065157][T18999] Call Trace:
[  989.065161][T18999]  <TASK>
[  989.065167][T18999]  dump_stack_lvl+0x16c/0x1f0
[  989.065188][T18999]  should_fail_ex+0x512/0x640
[  989.065202][T18999]  ? kmem_cache_alloc_noprof+0x62/0x770
[  989.065217][T18999]  should_failslab+0xc2/0x120
[  989.065237][T18999]  kmem_cache_alloc_noprof+0x83/0x770
[  989.065250][T18999]  ? fuse_request_alloc+0x22/0x200
[  989.065266][T18999]  ? fuse_request_alloc+0x22/0x200
[  989.065276][T18999]  fuse_request_alloc+0x22/0x200
[  989.065288][T18999]  fuse_get_req+0x748/0xff0
[  989.065300][T18999]  ? get_create_ext.constprop.0+0x8e1/0xcd0
[  989.065317][T18999]  ? __pfx_fuse_get_req+0x10/0x10
[  989.065328][T18999]  ? get_create_ext.constprop.0+0x8e1/0xcd0
[  989.065342][T18999]  ? get_create_ext.constprop.0+0x1a0/0xcd0
[  989.065360][T18999]  ? __pfx_get_create_ext.constprop.0+0x10/0x10
[  989.065378][T18999]  __fuse_simple_request+0xb5/0xe20
[  989.065390][T18999]  ? security_capable+0x7e/0x260
[  989.065411][T18999]  fuse_create_open+0x67c/0xe40
[  989.065432][T18999]  ? __pfx_fuse_create_open+0x10/0x10
[  989.065448][T18999]  ? fuse_dentry_settime+0x19a/0x590
[  989.065462][T18999]  ? do_raw_spin_unlock+0x172/0x230
[  989.065476][T18999]  ? _raw_spin_unlock+0x28/0x50
[  989.065495][T18999]  ? __pfx_fuse_lookup+0x10/0x10
[  989.065510][T18999]  ? current_check_access_path+0x33b/0x460
[  989.065533][T18999]  ? fuse_allow_current_process+0xa8/0x390
[  989.065553][T18999]  fuse_atomic_open+0x285/0x460
[  989.065571][T18999]  ? __pfx_fuse_atomic_open+0x10/0x10
[  989.065588][T18999]  lookup_open.isra.0+0x844/0x1780
[  989.065605][T18999]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  989.065622][T18999]  ? find_held_lock+0x2b/0x80
[  989.065640][T18999]  ? __pfx_down_write+0x10/0x10
[  989.065654][T18999]  path_openat+0xa95/0x3140
[  989.065675][T18999]  ? __pfx_path_openat+0x10/0x10
[  989.065697][T18999]  do_filp_open+0x20b/0x470
[  989.065713][T18999]  ? __pfx_do_filp_open+0x10/0x10
[  989.065740][T18999]  ? alloc_fd+0x471/0x7d0
[  989.065760][T18999]  do_sys_openat2+0x121/0x290
[  989.065789][T18999]  ? __pfx_do_sys_openat2+0x10/0x10
[  989.065803][T18999]  ? __fget_files+0x20e/0x3c0
[  989.065822][T18999]  __ia32_sys_creat+0xcb/0x120
[  989.065835][T18999]  ? __pfx___ia32_sys_creat+0x10/0x10
[  989.065847][T18999]  ? __pfx_ksys_write+0x10/0x10
[  989.065863][T18999]  ? do_user_addr_fault+0x843/0x1370
[  989.065878][T18999]  ? rcu_is_watching+0x12/0xc0
[  989.065893][T18999]  ? __do_fast_syscall_32+0x9a/0x680
[  989.065912][T18999]  __do_fast_syscall_32+0xe8/0x680
[  989.065930][T18999]  do_fast_syscall_32+0x32/0x80
[  989.065948][T18999]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  989.065962][T18999] RIP: 0023:0xf7f94579
[  989.065972][T18999] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  989.065991][T18999] RSP: 002b:00000000f546555c EFLAGS: 00000296 ORIG_RAX: 0000000000000008
[  989.066002][T18999] RAX: ffffffffffffffda RBX: 0000000080000180 RCX: 0000000000000000
[  989.066009][T18999] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  989.066015][T18999] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  989.066022][T18999] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  989.066028][T18999] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  989.066042][T18999]  </TASK>
[  989.189872][T18997] netlink: 'syz.0.3304': attribute type 3 has an invalid length.
[  989.204658][T19001] ubi: mtd0 is already attached to ubi31
[  989.245317][T19005] FAULT_INJECTION: forcing a failure.
[  989.245317][T19005] name failslab, interval 1, probability 0, space 0, times 0
[  989.249596][T19005] CPU: 3 UID: 0 PID: 19005 Comm: syz.0.3308 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  989.249615][T19005] Tainted: [L]=SOFTLOCKUP
[  989.249619][T19005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  989.249627][T19005] Call Trace:
[  989.249631][T19005]  <TASK>
[  989.249635][T19005]  dump_stack_lvl+0x16c/0x1f0
[  989.249657][T19005]  should_fail_ex+0x512/0x640
[  989.249670][T19005]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  989.249687][T19005]  should_failslab+0xc2/0x120
[  989.249705][T19005]  kmem_cache_alloc_node_noprof+0x86/0x800
[  989.249718][T19005]  ? __alloc_skb+0x156/0x410
[  989.249734][T19005]  ? __alloc_skb+0x156/0x410
[  989.249746][T19005]  __alloc_skb+0x156/0x410
[  989.249756][T19005]  ? __alloc_skb+0x35d/0x410
[  989.249768][T19005]  ? __pfx___alloc_skb+0x10/0x10
[  989.249780][T19005]  ? netlink_autobind.isra.0+0x158/0x370
[  989.249800][T19005]  netlink_alloc_large_skb+0x69/0x140
[  989.249817][T19005]  netlink_sendmsg+0x698/0xdd0
[  989.249835][T19005]  ? __pfx_netlink_sendmsg+0x10/0x10
[  989.249853][T19005]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  989.249880][T19005]  ____sys_sendmsg+0xa5d/0xc30
[  989.249899][T19005]  ? __pfx_____sys_sendmsg+0x10/0x10
[  989.249915][T19005]  ? get_compat_msghdr+0x11a/0x170
[  989.249935][T19005]  ___sys_sendmsg+0x134/0x1d0
[  989.249951][T19005]  ? __pfx____sys_sendmsg+0x10/0x10
[  989.249971][T19005]  ? find_held_lock+0x2b/0x80
[  989.249994][T19005]  __sys_sendmsg+0x16d/0x220
[  989.250008][T19005]  ? __pfx___sys_sendmsg+0x10/0x10
[  989.250027][T19005]  ? do_user_addr_fault+0x843/0x1370
[  989.250043][T19005]  __do_fast_syscall_32+0xe8/0x680
[  989.250062][T19005]  do_fast_syscall_32+0x32/0x80
[  989.250080][T19005]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  989.250095][T19005] RIP: 0023:0xf700d579
[  989.250104][T19005] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  989.250116][T19005] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  989.250127][T19005] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800004c0
[  989.250135][T19005] RDX: 0000000020040000 RSI: 0000000000000000 RDI: 0000000000000000
[  989.250141][T19005] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  989.250147][T19005] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  989.250154][T19005] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  989.250168][T19005]  </TASK>
[  989.558954][T16133] usb usb42-port1: unable to enumerate USB device
[  990.048165][    T9] usb usb46-port1: attempt power cycle
[  990.661849][T19029] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3315'.
[  990.737696][T19031] netlink: 'syz.4.3316': attribute type 3 has an invalid length.
[  991.023279][T16527] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  991.025981][T16527] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  991.111438][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.116584][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.120083][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.123523][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.127959][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.131108][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.134220][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.137327][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.140357][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.143678][ T6008] hid-generic 000B:0003:0004.003A: unknown main item tag 0x0
[  991.149240][ T6008] hid-generic 000B:0003:0004.003A: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  991.216747][    T9] usb usb46-port1: unable to enumerate USB device
[  991.254702][T19045] fido_id[19045]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  991.441947][T19058] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3324'.
[  991.446778][T19058] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3324'.
[  991.486168][T19053] bond3: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  991.528722][T19053] bond3 (unregistering): Released all slaves
[  992.086472][T19070] lo speed is unknown, defaulting to 1000
[  992.117555][T19071] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  992.176160][ T6026] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  992.850963][T19082] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3327'.
[  993.109297][T19082] bridge0: port 2(bridge_slave_1) entered disabled state
[  993.112555][T19082] bridge0: port 1(bridge_slave_0) entered disabled state
[  993.408832][T19082] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  993.430024][T19082] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  993.564680][T19087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3330'.
[  993.890411][T19082] geneve2: left promiscuous mode
[  993.892635][T19082] geneve2: left allmulticast mode
[  993.905106][T19082] ip6erspan0: left promiscuous mode
[  993.976247][   T62] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  993.979444][   T62] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  993.983223][   T62] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  993.992246][   T62] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  994.007458][   T62] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  994.010972][   T62] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  994.014659][   T62] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  994.025901][   T62] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  994.086793][T19095] can0: slcan on ttynull.
[  994.285091][   T40] audit: type=1326 audit(2000000003.089:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.319622][T19104] pim6reg: entered allmulticast mode
[  994.329137][   T40] audit: type=1326 audit(2000000003.099:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.345934][   T40] audit: type=1326 audit(2000000003.099:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.355098][   T40] audit: type=1326 audit(2000000003.109:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.374727][   T40] audit: type=1326 audit(2000000003.109:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.383566][   T40] audit: type=1326 audit(2000000003.109:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.393102][   T40] audit: type=1326 audit(2000000003.109:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.416030][   T40] audit: type=1326 audit(2000000003.109:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.422625][   T40] audit: type=1326 audit(2000000003.109:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  994.481457][   T40] audit: type=1326 audit(2000000003.109:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19092 comm="syz.0.3333" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf700d579 code=0x7ffc0000
[  995.082490][T19094] can0 (unregistered): slcan off ttynull.
[  995.138443][T19092] pim6reg: left allmulticast mode
[  996.677518][T19149] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  997.134658][T19160] netlink: 104 bytes leftover after parsing attributes in process `syz.0.3347'.
[  997.529262][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  997.531672][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  997.939846][T19176] lo speed is unknown, defaulting to 1000
[ 1000.706339][T19228] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3364'.
[ 1001.165966][T19236] program syz.2.3366 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1001.554622][T19228] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR
[ 1001.554708][T19228] block (null): Could not allocate knbd recv work queue.
[ 1001.596634][T19228] nbd: failed to add new device
[ 1002.740653][T19271] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3376'.
[ 1003.071905][T19283] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3378'.
[ 1003.178536][T17824] udevd[17824]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1005.922860][T19329] random: crng reseeded on system resumption
[ 1005.928332][T19329] Restarting kernel threads ...
[ 1005.931276][T19329] Done restarting kernel threads.
[ 1006.667333][T16527] Bluetooth: hci0: unexpected event for opcode 0x080c
[ 1006.960817][T19348] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3399'.
[ 1007.015452][T17822] block nbd64: NBD_DISCONNECT
[ 1007.637983][T16754] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.656925][T16754] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.673746][T16754] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.696823][T16754] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1008.043765][T19369] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3402'.
[ 1008.101084][T19384] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3406'.
[ 1008.104185][T19384] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3406'.
[ 1010.019194][T19438] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1010.021433][T19438] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1010.025454][T19438] vhci_hcd vhci_hcd.0: Device attached
[ 1010.316517][ T6027] usb 46-1: SetAddress Request (46) to port 0
[ 1010.319454][ T6027] usb 46-1: new SuperSpeed USB device number 46 using vhci_hcd
[ 1010.585484][T19439] vhci_hcd: connection reset by peer
[ 1010.587513][T16754] vhci_hcd vhci_hcd.4: stop threads
[ 1010.589604][T16754] vhci_hcd vhci_hcd.4: release socket
[ 1010.591780][T16754] vhci_hcd vhci_hcd.4: disconnect device
[ 1010.708221][T19455] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3425'.
[ 1010.932351][T19466] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3428'.
[ 1011.076949][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1012.017802][T19486] netlink: 'syz.0.3434': attribute type 12 has an invalid length.
[ 1012.509788][T19501] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3438'.
[ 1013.337954][T19458] udevd[19458]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1013.344914][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1013.410008][T19518] netlink: 'syz.3.3442': attribute type 5 has an invalid length.
[ 1013.412509][T19518] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3442'.
[ 1013.489642][T19521] overlay: Unknown parameter ':'
[ 1014.404303][T19534] hub 8-0:1.0: USB hub found
[ 1014.407308][T19534] hub 8-0:1.0: 1 port detected
[ 1014.476523][T19544] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3448'.
[ 1015.376703][ T6027] usb 46-1: device descriptor read/8, error -110
[ 1015.452607][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1015.792255][ T6027] usb usb46-port1: attempt power cycle
[ 1016.344923][T19577] xt_SECMARK: invalid mode: 0
[ 1016.421170][ T6027] usb usb46-port1: unable to enumerate USB device
[ 1016.486999][T19583] FAULT_INJECTION: forcing a failure.
[ 1016.486999][T19583] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1016.491264][T19583] CPU: 1 UID: 0 PID: 19583 Comm: syz.4.3459 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1016.491284][T19583] Tainted: [L]=SOFTLOCKUP
[ 1016.491288][T19583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1016.491295][T19583] Call Trace:
[ 1016.491300][T19583]  <TASK>
[ 1016.491306][T19583]  dump_stack_lvl+0x16c/0x1f0
[ 1016.491326][T19583]  should_fail_ex+0x512/0x640
[ 1016.491342][T19583]  _copy_from_user+0x2e/0xd0
[ 1016.491355][T19583]  move_addr_to_kernel+0x65/0x170
[ 1016.491367][T19583]  __get_compat_msghdr+0x3f1/0x4d0
[ 1016.491383][T19583]  get_compat_msghdr+0xd2/0x170
[ 1016.491396][T19583]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1016.491415][T19583]  ___sys_sendmsg+0x1ae/0x1d0
[ 1016.491430][T19583]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1016.491450][T19583]  ? find_held_lock+0x2b/0x80
[ 1016.491474][T19583]  __sys_sendmsg+0x16d/0x220
[ 1016.491488][T19583]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1016.491507][T19583]  ? fdget+0x187/0x210
[ 1016.491525][T19583]  __do_fast_syscall_32+0xe8/0x680
[ 1016.491544][T19583]  do_fast_syscall_32+0x32/0x80
[ 1016.491562][T19583]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1016.491577][T19583] RIP: 0023:0xf7f92579
[ 1016.491587][T19583] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1016.491598][T19583] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1016.491609][T19583] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000400
[ 1016.491616][T19583] RDX: 0000000000040004 RSI: 0000000000000000 RDI: 0000000000000000
[ 1016.491623][T19583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1016.491629][T19583] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1016.491651][T19583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1016.491666][T19583]  </TASK>
[ 1017.391029][T19619] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3469'.
[ 1018.650956][T19656] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3479'.
[ 1019.753888][T19676] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.3484' sets config #0
[ 1020.134063][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1020.272483][T19694] ceph: No mds server is up or the cluster is laggy
[ 1020.348634][ T1022] libceph: connect (1)[c::]:6789 error -101
[ 1020.354632][ T1022] libceph: mon0 (1)[c::]:6789 connect error
[ 1020.583405][T19698] netlink: 'syz.4.3488': attribute type 9 has an invalid length.
[ 1020.592106][T19701] FAULT_INJECTION: forcing a failure.
[ 1020.592106][T19701] name failslab, interval 1, probability 0, space 0, times 0
[ 1020.606607][T19701] CPU: 2 UID: 0 PID: 19701 Comm: syz.3.3490 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1020.606638][T19701] Tainted: [L]=SOFTLOCKUP
[ 1020.606644][T19701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1020.606655][T19701] Call Trace:
[ 1020.606661][T19701]  <TASK>
[ 1020.606669][T19701]  dump_stack_lvl+0x16c/0x1f0
[ 1020.606700][T19701]  should_fail_ex+0x512/0x640
[ 1020.606720][T19701]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1020.606744][T19701]  should_failslab+0xc2/0x120
[ 1020.606772][T19701]  kmem_cache_alloc_noprof+0x83/0x770
[ 1020.606794][T19701]  ? skb_clone+0x190/0x3f0
[ 1020.606821][T19701]  ? skb_clone+0x190/0x3f0
[ 1020.606842][T19701]  skb_clone+0x190/0x3f0
[ 1020.606864][T19701]  netlink_deliver_tap+0xabd/0xd30
[ 1020.606894][T19701]  netlink_unicast+0x64c/0x870
[ 1020.606928][T19701]  ? __pfx_netlink_unicast+0x10/0x10
[ 1020.606963][T19701]  netlink_sendmsg+0x8c8/0xdd0
[ 1020.606992][T19701]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1020.607020][T19701]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1020.607054][T19701]  ____sys_sendmsg+0xa5d/0xc30
[ 1020.607083][T19701]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1020.607110][T19701]  ? get_compat_msghdr+0x11a/0x170
[ 1020.607142][T19701]  ___sys_sendmsg+0x134/0x1d0
[ 1020.607166][T19701]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1020.607201][T19701]  ? find_held_lock+0x2b/0x80
[ 1020.607240][T19701]  __sys_sendmsg+0x16d/0x220
[ 1020.607263][T19701]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1020.607295][T19701]  ? do_user_addr_fault+0x843/0x1370
[ 1020.607321][T19701]  __do_fast_syscall_32+0xe8/0x680
[ 1020.607352][T19701]  do_fast_syscall_32+0x32/0x80
[ 1020.607379][T19701]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1020.607401][T19701] RIP: 0023:0xf7f94579
[ 1020.607414][T19701] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1020.607431][T19701] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1020.607448][T19701] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[ 1020.607459][T19701] RDX: 0000000000048800 RSI: 0000000000000000 RDI: 0000000000000000
[ 1020.607470][T19701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1020.607480][T19701] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1020.607490][T19701] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1020.607514][T19701]  </TASK>
[ 1020.707298][    C2] hpet_rtc_timer_reinit: 25 callbacks suppressed
[ 1020.707312][    C2] hpet: Lost 5 RTC interrupts
[ 1020.713938][T19702] ceph: No mds server is up or the cluster is laggy
[ 1020.768074][ T1022] libceph: connect (1)[c::]:6789 error -101
[ 1020.771303][ T1022] libceph: mon0 (1)[c::]:6789 connect error
[ 1020.786683][T19701] tc_dump_action: action bad kind
[ 1021.189665][T19717] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3493'.
[ 1022.277690][T19757] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.3506'.
[ 1022.281321][T19757] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3506'.
[ 1022.605384][T19770] IPv6: Can't replace route, no match found
[ 1024.024977][T19781] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3513'.
[ 1024.938507][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1024.944244][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1026.430875][T16527] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[ 1026.552365][T19830] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3525'.
[ 1026.765036][T19838] vivid-007: disconnect
[ 1026.953318][T19529] udevd[19529]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1026.959650][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1027.288047][T19845] ip6tnl1: entered promiscuous mode
[ 1027.289860][T19845] ip6tnl1: entered allmulticast mode
[ 1027.302168][T19845] team0: Device ip6tnl1 is up. Set it down before adding it as a team port
[ 1027.530356][T19834] vivid-007: reconnect
[ 1027.802604][T19859] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3533'.
[ 1028.157405][T19873] ubi: mtd0 is already attached to ubi31
[ 1028.939204][T19880] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3537'.
[ 1029.011362][T19883] FAULT_INJECTION: forcing a failure.
[ 1029.011362][T19883] name failslab, interval 1, probability 0, space 0, times 0
[ 1029.034783][T19883] CPU: 2 UID: 0 PID: 19883 Comm: syz.2.3538 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1029.034823][T19883] Tainted: [L]=SOFTLOCKUP
[ 1029.034830][T19883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1029.034843][T19883] Call Trace:
[ 1029.034849][T19883]  <TASK>
[ 1029.034856][T19883]  dump_stack_lvl+0x16c/0x1f0
[ 1029.034887][T19883]  should_fail_ex+0x512/0x640
[ 1029.034908][T19883]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1029.034934][T19883]  should_failslab+0xc2/0x120
[ 1029.034961][T19883]  __kmalloc_cache_noprof+0x80/0x800
[ 1029.034981][T19883]  ? rcu_is_watching+0x12/0xc0
[ 1029.035006][T19883]  ? call_usermodehelper_setup+0xaf/0x360
[ 1029.035029][T19883]  ? __pfx_free_modprobe_argv+0x10/0x10
[ 1029.035053][T19883]  ? call_usermodehelper_setup+0xaf/0x360
[ 1029.035073][T19883]  call_usermodehelper_setup+0xaf/0x360
[ 1029.035097][T19883]  __request_module+0x3bd/0x660
[ 1029.035122][T19883]  ? __pfx___request_module+0x10/0x10
[ 1029.035154][T19883]  ? crypto_alg_lookup+0x113/0x1e0
[ 1029.035180][T19883]  ? crypto_alg_mod_lookup+0x379/0x520
[ 1029.035207][T19883]  crypto_alg_mod_lookup+0x402/0x520
[ 1029.035233][T19883]  crypto_alloc_tfm_node+0xd3/0x260
[ 1029.035255][T19883]  ? kasan_save_track+0x14/0x30
[ 1029.035281][T19883]  ? __pfx_rng_bind+0x10/0x10
[ 1029.035308][T19883]  rng_bind+0x6c/0xf0
[ 1029.035337][T19883]  alg_bind+0x267/0x510
[ 1029.035361][T19883]  __sys_bind+0x1a7/0x260
[ 1029.035381][T19883]  ? __pfx___sys_bind+0x10/0x10
[ 1029.035396][T19883]  ? __fget_files+0x20e/0x3c0
[ 1029.035430][T19883]  ? __pfx_ksys_write+0x10/0x10
[ 1029.035461][T19883]  __ia32_sys_bind+0x71/0xb0
[ 1029.035478][T19883]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1029.035504][T19883]  __do_fast_syscall_32+0xe8/0x680
[ 1029.035564][T19883]  do_fast_syscall_32+0x32/0x80
[ 1029.035591][T19883]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1029.035613][T19883] RIP: 0023:0xf709d579
[ 1029.035628][T19883] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1029.035646][T19883] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[ 1029.035664][T19883] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1029.035675][T19883] RDX: 0000000000000058 RSI: 0000000000000000 RDI: 0000000000000000
[ 1029.035686][T19883] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1029.035696][T19883] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1029.035707][T19883] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1029.035730][T19883]  </TASK>
[ 1029.146211][    C2] hpet: Lost 6 RTC interrupts
[ 1029.367865][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1030.348383][T19929] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1030.351792][T19929] overlayfs: failed to set xattr on upper
[ 1030.354261][T19929] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1030.358843][T19929] overlayfs: ...falling back to index=off.
[ 1030.374262][T19929] overlayfs: ...falling back to uuid=null.
[ 1030.386165][T19932] FAULT_INJECTION: forcing a failure.
[ 1030.386165][T19932] name failslab, interval 1, probability 0, space 0, times 0
[ 1030.392059][T19932] CPU: 0 UID: 0 PID: 19932 Comm: syz.4.3550 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1030.392091][T19932] Tainted: [L]=SOFTLOCKUP
[ 1030.392097][T19932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1030.392110][T19932] Call Trace:
[ 1030.392117][T19932]  <TASK>
[ 1030.392125][T19932]  dump_stack_lvl+0x16c/0x1f0
[ 1030.392157][T19932]  should_fail_ex+0x512/0x640
[ 1030.392178][T19932]  ? __kvmalloc_node_noprof+0x129/0xa40
[ 1030.392207][T19932]  should_failslab+0xc2/0x120
[ 1030.392236][T19932]  __kvmalloc_node_noprof+0x14a/0xa40
[ 1030.392263][T19932]  ? hash_net_create+0x658/0x12a0
[ 1030.392297][T19932]  ? hash_net_create+0x658/0x12a0
[ 1030.392324][T19932]  hash_net_create+0x658/0x12a0
[ 1030.392353][T19932]  ? __nla_validate_parse+0x2866/0x2880
[ 1030.392379][T19932]  ? __pfx_hash_net_create+0x10/0x10
[ 1030.392408][T19932]  ip_set_create+0x80d/0x1520
[ 1030.392437][T19932]  ? __pfx_ip_set_create+0x10/0x10
[ 1030.392477][T19932]  ? find_held_lock+0x2b/0x80
[ 1030.392510][T19932]  nfnetlink_rcv_msg+0x9fc/0x1200
[ 1030.392543][T19932]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1030.392567][T19932]  ? stack_trace_save+0x8e/0xc0
[ 1030.392627][T19932]  ? __lock_acquire+0x436/0x2890
[ 1030.392652][T19932]  netlink_rcv_skb+0x158/0x420
[ 1030.392680][T19932]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1030.392703][T19932]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1030.392741][T19932]  ? ns_capable+0xd7/0x110
[ 1030.392769][T19932]  nfnetlink_rcv+0x1b3/0x430
[ 1030.392791][T19932]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1030.392812][T19932]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1030.392841][T19932]  netlink_unicast+0x5aa/0x870
[ 1030.392871][T19932]  ? __pfx_netlink_unicast+0x10/0x10
[ 1030.392906][T19932]  netlink_sendmsg+0x8c8/0xdd0
[ 1030.392936][T19932]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1030.392966][T19932]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1030.393000][T19932]  ____sys_sendmsg+0xa5d/0xc30
[ 1030.393031][T19932]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1030.393058][T19932]  ? get_compat_msghdr+0x11a/0x170
[ 1030.393093][T19932]  ___sys_sendmsg+0x134/0x1d0
[ 1030.393118][T19932]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1030.393154][T19932]  ? find_held_lock+0x2b/0x80
[ 1030.393194][T19932]  __sys_sendmsg+0x16d/0x220
[ 1030.393219][T19932]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1030.393252][T19932]  ? do_user_addr_fault+0x843/0x1370
[ 1030.393280][T19932]  __do_fast_syscall_32+0xe8/0x680
[ 1030.393311][T19932]  do_fast_syscall_32+0x32/0x80
[ 1030.393340][T19932]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1030.393363][T19932] RIP: 0023:0xf7f92579
[ 1030.393378][T19932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1030.393396][T19932] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1030.393416][T19932] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1030.393428][T19932] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1030.393439][T19932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1030.393450][T19932] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1030.393461][T19932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1030.393486][T19932]  </TASK>
[ 1030.611647][T19938] faux_driver vkms: [drm] Unknown color mode 262147; guessing buffer size.
[ 1030.718957][T19941] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3552'.
[ 1031.108801][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1032.300378][T19984] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3565'.
[ 1033.079661][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1033.107538][ T1162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1033.110337][ T1162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1033.548203][T20007] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3570'.
[ 1034.190313][T20028] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3577'.
[ 1034.507791][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1034.877455][T20053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3586'.
[ 1035.068897][T20059] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3587'.
[ 1035.395745][T20064] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3588'.
[ 1035.400210][T20064] netlink: 277 bytes leftover after parsing attributes in process `syz.3.3588'.
[ 1035.403334][T20064] netlink: 277 bytes leftover after parsing attributes in process `syz.3.3588'.
[ 1035.481286][T19529] udevd[19529]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1035.493298][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1035.866723][T15546] usb 9-1: new full-speed USB device number 46 using dummy_hcd
[ 1036.021194][T15546] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 1036.033405][T15546] usb 9-1: config 0 has no interface number 0
[ 1036.037853][T15546] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1036.042575][T15546] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 64
[ 1036.048128][T15546] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1036.052694][T15546] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1036.059043][T15546] usb 9-1: config 0 descriptor??
[ 1036.061690][T20067] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1036.069825][T15546] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1036.274465][T17777] usb 9-1: USB disconnect, device number 46
[ 1036.276602][    C1] iowarrior 9-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1036.472280][T20067] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3589'.
[ 1036.647805][T20098] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3598'.
[ 1037.547643][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1037.582876][T20123] netlink: 'syz.3.3605': attribute type 4 has an invalid length.
[ 1037.719100][T20129] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3608'.
[ 1037.723803][T20129] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3608'.
[ 1037.730964][T20129] Bluetooth: MGMT ver 1.23
[ 1037.732505][T20129] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1037.736028][T20129] netlink: 'syz.4.3608': attribute type 3 has an invalid length.
[ 1037.738712][T20129] netlink: 'syz.4.3608': attribute type 1 has an invalid length.
[ 1037.741338][T20129] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3608'.
[ 1037.756470][T20129] NCSI netlink: No device for ifindex 0
[ 1037.863038][T20143] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3611'.
[ 1038.125366][T20152] gre0: Master is either lo or non-ether device
[ 1038.692056][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1039.067771][T20184] 8021q: VLANs not supported on wg0
[ 1039.137797][T20186] x_tables: duplicate underflow at hook 1
[ 1039.141566][T20186] hub 8-0:1.0: USB hub found
[ 1039.143426][T20186] hub 8-0:1.0: 1 port detected
[ 1039.313332][T20195] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3625'.
[ 1039.727072][T19529] udevd[19529]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1039.753453][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1040.325914][T20214] xt_bpf: check failed: parse error
[ 1041.035847][T20223] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1041.038120][T20223] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1041.041710][T20223] vhci_hcd vhci_hcd.0: Device attached
[ 1041.170826][T20224] vhci_hcd: connection closed
[ 1041.171126][ T7988] vhci_hcd vhci_hcd.4: stop threads
[ 1041.175684][ T7988] vhci_hcd vhci_hcd.4: release socket
[ 1041.179624][ T7988] vhci_hcd vhci_hcd.4: disconnect device
[ 1041.765193][T20243] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3637'.
[ 1041.887053][T20246] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[ 1041.889238][T20246] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1041.895929][T20246] vhci_hcd vhci_hcd.0: Device attached
[ 1042.035949][T20244] x_tables: duplicate underflow at hook 1
[ 1042.166296][ T6027] usb 38-1: SetAddress Request (59) to port 0
[ 1042.168410][ T6027] usb 38-1: new SuperSpeed USB device number 59 using vhci_hcd
[ 1042.385310][T20247] vhci_hcd: connection reset by peer
[ 1042.388588][ T8026] vhci_hcd vhci_hcd.0: stop threads
[ 1042.390702][ T8026] vhci_hcd vhci_hcd.0: release socket
[ 1042.392544][ T8026] vhci_hcd vhci_hcd.0: disconnect device
[ 1042.570894][T20265] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[ 1042.573076][T20265] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1042.585968][T20265] vhci_hcd vhci_hcd.0: Device attached
[ 1042.875893][T17777] usb 46-1: SetAddress Request (50) to port 0
[ 1042.878218][T17777] usb 46-1: new SuperSpeed USB device number 50 using vhci_hcd
[ 1042.975901][ T6008] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[ 1043.158944][ T6008] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1043.163095][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1043.167784][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1043.171189][ T6008] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1043.175844][ T6008] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1043.179086][ T6008] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1043.186493][ T6008] usb 8-1: config 0 descriptor??
[ 1043.199762][T20266] vhci_hcd: connection reset by peer
[ 1043.206095][   T62] vhci_hcd vhci_hcd.4: stop threads
[ 1043.208036][   T62] vhci_hcd vhci_hcd.4: release socket
[ 1043.210917][   T62] vhci_hcd vhci_hcd.4: disconnect device
[ 1043.222010][T20279] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3646'.
[ 1043.379826][T19529] udevd[19529]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1043.387183][T19459] udevd[19459]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1043.476414][T20288] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[ 1043.478728][T20288] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1043.481525][T20288] vhci_hcd vhci_hcd.0: Device attached
[ 1043.595549][ T6008] hid_parser_main: 8 callbacks suppressed
[ 1043.595562][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.604401][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.607836][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.614553][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.621724][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.625450][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.630143][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.634267][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.638044][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.640975][ T6008] plantronics 0003:047F:FFFF.003B: unknown main item tag 0x0
[ 1043.658587][ T6008] plantronics 0003:047F:FFFF.003B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1043.980434][T20289] vhci_hcd: connection closed
[ 1043.984628][   T62] vhci_hcd vhci_hcd.0: stop threads
[ 1043.988637][   T62] vhci_hcd vhci_hcd.0: release socket
[ 1043.993508][   T62] vhci_hcd vhci_hcd.0: disconnect device
[ 1044.007522][T20315] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[ 1044.010280][T20315] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1044.013111][T20315] vhci_hcd vhci_hcd.0: Device attached
[ 1044.256000][ T6008] usb 43-1: new low-speed USB device number 4 using vhci_hcd
[ 1044.563645][T20319] FAULT_INJECTION: forcing a failure.
[ 1044.563645][T20319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1044.572791][T20319] CPU: 0 UID: 0 PID: 20319 Comm: syz.0.3655 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1044.572824][T20319] Tainted: [L]=SOFTLOCKUP
[ 1044.572832][T20319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1044.572844][T20319] Call Trace:
[ 1044.572850][T20319]  <TASK>
[ 1044.572858][T20319]  dump_stack_lvl+0x16c/0x1f0
[ 1044.572890][T20319]  should_fail_ex+0x512/0x640
[ 1044.572915][T20319]  _copy_from_user+0x2e/0xd0
[ 1044.572936][T20319]  l2cap_sock_setsockopt+0x1a06/0x2400
[ 1044.572967][T20319]  ? aa_sk_perm+0x2f2/0xae0
[ 1044.572991][T20319]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[ 1044.573019][T20319]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1044.573043][T20319]  ? find_held_lock+0x2b/0x80
[ 1044.573075][T20319]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[ 1044.573105][T20319]  do_sock_setsockopt+0xf3/0x1d0
[ 1044.573137][T20319]  __sys_setsockopt+0x120/0x1a0
[ 1044.573163][T20319]  __ia32_sys_setsockopt+0xbc/0x160
[ 1044.573201][T20319]  ? __do_fast_syscall_32+0x9a/0x680
[ 1044.573230][T20319]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1044.573257][T20319]  __do_fast_syscall_32+0xe8/0x680
[ 1044.573288][T20319]  do_fast_syscall_32+0x32/0x80
[ 1044.573316][T20319]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1044.573353][T20319] RIP: 0023:0xf700d579
[ 1044.573369][T20319] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1044.573387][T20319] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[ 1044.573404][T20319] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000006
[ 1044.573416][T20319] RDX: 0000000000000003 RSI: 0000000080000280 RDI: 0000000000000004
[ 1044.573427][T20319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1044.573438][T20319] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1044.573448][T20319] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1044.573473][T20319]  </TASK>
[ 1045.005481][T20321] netlink: 'syz.0.3656': attribute type 5 has an invalid length.
[ 1045.582030][T20343] dummy0: entered promiscuous mode
[ 1045.587303][T20342] dummy0: left promiscuous mode
[ 1045.755542][T20315] [U] 
[ 1045.757092][T20316] vhci_hcd: connection reset by peer
[ 1045.762087][ T6026] usb 8-1: USB disconnect, device number 26
[ 1045.798854][ T7988] vhci_hcd vhci_hcd.3: stop threads
[ 1045.807335][ T7988] vhci_hcd vhci_hcd.3: release socket
[ 1045.811613][ T7988] vhci_hcd vhci_hcd.3: disconnect device
[ 1045.957518][T20356] FAULT_INJECTION: forcing a failure.
[ 1045.957518][T20356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1045.957578][T20356] CPU: 2 UID: 0 PID: 20356 Comm: syz.2.3666 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1045.957606][T20356] Tainted: [L]=SOFTLOCKUP
[ 1045.957611][T20356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1045.957618][T20356] Call Trace:
[ 1045.957623][T20356]  <TASK>
[ 1045.957628][T20356]  dump_stack_lvl+0x16c/0x1f0
[ 1045.957655][T20356]  should_fail_ex+0x512/0x640
[ 1045.957671][T20356]  _copy_from_user+0x2e/0xd0
[ 1045.957684][T20356]  input_event_from_user+0x137/0x290
[ 1045.957702][T20356]  ? __pfx_input_event_from_user+0x10/0x10
[ 1045.957718][T20356]  ? input_inject_event+0x1c0/0x3b0
[ 1045.957735][T20356]  evdev_write+0x26b/0x440
[ 1045.957752][T20356]  ? __pfx_evdev_write+0x10/0x10
[ 1045.957768][T20356]  ? bpf_lsm_file_permission+0x9/0x10
[ 1045.957781][T20356]  ? security_file_permission+0x71/0x210
[ 1045.957796][T20356]  ? rw_verify_area+0xcf/0x6c0
[ 1045.957812][T20356]  ? __pfx_evdev_write+0x10/0x10
[ 1045.957826][T20356]  vfs_write+0x2a0/0x11d0
[ 1045.957845][T20356]  ? __pfx_vfs_write+0x10/0x10
[ 1045.957860][T20356]  ? find_held_lock+0x2b/0x80
[ 1045.957875][T20356]  ? __fget_files+0x204/0x3c0
[ 1045.957893][T20356]  ? __fget_files+0x20e/0x3c0
[ 1045.957913][T20356]  ksys_write+0x1f8/0x250
[ 1045.957928][T20356]  ? __pfx_ksys_write+0x10/0x10
[ 1045.957945][T20356]  ? do_user_addr_fault+0x843/0x1370
[ 1045.957962][T20356]  __do_fast_syscall_32+0xe8/0x680
[ 1045.957982][T20356]  do_fast_syscall_32+0x32/0x80
[ 1045.957999][T20356]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1045.958013][T20356] RIP: 0023:0xf709d579
[ 1045.958023][T20356] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1045.958034][T20356] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1045.958046][T20356] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1045.958053][T20356] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[ 1045.958059][T20356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1045.958065][T20356] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1045.958072][T20356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1045.958086][T20356]  </TASK>
[ 1046.025933][T20362] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3667'.
[ 1046.077549][T20362] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3667'.
[ 1046.077565][T20362] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3667'.
[ 1046.115095][T20366] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3671'.
[ 1046.126843][T20366] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3671'.
[ 1046.750246][T20380] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3675'.
[ 1046.766509][T20380] netlink: 'syz.0.3675': attribute type 10 has an invalid length.
[ 1046.776412][T20380] wlan1: mtu less than device minimum
[ 1046.778770][T20380] .`: (slave wlan1): Error -22 calling dev_set_mtu
[ 1047.056624][T20387] new mount options do not match the existing superblock, will be ignored
[ 1047.060909][T20387] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[ 1047.207406][ T6027] usb 38-1: device descriptor read/8, error -110
[ 1047.283998][T20395] overlayfs: overlapping lowerdir path
[ 1047.324076][T20395] overlay: Unknown parameter '/'
[ 1047.490609][T20402] input: syz1 as /devices/virtual/input/input46
[ 1047.610369][ T6027] usb usb38-port1: attempt power cycle
[ 1047.935889][T17777] usb 46-1: device descriptor read/8, error -110
[ 1048.178070][T20407] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3682'.
[ 1048.181232][T20407] FAULT_INJECTION: forcing a failure.
[ 1048.181232][T20407] name failslab, interval 1, probability 0, space 0, times 0
[ 1048.185428][T20407] CPU: 1 UID: 0 PID: 20407 Comm: syz.3.3682 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1048.185456][T20407] Tainted: [L]=SOFTLOCKUP
[ 1048.185463][T20407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1048.185475][T20407] Call Trace:
[ 1048.185482][T20407]  <TASK>
[ 1048.185490][T20407]  dump_stack_lvl+0x16c/0x1f0
[ 1048.185521][T20407]  should_fail_ex+0x512/0x640
[ 1048.185542][T20407]  ? __kmalloc_noprof+0xca/0x910
[ 1048.185566][T20407]  should_failslab+0xc2/0x120
[ 1048.185594][T20407]  __kmalloc_noprof+0xeb/0x910
[ 1048.185614][T20407]  ? nla_strdup+0xc6/0x150
[ 1048.185636][T20407]  ? nft_trans_alloc+0x1d/0x2d0
[ 1048.185673][T20407]  ? nft_trans_alloc+0x1d/0x2d0
[ 1048.185695][T20407]  nft_trans_alloc+0x1d/0x2d0
[ 1048.185719][T20407]  nf_tables_addchain.constprop.0+0x73d/0x1c90
[ 1048.185752][T20407]  ? nft_chain_lookup+0x5be/0xaa0
[ 1048.185790][T20407]  ? __pfx_nf_tables_addchain.constprop.0+0x10/0x10
[ 1048.185821][T20407]  ? __lock_acquire+0x436/0x2890
[ 1048.185858][T20407]  ? nla_strcmp+0xff/0x130
[ 1048.185884][T20407]  ? nft_table_lookup.part.0+0x1e3/0x230
[ 1048.185915][T20407]  nf_tables_newchain+0x206d/0x2da0
[ 1048.185954][T20407]  ? __nla_validate_parse+0x600/0x2880
[ 1048.185982][T20407]  ? __pfx_nf_tables_newchain+0x10/0x10
[ 1048.186011][T20407]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1048.186047][T20407]  ? __nla_parse+0x40/0x60
[ 1048.186075][T20407]  nfnetlink_rcv_batch+0x190d/0x2350
[ 1048.186111][T20407]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[ 1048.186137][T20407]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1048.186164][T20407]  ? __dev_queue_xmit+0x782/0x4650
[ 1048.186183][T20407]  ? __local_bh_enable_ip+0xa4/0x120
[ 1048.186246][T20407]  ? __nla_parse+0x40/0x60
[ 1048.186274][T20407]  nfnetlink_rcv+0x3c1/0x430
[ 1048.186292][T20407]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1048.186318][T20407]  netlink_unicast+0x5aa/0x870
[ 1048.186346][T20407]  ? __pfx_netlink_unicast+0x10/0x10
[ 1048.186381][T20407]  netlink_sendmsg+0x8c8/0xdd0
[ 1048.186410][T20407]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1048.186434][T20407]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1048.186467][T20407]  ____sys_sendmsg+0xa5d/0xc30
[ 1048.186497][T20407]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1048.186522][T20407]  ? get_compat_msghdr+0x11a/0x170
[ 1048.186557][T20407]  ___sys_sendmsg+0x134/0x1d0
[ 1048.186582][T20407]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1048.186617][T20407]  ? find_held_lock+0x2b/0x80
[ 1048.186664][T20407]  __sys_sendmsg+0x16d/0x220
[ 1048.186689][T20407]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1048.186722][T20407]  ? do_user_addr_fault+0x843/0x1370
[ 1048.186748][T20407]  __do_fast_syscall_32+0xe8/0x680
[ 1048.186779][T20407]  do_fast_syscall_32+0x32/0x80
[ 1048.186807][T20407]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1048.186830][T20407] RIP: 0023:0xf7f94579
[ 1048.186846][T20407] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1048.186864][T20407] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1048.186881][T20407] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1048.186894][T20407] RDX: 0000000000008010 RSI: 0000000000000000 RDI: 0000000000000000
[ 1048.186905][T20407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1048.186917][T20407] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1048.186928][T20407] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1048.186953][T20407]  </TASK>
[ 1048.193300][ T6027] usb usb38-port1: unable to enumerate USB device
[ 1048.350674][T17777] usb usb46-port1: attempt power cycle
[ 1048.946425][T17777] usb usb46-port1: unable to enumerate USB device
[ 1049.356047][ T6008] vhci_hcd vhci_hcd.3: vhci_device speed not set
[ 1049.549552][T20433] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3691'.
[ 1049.724353][T20437] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3692'.
[ 1049.728284][T20437] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3692'.
[ 1049.778008][T20439] lo speed is unknown, defaulting to 1000
[ 1050.051677][    C2] hpet: Lost 1 RTC interrupts
[ 1050.655102][T20459] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3699'.
[ 1050.945925][ T6027] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[ 1050.966827][T20465] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3702'.
[ 1050.998126][T20469] FAULT_INJECTION: forcing a failure.
[ 1050.998126][T20469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1051.008202][T20469] CPU: 2 UID: 0 PID: 20469 Comm: syz.4.3700 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1051.008236][T20469] Tainted: [L]=SOFTLOCKUP
[ 1051.008243][T20469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1051.008255][T20469] Call Trace:
[ 1051.008262][T20469]  <TASK>
[ 1051.008270][T20469]  dump_stack_lvl+0x16c/0x1f0
[ 1051.008303][T20469]  should_fail_ex+0x512/0x640
[ 1051.008331][T20469]  _copy_to_user+0x32/0xd0
[ 1051.008354][T20469]  simple_read_from_buffer+0xcb/0x170
[ 1051.008382][T20469]  proc_fail_nth_read+0x197/0x240
[ 1051.008415][T20469]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1051.008445][T20469]  ? rw_verify_area+0xcf/0x6c0
[ 1051.008467][T20469]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1051.008496][T20469]  vfs_read+0x1e4/0xcf0
[ 1051.008522][T20469]  ? __pfx___mutex_lock+0x10/0x10
[ 1051.008553][T20469]  ? __pfx_vfs_read+0x10/0x10
[ 1051.008575][T20469]  ? find_held_lock+0x2b/0x80
[ 1051.008607][T20469]  ? __fget_files+0x20e/0x3c0
[ 1051.008640][T20469]  ksys_read+0x12a/0x250
[ 1051.008666][T20469]  ? __pfx_ksys_read+0x10/0x10
[ 1051.008706][T20469]  __do_fast_syscall_32+0xe8/0x680
[ 1051.008737][T20469]  do_fast_syscall_32+0x32/0x80
[ 1051.008765][T20469]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1051.008788][T20469] RIP: 0023:0xf7f92579
[ 1051.008803][T20469] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1051.008821][T20469] RSP: 002b:00000000f5486590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1051.008839][T20469] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5486620
[ 1051.008852][T20469] RDX: 000000000000000f RSI: 00000000f7426ff4 RDI: 0000000000000000
[ 1051.008862][T20469] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1051.008873][T20469] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1051.008883][T20469] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1051.008909][T20469]  </TASK>
[ 1051.093801][    C2] hpet: Lost 4 RTC interrupts
[ 1051.176499][ T6027] usb 8-1: Using ep0 maxpacket: 8
[ 1051.257398][ T6027] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[ 1051.261579][ T6027] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1051.268841][ T6027] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1051.284390][ T6027] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 8480, setting to 1024
[ 1051.301286][ T6027] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1051.312653][ T6027] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1051.329355][ T6027] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1051.339871][ T6027] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1052.076632][T20487] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1052.207757][ T6027] usb 8-1: usb_control_msg returned -32
[ 1052.209636][ T6027] usbtmc 8-1:16.0: can't read capabilities
[ 1052.232058][ T6027] usb 8-1: USB disconnect, device number 27
[ 1052.294747][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.294945][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.299045][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.301986][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.305324][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.309786][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.312534][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.315863][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.318977][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.321472][T16527] Bluetooth: hci4: SCO packet for unknown connection handle 200
[ 1052.363637][T20501] x_tables: duplicate underflow at hook 1
[ 1053.158129][T20516] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3717'.
[ 1053.586039][T20532] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1053.588572][T20532] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1053.591591][T20532] vhci_hcd vhci_hcd.0: Device attached
[ 1053.597762][T20532] random: crng reseeded on system resumption
[ 1053.615251][T20540] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3724'.
[ 1053.620213][T20540] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3724'.
[ 1053.629473][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1053.632310][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1053.858693][T20545] fuse: Bad value for 'fd'
[ 1053.865952][ T6008] usb 46-1: SetAddress Request (54) to port 0
[ 1053.868149][ T6008] usb 46-1: new SuperSpeed USB device number 54 using vhci_hcd
[ 1053.982419][T20553] 9p: Bad value for 'version'
[ 1054.146595][T20558] tipc: Enabled bearer <udp:s>, priority 10
[ 1054.203615][T20534] vhci_hcd: connection reset by peer
[ 1054.206656][ T1054] vhci_hcd vhci_hcd.4: stop threads
[ 1054.209101][ T1054] vhci_hcd vhci_hcd.4: release socket
[ 1054.212084][ T1054] vhci_hcd vhci_hcd.4: disconnect device
[ 1054.686673][T20572] vimc link validate: Sensor A:src:16x16 (0x33424752, 12, 0, 5, 2) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1054.811832][T20576] /dev/nullb0: Can't open blockdev
[ 1054.872078][T20581] 9p: Bad value for 'version'
[ 1054.999892][T20593] x_tables: duplicate underflow at hook 1
[ 1055.003591][T20593] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3741'.
[ 1055.029177][T20596] FAULT_INJECTION: forcing a failure.
[ 1055.029177][T20596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1055.033407][T20596] CPU: 2 UID: 0 PID: 20596 Comm: syz.4.3743 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1055.033427][T20596] Tainted: [L]=SOFTLOCKUP
[ 1055.033431][T20596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1055.033438][T20596] Call Trace:
[ 1055.033443][T20596]  <TASK>
[ 1055.033449][T20596]  dump_stack_lvl+0x16c/0x1f0
[ 1055.033479][T20596]  should_fail_ex+0x512/0x640
[ 1055.033501][T20596]  _copy_from_user+0x2e/0xd0
[ 1055.033522][T20596]  video_usercopy+0x723/0x13e0
[ 1055.033548][T20596]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1055.033580][T20596]  ? __pfx_video_usercopy+0x10/0x10
[ 1055.033605][T20596]  ? hook_file_ioctl_common+0x144/0x410
[ 1055.033621][T20596]  v4l2_ioctl+0x1bd/0x250
[ 1055.033636][T20596]  ? fput+0x71/0xf0
[ 1055.033648][T20596]  v4l2_compat_ioctl32+0x217/0x2e0
[ 1055.033662][T20596]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[ 1055.033676][T20596]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1055.033692][T20596]  __do_fast_syscall_32+0xe8/0x680
[ 1055.033711][T20596]  do_fast_syscall_32+0x32/0x80
[ 1055.033742][T20596]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1055.033758][T20596] RIP: 0023:0xf7f92579
[ 1055.033768][T20596] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1055.033779][T20596] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1055.033790][T20596] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040045612
[ 1055.033797][T20596] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1055.033804][T20596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1055.033810][T20596] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1055.033816][T20596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1055.033830][T20596]  </TASK>
[ 1055.099050][    C2] hpet: Lost 3 RTC interrupts
[ 1055.117237][T20599] vimc link validate: Sensor A:src:16x16 (0x33424752, 12, 0, 5, 2) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1055.276011][T16133] tipc: Node number set to 2130706433
[ 1055.616073][T20613] 9p: Bad value for 'version'
[ 1055.828613][T20624] openvswitch: netlink: IP tunnel dst address not specified
[ 1056.926112][T20648] 9p: Bad value for 'version'
[ 1057.485934][T17777] usb 9-1: new high-speed USB device number 47 using dummy_hcd
[ 1057.635923][T17777] usb 9-1: Using ep0 maxpacket: 8
[ 1057.638891][T17777] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1057.641347][T17777] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1057.644510][T17777] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.648814][T17777] usb 9-1: config 0 descriptor??
[ 1058.056299][T17777] hid_parser_main: 5 callbacks suppressed
[ 1058.056313][T17777] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[ 1058.060801][T17777] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[ 1058.063208][T17777] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[ 1058.065622][T17777] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[ 1058.068229][T17777] mcp2221 0003:04D8:00DD.003C: unknown main item tag 0x0
[ 1058.074580][T17777] mcp2221 0003:04D8:00DD.003C: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[ 1058.105888][    T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1058.255689][T20665] FAULT_INJECTION: forcing a failure.
[ 1058.255689][T20665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1058.261094][T20665] CPU: 2 UID: 0 PID: 20665 Comm: syz.4.3765 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1058.261123][T20665] Tainted: [L]=SOFTLOCKUP
[ 1058.261129][T20665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1058.261141][T20665] Call Trace:
[ 1058.261147][T20665]  <TASK>
[ 1058.261154][T20665]  dump_stack_lvl+0x16c/0x1f0
[ 1058.261185][T20665]  should_fail_ex+0x512/0x640
[ 1058.261210][T20665]  _copy_to_user+0x32/0xd0
[ 1058.261232][T20665]  simple_read_from_buffer+0xcb/0x170
[ 1058.261257][T20665]  proc_fail_nth_read+0x197/0x240
[ 1058.261287][T20665]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1058.261318][T20665]  ? rw_verify_area+0xcf/0x6c0
[ 1058.261341][T20665]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1058.261369][T20665]  vfs_read+0x1e4/0xcf0
[ 1058.261394][T20665]  ? __pfx___mutex_lock+0x10/0x10
[ 1058.261422][T20665]  ? __pfx_vfs_read+0x10/0x10
[ 1058.261445][T20665]  ? find_held_lock+0x2b/0x80
[ 1058.261473][T20665]  ? __fget_files+0x20e/0x3c0
[ 1058.261497][T20665]  ? __fget_files+0x160/0x3c0
[ 1058.261526][T20665]  ksys_read+0x12a/0x250
[ 1058.261550][T20665]  ? __pfx_ksys_read+0x10/0x10
[ 1058.261576][T20665]  ? fdget+0x187/0x210
[ 1058.261609][T20665]  __do_fast_syscall_32+0xe8/0x680
[ 1058.261638][T20665]  do_fast_syscall_32+0x32/0x80
[ 1058.261665][T20665]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1058.261686][T20665] RIP: 0023:0xf7f92579
[ 1058.261701][T20665] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1058.261719][T20665] RSP: 002b:00000000f5486590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1058.261737][T20665] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5486620
[ 1058.261748][T20665] RDX: 000000000000000f RSI: 00000000f7426ff4 RDI: 0000000000000000
[ 1058.261758][T20665] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1058.261770][T20665] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1058.261780][T20665] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1058.261804][T20665]  </TASK>
[ 1058.265924][    T9] usb 5-1: Using ep0 maxpacket: 8
[ 1058.350300][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1058.353321][    T9] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1058.357767][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1058.366624][    T9] usb 5-1: config 0 descriptor??
[ 1058.969146][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[ 1058.972254][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[ 1059.055657][T17777] usb 9-1: USB disconnect, device number 47
[ 1059.567513][ T6008] usb 46-1: device descriptor read/8, error -110
[ 1059.576725][    T9] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[ 1059.579047][    T9] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[ 1059.581599][    T9] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[ 1059.583956][    T9] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[ 1059.586347][    T9] mcp2221 0003:04D8:00DD.003D: unknown main item tag 0x0
[ 1059.589251][    T9] mcp2221 0003:04D8:00DD.003D: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[ 1059.657075][T20679] FAULT_INJECTION: forcing a failure.
[ 1059.657075][T20679] name failslab, interval 1, probability 0, space 0, times 0
[ 1059.662880][T20679] CPU: 1 UID: 0 PID: 20679 Comm: syz.4.3769 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1059.662901][T20679] Tainted: [L]=SOFTLOCKUP
[ 1059.662905][T20679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1059.662912][T20679] Call Trace:
[ 1059.662916][T20679]  <TASK>
[ 1059.662921][T20679]  dump_stack_lvl+0x16c/0x1f0
[ 1059.662942][T20679]  should_fail_ex+0x512/0x640
[ 1059.662957][T20679]  should_failslab+0xc2/0x120
[ 1059.662975][T20679]  kmem_cache_alloc_node_noprof+0x86/0x800
[ 1059.662989][T20679]  ? percpu_ref_put_many.constprop.0+0xc4/0x2a0
[ 1059.663001][T20679]  ? zswap_store+0x850/0x2800
[ 1059.663016][T20679]  ? zswap_store+0x850/0x2800
[ 1059.663027][T20679]  zswap_store+0x850/0x2800
[ 1059.663044][T20679]  ? __pfx_zswap_store+0x10/0x10
[ 1059.663056][T20679]  ? folio_free_swap+0x229/0x740
[ 1059.663073][T20679]  ? do_raw_spin_unlock+0x172/0x230
[ 1059.663088][T20679]  ? _raw_spin_unlock+0x28/0x50
[ 1059.663116][T20679]  ? folio_free_swap+0x285/0x740
[ 1059.663131][T20679]  ? rcu_is_watching+0x12/0xc0
[ 1059.663149][T20679]  swap_writeout+0x3f4/0x1090
[ 1059.663162][T20679]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1059.663178][T20679]  shmem_writeout+0xc21/0x1140
[ 1059.663194][T20679]  ? __pfx_shmem_writeout+0x10/0x10
[ 1059.663208][T20679]  ? inode_to_bdi+0x9e/0x160
[ 1059.663222][T20679]  ? folio_clear_dirty_for_io+0x112/0x6b0
[ 1059.663240][T20679]  shrink_folio_list+0x3003/0x4a70
[ 1059.663285][T20679]  ? __pfx_shrink_folio_list+0x10/0x10
[ 1059.663298][T20679]  ? __lock_acquire+0x436/0x2890
[ 1059.663311][T20679]  ? sched_clock+0x38/0x60
[ 1059.663334][T20679]  ? lock_acquire+0x179/0x330
[ 1059.663344][T20679]  ? find_held_lock+0x2b/0x80
[ 1059.663374][T20679]  reclaim_folio_list+0xda/0x5a0
[ 1059.663387][T20679]  ? __pfx_reclaim_folio_list+0x10/0x10
[ 1059.663406][T20679]  ? reclaim_pages+0x2b3/0x570
[ 1059.663418][T20679]  ? __list_add_valid_or_report+0x40/0x190
[ 1059.663436][T20679]  reclaim_pages+0x3ec/0x570
[ 1059.663449][T20679]  ? __pfx_reclaim_pages+0x10/0x10
[ 1059.663468][T20679]  madvise_cold_or_pageout_pte_range+0x1624/0x2100
[ 1059.663494][T20679]  ? arch_stack_walk+0x40/0x100
[ 1059.663515][T20679]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 1059.663542][T20679]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 1059.663562][T20679]  walk_pgd_range+0xc10/0x1f80
[ 1059.663601][T20679]  ? __pfx_walk_pgd_range+0x10/0x10
[ 1059.663623][T20679]  ? folios_put_refs+0x51d/0x750
[ 1059.663648][T20679]  __walk_page_range+0x163/0x820
[ 1059.663682][T20679]  walk_page_range_vma_unsafe+0x23f/0x9e0
[ 1059.663709][T20679]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[ 1059.663737][T20679]  ? find_held_lock+0x2b/0x80
[ 1059.663759][T20679]  ? mlock_drain_local+0x22d/0x4e0
[ 1059.663784][T20679]  walk_page_range_vma+0x63/0x90
[ 1059.663809][T20679]  madvise_pageout+0x257/0x540
[ 1059.663838][T20679]  ? __pfx_madvise_pageout+0x10/0x10
[ 1059.663864][T20679]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1059.663905][T20679]  ? mas_prev_slot+0x4c9/0x1a20
[ 1059.663937][T20679]  madvise_vma_behavior+0x912/0x29e0
[ 1059.663959][T20679]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1059.663979][T20679]  ? mas_prev+0x9b/0xf0
[ 1059.664005][T20679]  ? __pfx_mas_prev+0x10/0x10
[ 1059.664039][T20679]  ? find_vma_prev+0xd3/0x150
[ 1059.664066][T20679]  ? __pfx_find_vma_prev+0x10/0x10
[ 1059.664100][T20679]  ? __lock_acquire+0x436/0x2890
[ 1059.664122][T20679]  madvise_walk_vmas+0x31f/0xac0
[ 1059.664144][T20679]  ? __pfx_madvise_walk_vmas+0x10/0x10
[ 1059.664170][T20679]  madvise_do_behavior+0x1e2/0x530
[ 1059.664190][T20679]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1059.664209][T20679]  ? down_read+0x13d/0x460
[ 1059.664238][T20679]  do_madvise+0x176/0x240
[ 1059.664255][T20679]  ? __pfx_do_madvise+0x10/0x10
[ 1059.664271][T20679]  ? __mutex_unlock_slowpath+0x161/0x790
[ 1059.664306][T20679]  ? __fget_files+0x20e/0x3c0
[ 1059.664345][T20679]  ? __pfx_ksys_write+0x10/0x10
[ 1059.664374][T20679]  __ia32_sys_madvise+0xa7/0x110
[ 1059.664390][T20679]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1059.664414][T20679]  __do_fast_syscall_32+0xe8/0x680
[ 1059.664443][T20679]  do_fast_syscall_32+0x32/0x80
[ 1059.664470][T20679]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1059.664493][T20679] RIP: 0023:0xf7f92579
[ 1059.664508][T20679] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1059.664525][T20679] RSP: 002b:00000000f544455c EFLAGS: 00000296 ORIG_RAX: 00000000000000db
[ 1059.664542][T20679] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600000
[ 1059.664554][T20679] RDX: 0000000000000015 RSI: 0000000000000000 RDI: 0000000000000000
[ 1059.664565][T20679] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1059.664575][T20679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1059.664584][T20679] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1059.664609][T20679]  </TASK>
[ 1059.670041][    T9] usb 5-1: USB disconnect, device number 22
[ 1059.906650][T20682] 9p: Bad value for 'version'
[ 1060.458569][T20697] netem: incorrect ge model size
[ 1060.536997][T20705] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 1060.547149][   T40] audit: type=1326 audit(2000000069.358:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20704 comm="syz.3.3777" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x0
[ 1060.817427][ T6008] usb usb46-port1: attempt power cycle
[ 1061.285288][T20719] 9p: Bad value for 'version'
[ 1061.427217][T20725] random: crng reseeded on system resumption
[ 1061.493611][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1061.498251][ T6008] usb usb46-port1: unable to enumerate USB device
[ 1061.518107][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1061.528583][T20729] usb 2-1: USB disconnect, device number 2
[ 1061.901787][T20733] FAULT_INJECTION: forcing a failure.
[ 1061.901787][T20733] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1061.907133][T20733] CPU: 2 UID: 0 PID: 20733 Comm: syz.3.3785 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1061.907165][T20733] Tainted: [L]=SOFTLOCKUP
[ 1061.907171][T20733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1061.907184][T20733] Call Trace:
[ 1061.907190][T20733]  <TASK>
[ 1061.907198][T20733]  dump_stack_lvl+0x16c/0x1f0
[ 1061.907269][T20733]  should_fail_ex+0x512/0x640
[ 1061.907295][T20733]  copy_fpstate_to_sigframe+0x827/0xad0
[ 1061.907327][T20733]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 1061.907354][T20733]  ? posixtimer_deliver_signal+0x105/0x6b0
[ 1061.907383][T20733]  ? irqentry_exit+0x1dd/0x8c0
[ 1061.907410][T20733]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1061.907434][T20733]  ? x86_task_fpu+0x5f/0x90
[ 1061.907460][T20733]  get_sigframe+0x4a8/0x9c0
[ 1061.907489][T20733]  ? __pfx_get_sigframe+0x10/0x10
[ 1061.907511][T20733]  ? trace_irq_enable.constprop.0+0x2f/0x110
[ 1061.907542][T20733]  ? _raw_spin_unlock_irq+0x29/0x50
[ 1061.907564][T20733]  ? siginfo_layout+0x177/0x290
[ 1061.907589][T20733]  ia32_setup_rt_frame+0xe4/0xb30
[ 1061.907624][T20733]  ? vfs_write+0x15d/0x11d0
[ 1061.907655][T20733]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[ 1061.907676][T20733]  ? __pfx_vfs_write+0x10/0x10
[ 1061.907698][T20733]  ? find_held_lock+0x2b/0x80
[ 1061.907723][T20733]  arch_do_signal_or_restart+0x475/0x7a0
[ 1061.907748][T20733]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1061.907779][T20733]  ? fput+0x70/0xf0
[ 1061.907800][T20733]  exit_to_user_mode_loop+0x8c/0x540
[ 1061.907826][T20733]  __do_fast_syscall_32+0x4a4/0x680
[ 1061.907857][T20733]  do_fast_syscall_32+0x32/0x80
[ 1061.907885][T20733]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1061.907969][T20733] RIP: 0023:0xf7f94577
[ 1061.907987][T20733] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[ 1061.908004][T20733] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1061.908022][T20733] RAX: 0000000000000004 RBX: 0000000000000006 RCX: 0000000080000380
[ 1061.908033][T20733] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[ 1061.908044][T20733] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1061.908055][T20733] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1061.908065][T20733] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1061.908093][T20733]  </TASK>
[ 1061.997127][    C2] hpet: Lost 4 RTC interrupts
[ 1062.354044][T20745] macvtap1: entered promiscuous mode
[ 1062.356357][T20745] mac80211_hwsim hwsim27 wlan1: entered promiscuous mode
[ 1062.361228][T20745] mac80211_hwsim hwsim27 wlan1: left promiscuous mode
[ 1062.599159][T20753] 9p: Bad value for 'version'
[ 1062.626839][T20751] tmpfs: Unknown parameter '����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������tmpfs'
[ 1063.420739][T20774] ipvlan2: entered allmulticast mode
[ 1063.425301][T20774] batadv_slave_1: entered allmulticast mode
[ 1063.437851][T20774] batman_adv: batadv0: Adding interface: ipvlan2
[ 1063.440152][T20774] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1063.455865][T20774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1063.461000][T20774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1063.464252][T20774] batman_adv: batadv0: Interface activated: ipvlan2
[ 1064.058167][T20791] vlan2: entered allmulticast mode
[ 1064.535432][T20795] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3801'.
[ 1064.565566][T20799] FAULT_INJECTION: forcing a failure.
[ 1064.565566][T20799] name failslab, interval 1, probability 0, space 0, times 0
[ 1064.583614][T20799] CPU: 0 UID: 0 PID: 20799 Comm: syz.0.3802 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1064.583636][T20799] Tainted: [L]=SOFTLOCKUP
[ 1064.583641][T20799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1064.583649][T20799] Call Trace:
[ 1064.583653][T20799]  <TASK>
[ 1064.583659][T20799]  dump_stack_lvl+0x16c/0x1f0
[ 1064.583681][T20799]  should_fail_ex+0x512/0x640
[ 1064.583694][T20799]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1064.583711][T20799]  should_failslab+0xc2/0x120
[ 1064.583729][T20799]  kmem_cache_alloc_noprof+0x83/0x770
[ 1064.583743][T20799]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[ 1064.583763][T20799]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[ 1064.583785][T20799]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[ 1064.583805][T20799]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[ 1064.583828][T20799]  mmu_topup_memory_caches+0x25/0x170
[ 1064.583844][T20799]  kvm_mmu_load+0xd6/0x2390
[ 1064.583857][T20799]  ? kvm_apic_has_interrupt+0x106/0x1f0
[ 1064.583874][T20799]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[ 1064.583894][T20799]  ? __pfx_kvm_mmu_load+0x10/0x10
[ 1064.583907][T20799]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[ 1064.583926][T20799]  ? kvm_check_and_inject_events+0x63d/0x1050
[ 1064.583944][T20799]  vcpu_run+0x39d2/0x5a80
[ 1064.583957][T20799]  ? find_held_lock+0x2b/0x80
[ 1064.583972][T20799]  ? vmx_vcpu_load_vmcs+0x222/0x770
[ 1064.583995][T20799]  ? __pfx_vcpu_run+0x10/0x10
[ 1064.584018][T20799]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[ 1064.584033][T20799]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[ 1064.584052][T20799]  kvm_vcpu_ioctl+0x76d/0x16d0
[ 1064.584072][T20799]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1064.584090][T20799]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1064.584106][T20799]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1064.584125][T20799]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1064.584144][T20799]  ? do_vfs_ioctl+0x128/0x14f0
[ 1064.584160][T20799]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1064.584181][T20799]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[ 1064.584200][T20799]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[ 1064.584219][T20799]  ? __fget_files+0x20e/0x3c0
[ 1064.584234][T20799]  ? fput+0x70/0xf0
[ 1064.584248][T20799]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[ 1064.584267][T20799]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1064.584284][T20799]  __do_fast_syscall_32+0xe8/0x680
[ 1064.584305][T20799]  do_fast_syscall_32+0x32/0x80
[ 1064.584323][T20799]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1064.584338][T20799] RIP: 0023:0xf700d579
[ 1064.584348][T20799] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1064.584360][T20799] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1064.584372][T20799] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[ 1064.584380][T20799] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1064.584387][T20799] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1064.584393][T20799] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1064.584400][T20799] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1064.584415][T20799]  </TASK>
[ 1064.930043][T20809] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3805'.
[ 1064.933400][T20808] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3805'.
[ 1064.957304][T20808] netlink: 207960 bytes leftover after parsing attributes in process `syz.4.3805'.
[ 1066.165353][T20845] vivid-000: =================  START STATUS  =================
[ 1066.169622][T20845] vivid-000: Test Pattern: 75% Colorbar
[ 1066.171682][T20845] vivid-000: Fill Percentage of Frame: 100
[ 1066.173711][T20845] vivid-000: Horizontal Movement: No Movement
[ 1066.177977][T20845] vivid-000: Vertical Movement: No Movement
[ 1066.180232][T20845] vivid-000: OSD Text Mode: All
[ 1066.182082][T20845] vivid-000: Show Border: true
[ 1066.183917][T20845] vivid-000: Show Square: false
[ 1066.186528][T20845] vivid-000: Sensor Flipped Horizontally: false
[ 1066.189379][T20845] vivid-000: Sensor Flipped Vertically: false
[ 1066.192439][T20845] vivid-000: Insert SAV Code in Image: false
[ 1066.194683][T20845] vivid-000: Insert EAV Code in Image: false
[ 1066.197377][T20845] vivid-000: Insert Video Guard Band: false
[ 1066.199578][T20845] vivid-000: Reduced Framerate: false
[ 1066.201451][T20845] vivid-000: HDMI 000-0 Is Connected To: None
[ 1066.203851][T20845] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[ 1066.207392][T20845] vivid-000: Enable Capture Cropping: true
[ 1066.209400][T20845] vivid-000: Enable Capture Composing: true
[ 1066.211487][T20845] vivid-000: Enable Capture Scaler: true
[ 1066.213352][T20845] vivid-000: Timestamp Source: End of Frame
[ 1066.215432][T20845] vivid-000: Colorspace: SMPTE 170M
[ 1066.218643][T20845] vivid-000: Transfer Function: Default
[ 1066.221820][T20845] vivid-000: Y'CbCr Encoding: Default
[ 1066.228280][T20845] vivid-000: HSV Encoding: Hue 0-179
[ 1066.230217][T20845] vivid-000: Quantization: Default
[ 1066.232374][T20845] vivid-000: Apply Alpha To Red Only: false
[ 1066.234760][T20845] vivid-000: Standard Aspect Ratio: 4x3
[ 1066.237464][T20845] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[ 1066.240275][T20845] vivid-000: DV Timings: 640x480p59 inactive
[ 1066.242696][T20845] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[ 1066.245371][T20845] vivid-000: Maximum EDID Blocks: 2
[ 1066.248864][T20845] vivid-000: Limited RGB Range (16-235): false
[ 1066.251311][T20845] vivid-000: Rx RGB Quantization Range: Automatic
[ 1066.254220][T20845] vivid-000: Power Present: 0x00000000
[ 1066.258525][T20845] tpg source WxH: 720x576 (Y'CbCr)
[ 1066.260476][T20845] tpg field: 3
[ 1066.262058][T20845] tpg crop: (0,0)/64x64
[ 1066.263444][T20845] tpg compose: (0,0)/16x8
[ 1066.264997][T20845] tpg colorspace: 1
[ 1066.266716][T20845] tpg transfer function: 0/1
[ 1066.268679][T20845] tpg Y'CbCr encoding: 0/1
[ 1066.270122][T20845] tpg quantization: 0/2
[ 1066.271472][T20845] tpg RGB range: 0/2
[ 1066.272756][T20845] vivid-000: ==================  END STATUS  ==================
[ 1066.507155][T20855] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3817'.
[ 1066.510971][T20855] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3817'.
[ 1067.624541][T20875] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3822'.
[ 1068.574979][T20894] input: syz0 as /devices/virtual/input/input47
[ 1068.818798][T20907] usb usb8: usbfs: process 20907 (syz.3.3833) did not claim interface 0 before use
[ 1071.333102][T20945] syz_tun: left allmulticast mode
[ 1071.335023][T20945] syz_tun: left promiscuous mode
[ 1071.336966][T20945] bridge0: port 3(syz_tun) entered disabled state
[ 1071.342496][T20945] bridge_slave_0: left allmulticast mode
[ 1071.344425][T20945] bridge_slave_0: left promiscuous mode
[ 1071.348177][T20945] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1071.352935][T20945] bridge_slave_1: left allmulticast mode
[ 1071.354808][T20945] bridge_slave_1: left promiscuous mode
[ 1071.357089][T20945] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1071.361624][T20945] .`: (slave bond_slave_0): Releasing backup interface
[ 1071.366688][T20945] .`: (slave bond_slave_1): Releasing backup interface
[ 1071.371252][T20945] team0: Port device team_slave_0 removed
[ 1071.374188][T20945] team0: Port device team_slave_1 removed
[ 1071.377130][T20945] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1071.380481][T20945] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1071.383786][T20945] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1071.389981][T20948] team0: Mode changed to "activebackup"
[ 1071.422600][T20945] vlan0: entered promiscuous mode
[ 1071.426473][T20945] tipc: Enabled bearer <eth:team0>, priority 0
[ 1071.610952][T20953] tipc: Started in network mode
[ 1071.613494][T20953] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1071.617123][T20953] tipc: Enabled bearer <eth:team0>, priority 0
[ 1071.968453][T20957] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1071.968482][T20957] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1071.968730][T20957] vhci_hcd vhci_hcd.0: Device attached
[ 1071.996009][   T40] audit: type=1804 audit(2000000080.798:848): pid=20957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3847" name="/newroot/267/file0" dev="tmpfs" ino=1595 res=1 errno=0
[ 1072.081829][T20972] FAULT_INJECTION: forcing a failure.
[ 1072.081829][T20972] name failslab, interval 1, probability 0, space 0, times 0
[ 1072.093671][T20972] CPU: 0 UID: 0 PID: 20972 Comm: syz.3.3850 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1072.093714][T20972] Tainted: [L]=SOFTLOCKUP
[ 1072.093720][T20972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1072.093730][T20972] Call Trace:
[ 1072.093737][T20972]  <TASK>
[ 1072.093745][T20972]  dump_stack_lvl+0x16c/0x1f0
[ 1072.093776][T20972]  should_fail_ex+0x512/0x640
[ 1072.093796][T20972]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[ 1072.093821][T20972]  should_failslab+0xc2/0x120
[ 1072.093848][T20972]  kmem_cache_alloc_node_noprof+0x86/0x800
[ 1072.093868][T20972]  ? __alloc_skb+0x156/0x410
[ 1072.093887][T20972]  ? is_bpf_text_address+0x8a/0x1a0
[ 1072.093914][T20972]  ? __alloc_skb+0x156/0x410
[ 1072.093931][T20972]  __alloc_skb+0x156/0x410
[ 1072.093947][T20972]  ? kernel_text_address+0x8d/0x100
[ 1072.093967][T20972]  ? __pfx___alloc_skb+0x10/0x10
[ 1072.093984][T20972]  ? unwind_get_return_address+0x59/0xa0
[ 1072.094010][T20972]  ? __asan_memset+0x23/0x50
[ 1072.094032][T20972]  tipc_buf_acquire+0x26/0xe0
[ 1072.094053][T20972]  tipc_msg_build+0x59c/0x1150
[ 1072.094080][T20972]  ? __pfx_tipc_msg_build+0x10/0x10
[ 1072.094114][T20972]  tipc_send_group_bcast+0x7cc/0xa50
[ 1072.094149][T20972]  ? __pfx_tipc_send_group_bcast+0x10/0x10
[ 1072.094180][T20972]  ? __pfx_woken_wake_function+0x10/0x10
[ 1072.094202][T20972]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1072.094235][T20972]  ? __pfx_aa_label_sk_perm+0x10/0x10
[ 1072.094255][T20972]  ? get_page_from_freelist+0xd0b/0x31a0
[ 1072.094281][T20972]  __tipc_sendmsg+0x4ab/0x1970
[ 1072.094308][T20972]  ? __pfx___tipc_sendmsg+0x10/0x10
[ 1072.094327][T20972]  ? __lock_acquire+0x436/0x2890
[ 1072.094365][T20972]  ? __local_bh_enable_ip+0xa4/0x120
[ 1072.094391][T20972]  tipc_sendmsg+0x4f/0x70
[ 1072.094415][T20972]  ____sys_sendmsg+0xa5d/0xc30
[ 1072.094445][T20972]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1072.094474][T20972]  ? get_compat_msghdr+0x11a/0x170
[ 1072.094502][T20972]  ? __pfx__kstrtoull+0x10/0x10
[ 1072.094530][T20972]  ___sys_sendmsg+0x134/0x1d0
[ 1072.094554][T20972]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1072.094606][T20972]  __sys_sendmmsg+0x2f9/0x420
[ 1072.094633][T20972]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1072.094663][T20972]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1072.094703][T20972]  ? fput+0x70/0xf0
[ 1072.094721][T20972]  ? ksys_write+0x1ac/0x250
[ 1072.094746][T20972]  ? __pfx_ksys_write+0x10/0x10
[ 1072.094776][T20972]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[ 1072.094801][T20972]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1072.094827][T20972]  __do_fast_syscall_32+0xe8/0x680
[ 1072.094858][T20972]  do_fast_syscall_32+0x32/0x80
[ 1072.094886][T20972]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1072.094909][T20972] RIP: 0023:0xf7f94579
[ 1072.094923][T20972] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1072.094939][T20972] RSP: 002b:00000000f546555c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[ 1072.094956][T20972] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000800030c0
[ 1072.094966][T20972] RDX: 0000000000000181 RSI: 0000000000000000 RDI: 0000000000000000
[ 1072.094975][T20972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1072.094985][T20972] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1072.094993][T20972] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1072.095016][T20972]  </TASK>
[ 1072.236626][ T6027] usb 46-1: SetAddress Request (58) to port 0
[ 1072.239614][ T6027] usb 46-1: new SuperSpeed USB device number 58 using vhci_hcd
[ 1072.455875][ T6026] tipc: Node number set to 2130706433
[ 1072.463899][T20983] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[ 1072.466356][T20983] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1072.472132][T20983] vhci_hcd vhci_hcd.0: Device attached
[ 1072.481092][   T40] audit: type=1800 audit(2000000081.288:849): pid=20983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3851" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1072.563919][T20963] vhci_hcd: connection reset by peer
[ 1072.566726][ T1149] vhci_hcd vhci_hcd.4: stop threads
[ 1072.569456][ T1149] vhci_hcd vhci_hcd.4: release socket
[ 1072.572585][ T1149] vhci_hcd vhci_hcd.4: disconnect device
[ 1072.665982][ T6008] tipc: Node number set to 11578026
[ 1072.755898][ T6026] usb 38-1: SetAddress Request (63) to port 0
[ 1072.758549][ T6026] usb 38-1: new SuperSpeed USB device number 63 using vhci_hcd
[ 1072.946836][T20984] vhci_hcd: connection reset by peer
[ 1072.949216][ T1149] vhci_hcd vhci_hcd.0: stop threads
[ 1072.951365][ T1149] vhci_hcd vhci_hcd.0: release socket
[ 1072.953674][ T1149] vhci_hcd vhci_hcd.0: disconnect device
[ 1073.777588][T21017] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3866'.
[ 1073.795292][T21011] futex_wake_op: syz.0.3863 tries to shift op by -1; fix this program
[ 1074.077391][T21029] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1074.081950][T21030] No such timeout policy "syz1"
[ 1074.539309][T21032] FAULT_INJECTION: forcing a failure.
[ 1074.539309][T21032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1074.544875][T21032] CPU: 3 UID: 0 PID: 21032 Comm: syz.3.3872 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1074.544904][T21032] Tainted: [L]=SOFTLOCKUP
[ 1074.544911][T21032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1074.544921][T21032] Call Trace:
[ 1074.544928][T21032]  <TASK>
[ 1074.544935][T21032]  dump_stack_lvl+0x16c/0x1f0
[ 1074.544967][T21032]  should_fail_ex+0x512/0x640
[ 1074.544991][T21032]  _copy_to_user+0x32/0xd0
[ 1074.545012][T21032]  __copy_siginfo_to_user32+0x96/0xf0
[ 1074.545040][T21032]  ? __pfx___copy_siginfo_to_user32+0x10/0x10
[ 1074.545072][T21032]  ? _raw_spin_unlock_irq+0x29/0x50
[ 1074.545094][T21032]  ? siginfo_layout+0x177/0x290
[ 1074.545118][T21032]  ia32_setup_rt_frame+0x6cc/0xb30
[ 1074.545151][T21032]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[ 1074.545171][T21032]  ? __pfx_vfs_write+0x10/0x10
[ 1074.545193][T21032]  ? find_held_lock+0x2b/0x80
[ 1074.545218][T21032]  arch_do_signal_or_restart+0x475/0x7a0
[ 1074.545244][T21032]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1074.545273][T21032]  ? fput+0x70/0xf0
[ 1074.545295][T21032]  exit_to_user_mode_loop+0x8c/0x540
[ 1074.545318][T21032]  __do_fast_syscall_32+0x4a4/0x680
[ 1074.545348][T21032]  do_fast_syscall_32+0x32/0x80
[ 1074.545373][T21032]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1074.545394][T21032] RIP: 0023:0xf7f94577
[ 1074.545408][T21032] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[ 1074.545425][T21032] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1074.545443][T21032] RAX: 0000000000000004 RBX: 0000000000000006 RCX: 0000000080000380
[ 1074.545454][T21032] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[ 1074.545465][T21032] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1074.545475][T21032] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1074.545486][T21032] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1074.545509][T21032]  </TASK>
[ 1074.964512][T21046] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3876'.
[ 1074.991138][T21049] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3877'.
[ 1075.902394][T21085] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1076.009670][T21090] netlink: 'syz.0.3885': attribute type 21 has an invalid length.
[ 1076.012822][T21090] netlink: 'syz.0.3885': attribute type 20 has an invalid length.
[ 1076.017744][T21090] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3885'.
[ 1077.304480][T21137] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1077.367263][ T6027] usb 46-1: device descriptor read/8, error -110
[ 1077.827552][ T6027] usb usb46-port1: attempt power cycle
[ 1077.846193][ T6026] usb 38-1: device descriptor read/8, error -110
[ 1078.168754][T21160] 9p: Bad value for 'rfdno'
[ 1078.388352][ T6027] usb usb46-port1: unable to enumerate USB device
[ 1079.135096][ T6026] usb usb38-port1: attempt power cycle
[ 1080.692271][ T6026] usb usb38-port1: unable to enumerate USB device
[ 1080.704713][T21184] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1081.373166][T21194] cgroup: Unknown subsys name 'context'
[ 1081.479929][T21200] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1081.482791][T21200] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1081.486507][T21200] vhci_hcd vhci_hcd.0: Device attached
[ 1081.509811][T21201] vhci_hcd: connection closed
[ 1081.509985][ T8026] vhci_hcd vhci_hcd.0: stop threads
[ 1081.514455][ T8026] vhci_hcd vhci_hcd.0: release socket
[ 1081.518114][ T8026] vhci_hcd vhci_hcd.0: disconnect device
[ 1081.640181][T21211] lo speed is unknown, defaulting to 1000
[ 1081.981210][T16527] Bluetooth: hci3: connection err: -111
[ 1082.161044][T21220] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1082.164591][T21220] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1082.168642][T21220] vhci_hcd vhci_hcd.0: Device attached
[ 1082.437193][ T5945] usb 38-1: SetAddress Request (67) to port 0
[ 1082.440965][ T5945] usb 38-1: new SuperSpeed USB device number 67 using vhci_hcd
[ 1082.450733][T21221] vhci_hcd: connection closed
[ 1082.451770][ T1149] vhci_hcd vhci_hcd.0: stop threads
[ 1082.456581][T21230] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[ 1082.458783][T21230] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1082.462332][T21230] vhci_hcd vhci_hcd.0: Device attached
[ 1082.468570][ T1149] vhci_hcd vhci_hcd.0: release socket
[ 1082.473032][ T1149] vhci_hcd vhci_hcd.0: disconnect device
[ 1082.560944][T21236] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1082.736563][ T6027] usb 44-1: SetAddress Request (69) to port 0
[ 1082.740095][ T6027] usb 44-1: new SuperSpeed USB device number 69 using vhci_hcd
[ 1083.307384][T21256] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1083.310015][T21256] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1083.313082][T21256] vhci_hcd vhci_hcd.0: Device attached
[ 1083.577514][T15546] usb 46-1: SetAddress Request (62) to port 0
[ 1083.581199][T15546] usb 46-1: new SuperSpeed USB device number 62 using vhci_hcd
[ 1083.662415][T21264] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1083.669992][T21264] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1083.672704][T21264] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1083.678959][T21264] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1083.943247][T21257] vhci_hcd: connection reset by peer
[ 1083.950052][ T6117] vhci_hcd vhci_hcd.4: stop threads
[ 1083.951908][ T6117] vhci_hcd vhci_hcd.4: release socket
[ 1083.957058][ T6117] vhci_hcd vhci_hcd.4: disconnect device
[ 1083.965263][T21282] lo speed is unknown, defaulting to 1000
[ 1085.381543][T21231] vhci_hcd: connection reset by peer
[ 1085.393626][ T8026] vhci_hcd vhci_hcd.3: stop threads
[ 1085.395564][ T8026] vhci_hcd vhci_hcd.3: release socket
[ 1085.397535][ T8026] vhci_hcd vhci_hcd.3: disconnect device
[ 1085.685955][T16527] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1085.686883][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1085.688035][T16527] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1085.692761][ T5940] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1085.724561][T21330] /dev/nullb0: Can't open blockdev
[ 1086.263519][T21341] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3948'.
[ 1086.654119][T21351] netlink: 112 bytes leftover after parsing attributes in process `syz.4.3953'.
[ 1086.906288][   T24] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[ 1087.056743][   T24] usb 8-1: Using ep0 maxpacket: 8
[ 1087.060407][   T24] usb 8-1: config 0 has an invalid interface number: 186 but max is 0
[ 1087.063251][   T24] usb 8-1: config 0 has no interface number 0
[ 1087.066595][   T24] usb 8-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1087.071415][   T24] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1087.074596][   T24] usb 8-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[ 1087.079284][   T24] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1087.083418][   T24] usb 8-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 1087.090071][   T24] usb 8-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[ 1087.093942][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1087.097697][   T24] usb 8-1: Product: syz
[ 1087.099192][   T24] usb 8-1: Manufacturer: syz
[ 1087.100726][   T24] usb 8-1: SerialNumber: syz
[ 1087.103800][   T24] usb 8-1: config 0 descriptor??
[ 1087.316962][   T24] iowarrior 8-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[ 1087.526560][ T5945] usb 38-1: device descriptor read/8, error -110
[ 1087.540391][T16133] usb 8-1: USB disconnect, device number 28
[ 1087.642479][T21364] lo speed is unknown, defaulting to 1000
[ 1087.768515][ T6027] usb 44-1: device descriptor read/8, error -110
[ 1087.917746][ T5945] usb usb38-port1: attempt power cycle
[ 1088.020913][T21374] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1088.157251][ T6027] usb usb44-port1: attempt power cycle
[ 1088.477474][ T5945] usb usb38-port1: unable to enumerate USB device
[ 1088.602169][T21385] /dev/nullb0: Can't open blockdev
[ 1088.647187][T15546] usb 46-1: device descriptor read/8, error -110
[ 1088.777868][ T6027] usb usb44-port1: unable to enumerate USB device
[ 1088.840558][T21389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3961'.
[ 1089.060024][T15546] usb usb46-port1: attempt power cycle
[ 1089.439598][T21401] 
[ 1089.440509][T21401] ======================================================
[ 1089.442807][T21401] WARNING: possible circular locking dependency detected
[ 1089.445132][T21401] syzkaller #0 Tainted: G             L     
[ 1089.447572][T21401] ------------------------------------------------------
[ 1089.450152][T21401] syz.4.3965/21401 is trying to acquire lock:
[ 1089.452851][T21401] ffff88804a0490d0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12d0
[ 1089.456638][T21401] 
[ 1089.456638][T21401] but task is already holding lock:
[ 1089.459890][T21401] ffff888046ba3068 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[ 1089.463526][T21401] 
[ 1089.463526][T21401] which lock already depends on the new lock.
[ 1089.463526][T21401] 
[ 1089.468333][T21401] 
[ 1089.468333][T21401] the existing dependency chain (in reverse order) is:
[ 1089.472307][T21401] 
[ 1089.472307][T21401] -> #3 (&pipe->mutex){+.+.}-{4:4}:
[ 1089.475571][T21401]        __mutex_lock+0x1aa/0x1ca0
[ 1089.477883][T21401]        anon_pipe_write+0x15d/0x1bd0
[ 1089.480308][T21401]        __kernel_write_iter+0x720/0xb10
[ 1089.482801][T21401]        __kernel_write+0xf5/0x140
[ 1089.485107][T21401]        autofs_notify_daemon+0x4db/0xd60
[ 1089.487674][T21401]        autofs_wait+0x10f3/0x1ac0
[ 1089.489963][T21401]        autofs_mount_wait+0x132/0x3c0
[ 1089.492398][T21401]        autofs_d_automount+0x4b2/0x960
[ 1089.494972][T21401]        __traverse_mounts+0x1b9/0x830
[ 1089.497417][T21401]        step_into_slowpath+0x772/0xf50
[ 1089.499876][T21401]        path_lookupat+0x627/0xc40
[ 1089.502111][T21401]        filename_lookup+0x224/0x5f0
[ 1089.504511][T21401]        kern_path+0x35/0x50
[ 1089.506633][T21401]        lookup_bdev+0xd8/0x280
[ 1089.508798][T21401]        resume_store+0x1d6/0x490
[ 1089.511070][T21401]        kobj_attr_store+0x58/0x80
[ 1089.513342][T21401]        sysfs_kf_write+0xf2/0x150
[ 1089.515613][T21401]        kernfs_fop_write_iter+0x3af/0x570
[ 1089.517982][T21401]        vfs_write+0x7d3/0x11d0
[ 1089.519691][T21401]        ksys_write+0x12a/0x250
[ 1089.521342][T21401]        __do_fast_syscall_32+0xe8/0x680
[ 1089.523251][T21401]        do_fast_syscall_32+0x32/0x80
[ 1089.525220][T21401]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1089.528165][T21401] 
[ 1089.528165][T21401] -> #2 (&sbi->pipe_mutex){+.+.}-{4:4}:
[ 1089.531209][T21401]        __mutex_lock+0x1aa/0x1ca0
[ 1089.533006][T21401]        autofs_notify_daemon+0x4a6/0xd60
[ 1089.535456][T21401]        autofs_wait+0x10f3/0x1ac0
[ 1089.537787][T21401]        autofs_mount_wait+0x132/0x3c0
[ 1089.540278][T21401]        autofs_d_automount+0x4b2/0x960
[ 1089.542725][T21401]        __traverse_mounts+0x1b9/0x830
[ 1089.545166][T21401]        step_into_slowpath+0x772/0xf50
[ 1089.547692][T21401]        path_lookupat+0x627/0xc40
[ 1089.550010][T21401]        filename_lookup+0x224/0x5f0
[ 1089.552309][T21401]        kern_path+0x35/0x50
[ 1089.554146][T21401]        lookup_bdev+0xd8/0x280
[ 1089.556373][T21401]        resume_store+0x1d6/0x490
[ 1089.558606][T21401]        kobj_attr_store+0x58/0x80
[ 1089.560882][T21401]        sysfs_kf_write+0xf2/0x150
[ 1089.563171][T21401]        kernfs_fop_write_iter+0x3af/0x570
[ 1089.565726][T21401]        vfs_write+0x7d3/0x11d0
[ 1089.567960][T21401]        ksys_write+0x12a/0x250
[ 1089.570127][T21401]        __do_fast_syscall_32+0xe8/0x680
[ 1089.572608][T21401]        do_fast_syscall_32+0x32/0x80
[ 1089.574999][T21401]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1089.578004][T21401] 
[ 1089.578004][T21401] -> #1 (&of->mutex){+.+.}-{4:4}:
[ 1089.581238][T21401]        __mutex_lock+0x1aa/0x1ca0
[ 1089.583535][T21401]        kernfs_seq_start+0x4f/0x2a0
[ 1089.585858][T21401]        seq_read_iter+0x2c1/0x12d0
[ 1089.588191][T21401]        kernfs_fop_read_iter+0x46c/0x610
[ 1089.590681][T21401]        copy_splice_read+0x618/0xc20
[ 1089.592918][T21401]        do_splice_read+0x285/0x370
[ 1089.594697][T21401]        splice_direct_to_actor+0x2a1/0xa30
[ 1089.596804][T21401]        do_splice_direct+0x174/0x240
[ 1089.598726][T21401]        do_sendfile+0xb06/0xe50
[ 1089.600497][T21401]        __ia32_compat_sys_sendfile+0x1e5/0x220
[ 1089.602592][T21401]        __do_fast_syscall_32+0xe8/0x680
[ 1089.604460][T21401]        do_fast_syscall_32+0x32/0x80
[ 1089.606243][T21401]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1089.608682][T21401] 
[ 1089.608682][T21401] -> #0 (&p->lock){+.+.}-{4:4}:
[ 1089.611456][T21401]        __lock_acquire+0x1669/0x2890
[ 1089.613319][T21401]        lock_acquire+0x179/0x330
[ 1089.615071][T21401]        __mutex_lock+0x1aa/0x1ca0
[ 1089.616811][T21401]        seq_read_iter+0xe1/0x12d0
[ 1089.618642][T21401]        kernfs_fop_read_iter+0x46c/0x610
[ 1089.620595][T21401]        copy_splice_read+0x618/0xc20
[ 1089.622737][T21401]        do_splice_read+0x285/0x370
[ 1089.625097][T21401]        splice_file_to_pipe+0x109/0x120
[ 1089.627618][T21401]        do_sendfile+0x400/0xe50
[ 1089.629871][T21401]        __ia32_sys_sendfile64+0x1d7/0x220
[ 1089.632499][T21401]        __do_fast_syscall_32+0xe8/0x680
[ 1089.635054][T21401]        do_fast_syscall_32+0x32/0x80
[ 1089.637195][T21401]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1089.637583][T15546] usb usb46-port1: unable to enumerate USB device
[ 1089.639581][T21401] 
[ 1089.639581][T21401] other info that might help us debug this:
[ 1089.639581][T21401] 
[ 1089.639593][T21401] Chain exists of:
[ 1089.639593][T21401]   &p->lock --> &sbi->pipe_mutex --> &pipe->mutex
[ 1089.639593][T21401] 
[ 1089.639627][T21401]  Possible unsafe locking scenario:
[ 1089.639627][T21401] 
[ 1089.639633][T21401]        CPU0                    CPU1
[ 1089.639639][T21401]        ----                    ----
[ 1089.639644][T21401]   lock(&pipe->mutex);
[ 1089.660150][T21401]                                lock(&sbi->pipe_mutex);
[ 1089.662751][T21401]                                lock(&pipe->mutex);
[ 1089.665009][T21401]   lock(&p->lock);
[ 1089.666305][T21401] 
[ 1089.666305][T21401]  *** DEADLOCK ***
[ 1089.666305][T21401] 
[ 1089.669171][T21401] 1 lock held by syz.4.3965/21401:
[ 1089.670830][T21401]  #0: ffff888046ba3068 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[ 1089.673822][T21401] 
[ 1089.673822][T21401] stack backtrace:
[ 1089.676546][T21401] CPU: 0 UID: 0 PID: 21401 Comm: syz.4.3965 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1089.676577][T21401] Tainted: [L]=SOFTLOCKUP
[ 1089.676585][T21401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1089.676598][T21401] Call Trace:
[ 1089.676607][T21401]  <TASK>
[ 1089.676615][T21401]  dump_stack_lvl+0x116/0x1f0
[ 1089.676644][T21401]  print_circular_bug+0x275/0x340
[ 1089.676675][T21401]  check_noncircular+0x146/0x160
[ 1089.676708][T21401]  __lock_acquire+0x1669/0x2890
[ 1089.676728][T21401]  ? mark_held_locks+0x49/0x80
[ 1089.676745][T21401]  lock_acquire+0x179/0x330
[ 1089.676763][T21401]  ? seq_read_iter+0xe1/0x12d0
[ 1089.676788][T21401]  ? __pfx___might_resched+0x10/0x10
[ 1089.676817][T21401]  __mutex_lock+0x1aa/0x1ca0
[ 1089.676846][T21401]  ? seq_read_iter+0xe1/0x12d0
[ 1089.676867][T21401]  ? do_sendfile+0x400/0xe50
[ 1089.676890][T21401]  ? __do_fast_syscall_32+0xe8/0x680
[ 1089.676918][T21401]  ? do_fast_syscall_32+0x32/0x80
[ 1089.676942][T21401]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1089.676964][T21401]  ? seq_read_iter+0xe1/0x12d0
[ 1089.676986][T21401]  ? __pfx___mutex_lock+0x10/0x10
[ 1089.677020][T21401]  ? alloc_pages_bulk_noprof+0xac5/0x1410
[ 1089.677051][T21401]  ? seq_read_iter+0xe1/0x12d0
[ 1089.677076][T21401]  seq_read_iter+0xe1/0x12d0
[ 1089.677099][T21401]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1089.677118][T21401]  kernfs_fop_read_iter+0x46c/0x610
[ 1089.677141][T21401]  copy_splice_read+0x618/0xc20
[ 1089.677166][T21401]  ? __pfx_aa_file_perm+0x10/0x10
[ 1089.677194][T21401]  ? __pfx_copy_splice_read+0x10/0x10
[ 1089.677226][T21401]  ? __fget_files+0x204/0x3c0
[ 1089.677253][T21401]  ? __pfx_copy_splice_read+0x10/0x10
[ 1089.677280][T21401]  do_splice_read+0x285/0x370
[ 1089.677307][T21401]  splice_file_to_pipe+0x109/0x120
[ 1089.677338][T21401]  do_sendfile+0x400/0xe50
[ 1089.677365][T21401]  ? __pfx_do_sendfile+0x10/0x10
[ 1089.677389][T21401]  ? do_seccomp+0x333/0x2640
[ 1089.677411][T21401]  ? __pfx___seccomp_filter+0x10/0x10
[ 1089.677435][T21401]  __ia32_sys_sendfile64+0x1d7/0x220
[ 1089.677453][T21401]  ? xfd_validate_state+0x61/0x180
[ 1089.677471][T21401]  ? __pfx___ia32_sys_sendfile64+0x10/0x10
[ 1089.677490][T21401]  ? __secure_computing+0x21c/0x320
[ 1089.677514][T21401]  __do_fast_syscall_32+0xe8/0x680
[ 1089.677545][T21401]  do_fast_syscall_32+0x32/0x80
[ 1089.677575][T21401]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1089.677601][T21401] RIP: 0023:0xf7f92579
[ 1089.677617][T21401] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1089.677636][T21401] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 00000000000000ef
[ 1089.677654][T21401] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000005
[ 1089.677667][T21401] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000
[ 1089.677679][T21401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1089.677690][T21401] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1089.677703][T21401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1089.677720][T21401]  </TASK>
[ 1089.904304][T21401] siw: device registration error -23
[ 1089.919291][   T40] audit: type=1326 audit(2000000007.650:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21400 comm="syz.4.3965" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f92579 code=0x7ffc0000
[ 1089.926939][   T40] audit: type=1326 audit(2000000007.660:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21400 comm="syz.4.3965" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f92579 code=0x7ffc0000