last executing test programs:

3m26.167923723s ago: executing program 1 (id=3043):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
socket$kcm(0x11, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket(0x1d, 0x2, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x7a, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6002173600442b00fc0206000000000000000000000000010420880b0000000000000800000086dd"], 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000000007020000", @ANYRES32=r0, @ANYBLOB="200001"], 0x38}, 0x1, 0x0, 0x0, 0x4044081}, 0x40004010) (fail_nth: 9)

3m26.010119658s ago: executing program 1 (id=3045):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="d9780000000000001400030069e570766c616e310000000000000000001c0012800b0001006970766c616e00000c0002800600020002000000"], 0x50}, 0x1, 0x0, 0x0, 0x4000840}, 0x0)

3m26.009749858s ago: executing program 1 (id=3046):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000180), 0x200000005, 0x40080)
ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc038563b, &(0x7f0000000080)={0x0, 0x1, @start={0x2}})
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f00000000c0), 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, 0x0, 0x0, 0x4, 0x0, 0x0)

3m25.949887808s ago: executing program 1 (id=3047):
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125499, 0x0)
mount$9p_unix(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3047c4a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a80)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000008001a80100003800c0005800800000000000000100003803000018005000c000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f696c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e8e0000c"], 0x270}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r4, &(0x7f0000000400)=""/4096, 0x1000)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1700000078000106000000000000000007006a08ec9a9ea6"], 0x18}], 0x1}, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='cdg', 0x3)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4014}, 0xc000)
r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r6, 0xa, 0x21)
fcntl$setlease(r6, 0x400, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3m25.881888279s ago: executing program 1 (id=3049):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2e)
r2 = syz_open_procfs(0x0, &(0x7f0000000300)='net/icmp\x00')
pread64(r2, &(0x7f0000000940)=""/239, 0xef, 0xcfcf)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000500)={<r4=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000200)={0x13, 0x10, 0x8, {0x0, r4, 0x1}}, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x10000, 0x0, 0x0, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$unix(0x1, 0x2, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x44, r7, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x7ff, 0x78}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x44}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r9, 0x4048ae9b, &(0x7f0000000080)={0xe0003, 0x0, {[0xffffffffffffffff, 0x1f8, 0x83, 0xffffffffefffff15, 0x40000000000003, 0x4, 0x4, 0x4]}})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)

3m25.601584148s ago: executing program 1 (id=3051):
ioctl$VIDIOC_G_AUDOUT(0xffffffffffffffff, 0x80345631, &(0x7f0000000140))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0], 0x2, 0x80800, 0x0, <r0=>0xffffffffffffffff})
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0x154, 0x9, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, [@IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x3}}]}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_COMMENT={0x8, 0x1a, '+@:\x00'}]}, @IPSET_ATTR_ADT={0x80, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @local}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xd}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0xffffffff}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xff}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}, @IPSET_ATTR_ETHER={0xa, 0x11, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x10001}]}, @IPSET_ATTR_DATA={0x54, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010102}}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x8}, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x59}, @IPSET_ATTR_ETHER={0xa, 0x11, @local}, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x8}, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x154}, 0x1, 0x0, 0x0, 0x20040081}, 0x10)
r1 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0x297a, 0x40, 0x80003, 0x6})
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480), 0x66)
ioctl$VIDIOC_G_AUDOUT(0xffffffffffffffff, 0x80345631, &(0x7f0000000140)) (async)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0], 0x2, 0x80800}) (async)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0x154, 0x9, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, [@IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x3}}]}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_COMMENT={0x8, 0x1a, '+@:\x00'}]}, @IPSET_ATTR_ADT={0x80, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @local}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xd}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0xffffffff}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xff}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}, @IPSET_ATTR_ETHER={0xa, 0x11, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x10001}]}, @IPSET_ATTR_DATA={0x54, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010102}}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x8}, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x59}, @IPSET_ATTR_ETHER={0xa, 0x11, @local}, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x8}, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x154}, 0x1, 0x0, 0x0, 0x20040081}, 0x10) (async)
io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0x297a, 0x40, 0x80003, 0x6}) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) (async)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480), 0x66) (async)

3m25.462943958s ago: executing program 32 (id=3051):
ioctl$VIDIOC_G_AUDOUT(0xffffffffffffffff, 0x80345631, &(0x7f0000000140))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0], 0x2, 0x80800, 0x0, <r0=>0xffffffffffffffff})
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0x154, 0x9, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, [@IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x3}}]}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_COMMENT={0x8, 0x1a, '+@:\x00'}]}, @IPSET_ATTR_ADT={0x80, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @local}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xd}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0xffffffff}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xff}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}, @IPSET_ATTR_ETHER={0xa, 0x11, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x10001}]}, @IPSET_ATTR_DATA={0x54, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010102}}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x8}, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x59}, @IPSET_ATTR_ETHER={0xa, 0x11, @local}, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x8}, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x154}, 0x1, 0x0, 0x0, 0x20040081}, 0x10)
r1 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0x297a, 0x40, 0x80003, 0x6})
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480), 0x66)
ioctl$VIDIOC_G_AUDOUT(0xffffffffffffffff, 0x80345631, &(0x7f0000000140)) (async)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0], 0x2, 0x80800}) (async)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0x154, 0x9, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, [@IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x3}}]}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_COMMENT={0x8, 0x1a, '+@:\x00'}]}, @IPSET_ATTR_ADT={0x80, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @local}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xd}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x4}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0xffffffff}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xff}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}, @IPSET_ATTR_ETHER={0xa, 0x11, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x38}}}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x10001}]}, @IPSET_ATTR_DATA={0x54, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010102}}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x8}, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x59}, @IPSET_ATTR_ETHER={0xa, 0x11, @local}, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x8}, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x154}, 0x1, 0x0, 0x0, 0x20040081}, 0x10) (async)
io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0x297a, 0x40, 0x80003, 0x6}) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) (async)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480), 0x66) (async)

1m36.758561746s ago: executing program 4 (id=3679):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
socket(0x28, 0x5, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080), 0x10)
socket$xdp(0x2c, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x1000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0xc, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
close(0x4)
r2 = syz_io_uring_setup(0x4f90, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x6944, 0x0, 0x0, &(0x7f0000000280))
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xc)
ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, &(0x7f0000000140)=0x1)

1m36.510613198s ago: executing program 4 (id=3680):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000640)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x3, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @empty, {[@ra={0x94, 0x4}]}}}}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x10000000, 0x3, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_TSS_ADDR(r4, 0xae47, 0xd000)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000000300)=""/102392, 0x18ff8)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r6, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
connect$inet(r6, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r6, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf1c)
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000200)={0x2, 0x0, [{0x7, 0x5cc0, 0x1, 0xde, 0x800, 0x9a, 0xfeb}, {0xb, 0x7, 0xb, 0x6fe, 0xc1b5, 0x10, 0x1}]})

1m35.52073938s ago: executing program 4 (id=3690):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r2 = socket(0x2, 0x2, 0x1)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x48802, 0x0)
r4 = syz_io_uring_setup(0x2b06, &(0x7f0000000040), &(0x7f0000ffd000), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_FILES(r4, 0x14, &(0x7f00000000c0), 0x0)
write$sndseq(r3, &(0x7f0000000080), 0x0)
r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$CDROM_LOCKDOOR(r5, 0x5329, 0x0)
ioctl$CDROMEJECT(r5, 0x5309)
r6 = socket(0x400000000010, 0x3, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000280)={&(0x7f00000066c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a540d00000c0a010200000000000000000a0000000800044000000000700b0380b80600800c0005400000000000000002140007800e000100696d6d65646961746500000008000180040001008d0006401cbe667a09791aca110d5882ebc4c6e9bb0df9898e8e4f9db7599f998bc8dca07b40fa890399f94224d3cf1fb4270bcf19c996ec4483d5070ed359b96af7ad6a1819c819d6f452e8567e50392b9c67faddd74a8778b1484724d9115329f45ab8b37b09cb415a95e207a7741471f07a159b042e7ac3b8f756ce84a7b34de6fce6ce1bff6a3876a35d4200000024040a80040001000101010021724a38e92df6f8c3f8549dade7ea65da7bb719eab8f645c1593089903840e2d44bc29a6372b183590544b2ca9c3db98bfbfc7d3488b1918bf6e12f0e573127579a6c63a62b80985a0a654b970707ffea02f4c6c37032273e56202019738b06ecb21e9a54d0da43c596194ba89fdd89d07b7dc84d8cd0e1cf0bbda51320ee875c6d4be89e10c48e94ace726a3c84eabacffcacd1af890a08a6c465fdeea20f8b13e58bfbb8c12d043cbdcbdc69e90e71ce169f9bec01675a40a440fb949913f4d271cacd5ab460371a80209df033e42291bff3be32d7a61375e28b79b61ff2fa3a3c7cb62d2cfc635a72a3ab906e6fdd359ee79be0b8091798f7e9354000000890001005bc2c9873be2b44796731e93155f0c09840805bb4fe64a37923f4008a97b31725e002ed31929382106b9dca9f670e9bb5a7e872c444568a4ce2bd969175090f90a914f233f9f2678040a596373a7eada867ea4acc05a6988735dc03e85069673e4b3860740ab54bc41f19d7731996163323f3bb12be245ee49325cfedf96b75c2a6e8eff550000003500010000998619f8607c1f4ea6ec0d64b0f3e35bf242a1c4003c6fc33aa2465b6605d02dffec967737e800783b571db2a88467f9000000fd000100a9eab4dd7ac1fb75a929a83267c01d4f8aaa6de175509a8d7a3d123be524a0e9412fc828a48aeb9a0377131f78614060c79abe8e0cd68aa99ee434889c790eba9901e9a973361c30444afe022f37c731b1620f552edf3d0428ec25c80114037b6793b897d022433e1c4658cd0d37662e208c253f017b89427534436c2c58b1e766569cc9ce5e51bdb70593d4ad034a8548af27edd8e9f3d7ce9d2b81925433e85a30df170bef9c2740fd8f529197f30b97570e568ed7be8062a951518cfa5c14995f3cc622585cbbdbef31cef5cd9c57d71f0ef8487ffa25370e6c7d9e4e4efa6366070a61f6e39b750d2578224e654e60aea8c07b2376d60b000000e90001003d76fa32acc624c3bda75e85692cf8dfbb436c26b235fedec0b83759b28b92272248b01e90a262d916c9d748a4fbdafe0faa2e9e2337a15665554844afa11a71891ca397c1e65157f1789159ab8309050b5785e6f123c3b4759c6fb9ae06355a47251801beb05e9caaccc999dcdd4d79327f4c7c5bfbc6a5f1bf0b3027f7b9e66f1589da923490b21f1f8a4c66231c8a5001dbcc6cfc2c4578f9d62ab3f284156bb0dee54fb80611f6277bc6e45abbbae66cf2824b994066527aad979187ffbc903255e3772c24cf59d3acdf99c326de180cb70de3b9b1f1374dfb00e320da59a8296897ac000000100002800900020073797a3100000000580002800900020073797a31000000000900020073797a31000000000900020073797a30000000000900020073797a320000000008000180fffffffe0900020073797a310000000008000180fffffffd08000180ffffffffd8010a80580002800900020073797a31000000000900020073797a300000000008000180fffffffb08000340000000010900020073797a32000000000900020073797a310000000008000340000000030900020073797a32000000006800028008000340000000020900020073797a31000000000900020073797a32000000000900020073797a320000000008000340000000020900020073797a32000000000800034000000004080003400000000308000340000000010900020073797a300000000061000100f386dab95bbb6fc90c3fa19bb2cfaf589feecce300624a0c5193fdb1126d569ba1edf1848b4d8b845ada4d55c2fe17e96ec9e87ba6b2a20336feedf94a64ea7a6bbc56915bd108a19572021074831279e6b75ccba417161594352fcb59000000200002800900020073797a31000000000800034000000004080003400000000321000100ef75f59e630a4b72c51ed27050613d362933afe89e3b0344e065c33db300000069000100c7ef54eb81a61e3545836868be140f31ecd5f5c755480b99fd95e0a6d351c7136dda0ddea31a7ab415ef66acaef21f270025f4b75867b86b34ce7038cc73aa99e96aa7f06d61f20246e782976a6bf17525b7d11658e2d1afadd09e7ed87e94614fad23c93a0000006800008050000180240002800900020073797a31000000000900020073797a30000000000800034000000004040002802400028008000340000000020900020073797a31000000000900020073797a300000000008000340000000020c0007800800010066776400e00100800c0004400000000000000002500007800e000100696d6d6564696174650000003c0002803800028034000280080003400000000408000180000000000900020073797a310000000008000180fffffffc0900020073797a31000000008001018014000280080003400000000408000180fffffffb5400028008000180ffffffff0900020073797a310000000008000180fffffffc080003400000000108000180ffff05fe08000340000000020900020073797a310000000008000180fffffffe08000180ffffffffb5000100d75f1df907b02a1a910ac02af08044f7aa04bd6cc99033645f833377e3b659e0f2a0cb087f6d7883bc4860f316ded57a18f80bcda8ba6cc9210508e6ac16ce9057332aba5d48a119a0cfe0df8dde9c2ebd21b6f6fff98e5942d34c91b8a4c000377a28da14b3aec5ac7704094edca28fe0e709952b08b506b5bd63c890793d99bfbdac26a1419c153581cb4bce020ab6c5083e1c5ff84a48e2ef845604074df69006bc5b5c7fefc08c2433e4bb73f2890a0000005c0002800900020073797a300000000008000180fffffffb0900020073797a30000000000900020073797a30000000000900020073797a300000000008000180fffffffd0900020073797a32000000000900020073797a31000000006c02008068020a80a50001003a879d9989e5e8e12173eacd126fdc22a725a89e1079f4ab73e0ba8102d0fe6043edbf0892d3fc3f8f9a294db7a144ee2813bafe955761ca1af97a20c5d267c582da95c65a546cf5309295b6530f7948b8f072f58f78a6f147a7d68813dab375fa0e191afb155f92eb36c1e0db44376f76382904d2da9266bd98a9dfec720b8d0a39609c27a37a4189acb0ef47b42fb748e977ccc888c1b01fdbb1076484d87f43000000100002800900020073797a310000000041000100629f7ba683229dc97aba6d441dc5ad0c0a42f8fbadf669d5a84fa395b28cd21cdd657e894f73520af946929f3beef0e0793ff46815d88e65c1ee4d46a2000000e100010056d4af9d88108e389a0c42ada5100f28f975c5cee03cb0c7628dcb94452541ed5163619497399d1eebc48d862e097e1102b6ebb79d35d2bf330f420a84c1a3bb3f2caa6a85a282d0bc3d54035c2a6feeb03ba55878df032c7a37f89cc61b6f153ee0fe392a533c7f07dc9211b3e6713425fb20ff1ab7875f73f8ad7daa3833ab06d689826b7ab88bdf02a338076c8d63560d094a74f28ad28d3d140d77b2e35870036d5767812b073fbffd5f025541eece91a85c36a9425f98af92dd8c9a252a9be728ba8622e071fb91b5551fccbbe24ef315db428a7bf1e76df8da6000000064000280080003400000000108000340000000010900020073797a31000000000900020073797a30000000000900020073797a32000000000900020073797a32000000000900020073797a300000000008000340000000040900020073797a30000000002000028008000180fffffffb0900020073797a310000000008000180fffffffb0800044000000002c0010380bc0100800900090073797a32000000000800034000000003a4010280ee00010028d16f00b99bba585ed43b9b3cb3cb06a8456623acb9325ad0cd2bb7f30501e4c5212703c595b75c3953c0eea33e0d37c56634ffec1ed53a818878eed2f7e4b994bfd85033bebd1d120ea9a0f6a7953b892dd25e7b67fd25a86a07ee7f249e9675b5b0ad842277edfd7477323afde27368b18964f635bfec5f42e8302fa79a6ddceb0cf3b5d4ad17decf8f5b9bbc4896bea2dce758444a5374ababfdcf6b5dfd9bf278f32e60434b3d040473a96f8dcc4a42962f2991765b6dad48756a23f1906ed5d90dc303943df069ff6b7d477dc6babfc18fcee4c3b82a463a2b754e692910e2fca98ad6204b2efe0000ad000100dae0838dfe5c3b2835b1b7a57b4df7b95eb598acc1175270e9afb2c03863f9a114880c368c5aed68a1debf5ce06e0a3352b0ebc62f89ef9724d188e263f3b1206a79a0e2c8c1329332ef860a12534c18c39f5f9f6e71ff64d3dcf02c705f53299edc1613992bd4442c0ab4b4bef208bb1e3115c08b54d92a539b1112b03ed933f2dd274ca30e5b0d87f4a37f00259f0ef4042b1281efe51e565277d609f0e5213cfeab5ca2eb86709568fe8548429df83346c670000000140000001100010000"], 0xd7c}, 0x1, 0x0, 0x0, 0x1}, 0x20040080)
ioctl$DVD_WRITE_STRUCT(r5, 0x5390, &(0x7f0000000380)=@type=0x2)
ioctl$CDROMEJECT_SW(r5, 0x530f, 0x0)
r7 = syz_io_uring_setup(0x22f, &(0x7f0000019140)={0x0, 0x8ffd, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0xa})
io_uring_enter(r7, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r10, &(0x7f0000000000)=0xb00, 0x12)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x6, 0x2, 0x0, 0x87, 0x3, 0xffffffff})
r11 = gettid()
syz_open_procfs(r11, &(0x7f00000000c0)='sched\x00')
r12 = userfaultfd(0x1)
io_setup(0x205, &(0x7f0000000200)=<r13=>0x0)
io_submit(r13, 0x1, &(0x7f00000016c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, r12, 0x0, 0x0, 0x90}])
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_proto_private(r0, 0x89eb, &(0x7f0000000200)="62e1fe12a3e53f6db8fa320b226b8f6ad65b00")
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vlan0\x00'})

1m34.920164306s ago: executing program 4 (id=3691):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x2, 0x0, 0x300)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000)
preadv2(r0, &(0x7f00000001c0)=[{&(0x7f0000000280)=""/216, 0xd8}], 0x1, 0x1, 0x58ca, 0x2)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000040)=0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x2)

1m34.841203694s ago: executing program 4 (id=3692):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180200001000000000000000000000008500000017000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x800455cc, 0x400000009)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000001f00)="de4dc043102f0e202515a02eac23", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x80, 0x0)

1m34.771027687s ago: executing program 4 (id=3693):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}]}, 0x94}}, 0x0)
mount$binder(0x0, 0x0, 0x0, 0xe2ca6, &(0x7f0000000200)=ANY=[@ANYBLOB='m'])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x17e5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x4)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x55c, 0x20100)
ioctl$EVIOCSFF(r4, 0x402c4580, &(0x7f0000000340)={0x56, 0xaaad, 0x1, {0xfffe, 0x6d}, {0x5a8a, 0x81}, @period={0x5c, 0x3, 0xf800, 0x8001, 0x3, {0x80, 0x4, 0x7, 0x4}, 0x0, 0x0}})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x6, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0xa, 0x34, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x26, 0x6071, 0x0, 0x811, {[@generic={0x8, 0xa, "fd8bd2a498c327ae"}]}}}}}}}, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000280)={0x9})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'geneve0\x00', <r8=>0x0})
r9 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r9, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x88a8, r8, 0x1, 0xd8, 0x6, @multicast}, 0x14)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0xb5ce, 0xd4, 0xe, 0x63, 0x200002000001, 0x0, 0x4000002004c8, 0x0, 0x0, 0x36ae, 0x5, 0x7fff, 0x3, 0x400000000], 0x80a0000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1m19.560575057s ago: executing program 33 (id=3693):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}]}, 0x94}}, 0x0)
mount$binder(0x0, 0x0, 0x0, 0xe2ca6, &(0x7f0000000200)=ANY=[@ANYBLOB='m'])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x17e5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x4)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x55c, 0x20100)
ioctl$EVIOCSFF(r4, 0x402c4580, &(0x7f0000000340)={0x56, 0xaaad, 0x1, {0xfffe, 0x6d}, {0x5a8a, 0x81}, @period={0x5c, 0x3, 0xf800, 0x8001, 0x3, {0x80, 0x4, 0x7, 0x4}, 0x0, 0x0}})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x6, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0xa, 0x34, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x26, 0x6071, 0x0, 0x811, {[@generic={0x8, 0xa, "fd8bd2a498c327ae"}]}}}}}}}, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000280)={0x9})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'geneve0\x00', <r8=>0x0})
r9 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r9, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x88a8, r8, 0x1, 0xd8, 0x6, @multicast}, 0x14)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0xb5ce, 0xd4, 0xe, 0x63, 0x200002000001, 0x0, 0x4000002004c8, 0x0, 0x0, 0x36ae, 0x5, 0x7fff, 0x3, 0x400000000], 0x80a0000})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

5.741596128s ago: executing program 3 (id=4313):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x40, 0x1c8)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x3)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x103401)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0xffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0a003b3e0c7bfb7f3d00000400000000000000", @ANYRES32, @ANYBLOB="00000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x8080)

4.749149604s ago: executing program 3 (id=4322):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
fchdir(r2)
mount$9p_unix(&(0x7f0000000780)='./mnt\x00', &(0x7f0000000040)='./mnt\x00', 0x0, 0x291095, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
capset(0x0, &(0x7f0000000140))
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
dup(0xffffffffffffffff)
r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_QUERYBUF(r7, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1}, 0x4048043)
dup(0xffffffffffffffff)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000003c0)={'comedi_bond\x00', [0x2f, 0x40000080, 0x10006, 0x4, 0x1, 0xcc7, 0x8, 0x17, 0x6800, 0x24c, 0xfff, 0x7, 0x5, 0x5, 0x20006, 0x107, 0x8, 0xfffffffc, 0x200c, 0x3, 0x89, 0x6, 0x0, 0x20001e5d, 0x10008, 0x4, 0x7ad, 0xa, 0x10006, 0x401, 0xfffffffd]})
getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r8, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)

3.45484763s ago: executing program 5 (id=4323):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x48802, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x14, &(0x7f00000000c0), 0x0)
write$sndseq(r1, &(0x7f0000000080), 0x0)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$CDROM_LOCKDOOR(r2, 0x5329, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000280)={&(0x7f00000066c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a540d00000c0a010200000000000000000a0000000800044000000000700b0380b80600800c0005400000000000000002140007800e000100696d6d65646961746500000008000180040001008d0006401cbe667a09791aca110d5882ebc4c6e9bb0df9898e8e4f9db7599f998bc8dca07b40fa890399f94224d3cf1fb4270bcf19c996ec4483d5070ed359b96af7ad6a1819c819d6f452e8567e50392b9c67faddd74a8778b1484724d9115329f45ab8b37b09cb415a95e207a7741471f07a159b042e7ac3b8f756ce84a7b34de6fce6ce1bff6a3876a35d4200000024040a80040001000101010021724a38e92df6f8c3f8549dade7ea65da7bb719eab8f645c1593089903840e2d44bc29a6372b183590544b2ca9c3db98bfbfc7d3488b1918bf6e12f0e573127579a6c63a62b80985a0a654b970707ffea02f4c6c37032273e56202019738b06ecb21e9a54d0da43c596194ba89fdd89d07b7dc84d8cd0e1cf0bbda51320ee875c6d4be89e10c48e94ace726a3c84eabacffcacd1af890a08a6c465fdeea20f8b13e58bfbb8c12d043cbdcbdc69e90e71ce169f9bec01675a40a440fb949913f4d271cacd5ab460371a80209df033e42291bff3be32d7a61375e28b79b61ff2fa3a3c7cb62d2cfc635a72a3ab906e6fdd359ee79be0b8091798f7e9354000000890001005bc2c9873be2b44796731e93155f0c09840805bb4fe64a37923f4008a97b31725e002ed31929382106b9dca9f670e9bb5a7e872c444568a4ce2bd969175090f90a914f233f9f2678040a596373a7eada867ea4acc05a6988735dc03e85069673e4b3860740ab54bc41f19d7731996163323f3bb12be245ee49325cfedf96b75c2a6e8eff550000003500010000998619f8607c1f4ea6ec0d64b0f3e35bf242a1c4003c6fc33aa2465b6605d02dffec967737e800783b571db2a88467f9000000fd000100a9eab4dd7ac1fb75a929a83267c01d4f8aaa6de175509a8d7a3d123be524a0e9412fc828a48aeb9a0377131f78614060c79abe8e0cd68aa99ee434889c790eba9901e9a973361c30444afe022f37c731b1620f552edf3d0428ec25c80114037b6793b897d022433e1c4658cd0d37662e208c253f017b89427534436c2c58b1e766569cc9ce5e51bdb70593d4ad034a8548af27edd8e9f3d7ce9d2b81925433e85a30df170bef9c2740fd8f529197f30b97570e568ed7be8062a951518cfa5c14995f3cc622585cbbdbef31cef5cd9c57d71f0ef8487ffa25370e6c7d9e4e4efa6366070a61f6e39b750d2578224e654e60aea8c07b2376d60b000000e90001003d76fa32acc624c3bda75e85692cf8dfbb436c26b235fedec0b83759b28b92272248b01e90a262d916c9d748a4fbdafe0faa2e9e2337a15665554844afa11a71891ca397c1e65157f1789159ab8309050b5785e6f123c3b4759c6fb9ae06355a47251801beb05e9caaccc999dcdd4d79327f4c7c5bfbc6a5f1bf0b3027f7b9e66f1589da923490b21f1f8a4c66231c8a5001dbcc6cfc2c4578f9d62ab3f284156bb0dee54fb80611f6277bc6e45abbbae66cf2824b994066527aad979187ffbc903255e3772c24cf59d3acdf99c326de180cb70de3b9b1f1374dfb00e320da59a8296897ac000000100002800900020073797a3100000000580002800900020073797a31000000000900020073797a31000000000900020073797a30000000000900020073797a320000000008000180fffffffe0900020073797a310000000008000180fffffffd08000180ffffffffd8010a80580002800900020073797a31000000000900020073797a300000000008000180fffffffb08000340000000010900020073797a32000000000900020073797a310000000008000340000000030900020073797a32000000006800028008000340000000020900020073797a31000000000900020073797a32000000000900020073797a320000000008000340000000020900020073797a32000000000800034000000004080003400000000308000340000000010900020073797a300000000061000100f386dab95bbb6fc90c3fa19bb2cfaf589feecce300624a0c5193fdb1126d569ba1edf1848b4d8b845ada4d55c2fe17e96ec9e87ba6b2a20336feedf94a64ea7a6bbc56915bd108a19572021074831279e6b75ccba417161594352fcb59000000200002800900020073797a31000000000800034000000004080003400000000321000100ef75f59e630a4b72c51ed27050613d362933afe89e3b0344e065c33db300000069000100c7ef54eb81a61e3545836868be140f31ecd5f5c755480b99fd95e0a6d351c7136dda0ddea31a7ab415ef66acaef21f270025f4b75867b86b34ce7038cc73aa99e96aa7f06d61f20246e782976a6bf17525b7d11658e2d1afadd09e7ed87e94614fad23c93a0000006800008050000180240002800900020073797a31000000000900020073797a30000000000800034000000004040002802400028008000340000000020900020073797a31000000000900020073797a300000000008000340000000020c0007800800010066776400e00100800c0004400000000000000002500007800e000100696d6d6564696174650000003c0002803800028034000280080003400000000408000180000000000900020073797a310000000008000180fffffffc0900020073797a31000000008001018014000280080003400000000408000180fffffffb5400028008000180ffffffff0900020073797a310000000008000180fffffffc080003400000000108000180ffff05fe08000340000000020900020073797a310000000008000180fffffffe08000180ffffffffb5000100d75f1df907b02a1a910ac02af08044f7aa04bd6cc99033645f833377e3b659e0f2a0cb087f6d7883bc4860f316ded57a18f80bcda8ba6cc9210508e6ac16ce9057332aba5d48a119a0cfe0df8dde9c2ebd21b6f6fff98e5942d34c91b8a4c000377a28da14b3aec5ac7704094edca28fe0e709952b08b506b5bd63c890793d99bfbdac26a1419c153581cb4bce020ab6c5083e1c5ff84a48e2ef845604074df69006bc5b5c7fefc08c2433e4bb73f2890a0000005c0002800900020073797a300000000008000180fffffffb0900020073797a30000000000900020073797a30000000000900020073797a300000000008000180fffffffd0900020073797a32000000000900020073797a31000000006c02008068020a80a50001003a879d9989e5e8e12173eacd126fdc22a725a89e1079f4ab73e0ba8102d0fe6043edbf0892d3fc3f8f9a294db7a144ee2813bafe955761ca1af97a20c5d267c582da95c65a546cf5309295b6530f7948b8f072f58f78a6f147a7d68813dab375fa0e191afb155f92eb36c1e0db44376f76382904d2da9266bd98a9dfec720b8d0a39609c27a37a4189acb0ef47b42fb748e977ccc888c1b01fdbb1076484d87f43000000100002800900020073797a310000000041000100629f7ba683229dc97aba6d441dc5ad0c0a42f8fbadf669d5a84fa395b28cd21cdd657e894f73520af946929f3beef0e0793ff46815d88e65c1ee4d46a2000000e100010056d4af9d88108e389a0c42ada5100f28f975c5cee03cb0c7628dcb94452541ed5163619497399d1eebc48d862e097e1102b6ebb79d35d2bf330f420a84c1a3bb3f2caa6a85a282d0bc3d54035c2a6feeb03ba55878df032c7a37f89cc61b6f153ee0fe392a533c7f07dc9211b3e6713425fb20ff1ab7875f73f8ad7daa3833ab06d689826b7ab88bdf02a338076c8d63560d094a74f28ad28d3d140d77b2e35870036d5767812b073fbffd5f025541eece91a85c36a9425f98af92dd8c9a252a9be728ba8622e071fb91b5551fccbbe24ef315db428a7bf1e76df8da6000000064000280080003400000000108000340000000010900020073797a31000000000900020073797a30000000000900020073797a32000000000900020073797a32000000000900020073797a300000000008000340000000040900020073797a30000000002000028008000180fffffffb0900020073797a310000000008000180fffffffb0800044000000002c0010380bc0100800900090073797a32000000000800034000000003a4010280ee00010028d16f00b99bba585ed43b9b3cb3cb06a8456623acb9325ad0cd2bb7f30501e4c5212703c595b75c3953c0eea33e0d37c56634ffec1ed53a818878eed2f7e4b994bfd85033bebd1d120ea9a0f6a7953b892dd25e7b67fd25a86a07ee7f249e9675b5b0ad842277edfd7477323afde27368b18964f635bfec5f42e8302fa79a6ddceb0cf3b5d4ad17decf8f5b9bbc4896bea2dce758444a5374ababfdcf6b5dfd9bf278f32e60434b3d040473a96f8dcc4a42962f2991765b6dad48756a23f1906ed5d90dc303943df069ff6b7d477dc6babfc18fcee4c3b82a463a2b754e692910e2fca98ad6204b2efe0000ad000100dae0838dfe5c3b2835b1b7a57b4df7b95eb598acc1175270e9afb2c03863f9a114880c368c5aed68a1debf5ce06e0a3352b0ebc62f89ef9724d188e263f3b1206a79a0e2c8c1329332ef860a12534c18c39f5f9f6e71ff64d3dcf02c705f53299edc1613992bd4442c0ab4b4bef208bb1e3115c08b54d92a539b1112b03ed933f2dd274ca30e5b0d87f4a37f00259f0ef4042b1281efe51e565277d609f0e5213cfeab5ca2eb86709568fe8548429df83346c670000000140000001100010000"], 0xd7c}, 0x1, 0x0, 0x0, 0x1}, 0x20040080)
ioctl$DVD_WRITE_STRUCT(r2, 0x5390, &(0x7f0000000380)=@type=0x2)
ioctl$CDROMEJECT_SW(r2, 0x530f, 0x0)
fanotify_init(0x1a, 0x800)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0xa})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r3, &(0x7f0000000000)=0xb00, 0x12)

3.047801231s ago: executing program 3 (id=4324):
unshare(0x2c020400)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x12, 0x4, 0x8, 0x8002}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)

2.979421714s ago: executing program 2 (id=4326):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1, 0x3f00}, 0x10)

2.979241243s ago: executing program 3 (id=4327):
mount(&(0x7f0000000080)=@nullb, 0x0, &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="cbef"], 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000640)={0x0, 0x3}, 0x8)

2.979145082s ago: executing program 2 (id=4328):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x2c, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x5, 0x0, 0x0}}]}]}, 0x2c}}, 0x0)

2.889573204s ago: executing program 2 (id=4329):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(streebog256-generic)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES64=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r3, 0x27, 0x14, 0x0, &(0x7f0000000440)="f8ad48cc02cb29dcc8007f5b0800", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r2)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000080)={r6, 0x80000000}, &(0x7f00000001c0)=0x8)
sendmsg$BATADV_CMD_SET_VLAN(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x5c, r4, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x9}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3ff}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x6}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8c0}, 0x24000000)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[], 0x80}}, 0x2004c9c1)
sendmmsg$unix(r2, &(0x7f000000a0c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}], 0x1, 0x4004000)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x40}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x280000c0}, 0x0)
r8 = openat$sndseq(0xffffff9c, &(0x7f00000002c0), 0x2000)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r8, 0x4058534c, 0x0)
sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000500)=ANY=[@ANYBLOB="680200000105010400000000000000000a00000a5402010003000000080000000504ff"], 0x268}}, 0x20000000)

2.888488539s ago: executing program 5 (id=4330):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x40, 0x1c8)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x3)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x103401)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0xffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0a003b3e0c7bfb7f3d00000400000000000000", @ANYRES32, @ANYBLOB="00000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x8080)

2.789974931s ago: executing program 2 (id=4331):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r0, &(0x7f0000000200)='./file1\x00', 0x40, 0x1)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r1, &(0x7f00000016c0)=ANY=[@ANYBLOB="7f454c4604070003070000000000000002000300030000000903000038000000fcffffff0e000000000020000100050000000000000000000300000008000000f30000007f00000004"], 0x58)
close(r1)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

2.14010126s ago: executing program 3 (id=4332):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x40, 0x1c8)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x3)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x103401)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0xffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0a003b3e0c7bfb7f3d00000400000000000000", @ANYRES32, @ANYBLOB="00000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x8080)

2.137235642s ago: executing program 2 (id=4340):
r0 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0xf, &(0x7f00000000c0), 0x4) (async)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) (async)
setsockopt$sock_attach_bpf(r0, 0x1, 0x31, &(0x7f0000000000), 0x4)
r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x38e3bb2, [{{0x9, 0x2, 0x48}}]}}, 0x0) (async)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
move_mount(0xffffffffffffffff, &(0x7f0000000000)='./file0/file0\x00', 0xffffffffffffff9c, 0x0, 0x247) (async)
r2 = socket$kcm(0x10, 0x2, 0x0) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0x15}], 0x1}, 0x0) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10) (async)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r4 = accept4$alg(r3, 0x0, 0x0, 0x0)
read$alg(r4, &(0x7f00000012c0)=""/4109, 0x100d) (async)
sendmsg$alg(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000940)="7911bf87e318844b7b7ece8fe95693844ba2b4c29049c749521cf970374e19e3e0eb47e456c6b48e9e68bd1805ae07b41faef517790c07a3922b2732c0b26c06681e5f6eeb013cae354f9e4cbdb1e2740ed027e6cea3bf48243cf3a4dfea964f056d9750a3845e1afa1cd4746ed1de3dcd86984fcb49e380144defb2648b5d28438225bdb08ba43fde421a07274d5d77389ddda7dbfec5ce2019fb2b85555c3adbf6812125af1e846cf1c0e4b88a751c58dfad1d210fbec40a1b21115f69230ca80b3ed558b27f6c46fe25c01fe4c11d000000e6861f6eb75b6f4903971921f799a56c12097998d9cfdce430335046f02dd1fef77b36c617b8b67621742664d291f3438ba31b57842446f6aa2fbfff010000264d5b90146b17bc3c0af4eb4c183105af0bf545dc7319b1d15df85b74782fa3ee9ab265ad12d233294e264185a4db3eb0d4c67c7c9f6b8274075dcc548a732bfec549e667222434c994038db46f9580557ead9e92b0ec15bb7af49fd95943f77365def17240bf76611100eacf76c14159d07ddd28fe4bedf9f9f1cc352a5ac349ba0eadd1d9179e26cc83fdb29b0db84695b0c4789bed03b6", 0x1ab}, {&(0x7f0000003240)="efc738a16cc28c4946440ccbad4a5f1d56d06c415fd74d3f7ae7fede9df25861ac370f6d867d6672f8e7024df494ac35bd04b35f68b11663b146746ef3f58b12cfd7cd648c12a75f123d9cf5f9c10bcb48f942b34db9fbddcea5e0c3999da708bc472cd687c8f27748d1839e219628ad9687678201b445a59e0da96ecd38c0ce8bca1acbc78f9a3335e5db0eb0cd454006b4e3a5988e038b05322dad026df32c378b20fd75460e1205020d105c5115d2893e413b8b80e36946d011863b5a21472f1bd0d48b0c58211aff50a91e31112d632b56886d75ee84f49ffe015e33237150d3a3c4d871d348fa8e16f94c9e9d1e08d37c8b58f05f1a7c7133aae433f4564b8120d926c8ed8945d774620ec50deb1b3de7e66655d52f397f1811a024d870a4be151a15908b871992af52db41a28cb43633e1f9727e5373e318da8155d3e00b5b5eb28da52e8d364ec5de7614d8fd52401a6367e32464752d7379aaee4b08445ab9ca96663e47584d7470acf0312c545ffcee66d1903bc965caf4d66faf0c8e82ce4bd9c769d3440aca255e97c95a9810f33244d3963ec5610d0dcf62394ba8241351909acab1c154d1796ab44f683a08b307cc1905573642f6b2ef46e764d7f6d692de0fdefe6363a586f50d385e14b5b4209fd4efd93668ef020eaa8e3a70e6511438f81a2e6236b90628ac919ba9eeb04a9fd736a2681489427fa2fbd7f9fe559db1070fe3876e3217626fa811af2b2e3efb3587b19460f885c277e81a94277bbd3f19d4427538a4d93185e6647c4b8ffba034fe43e288dbb2eaf46299255aa246eb720a58224fc8490ed19cc40edd59552ec36b4645edc4e72e4c0ec8c48be18626f32c6aa982f821c40a0ba2d9b19c18a2e3a6b82e562c11620551de6364cc836ccd438823cbb2be8883a46d1141e136fdef2b1b19b879bd1be9a9993265758044ec33a87c625607ceda2e8245ebd7610b8c779957a1186a1611bd0caf66de3bcfbe904e28bae0174818f47eec3e79d74624b57d0b0dd173bfb5dbc4292e817bb03a0725bf11769fcf53ea95ef538be9a33c841f618fe4bc731cd8c826caec2691aee93ca57624e693947484163b3ae01d947155b499f56d7283b7d82c8000ba4a5457a1b1e40a17b7d4a54b45ebb0e8322e9dc9e2743a030c54f637381f10676d747cf8d1f982285187126b6da1e6fb374a8d87c956f9ad7c0328e8452fb6801e1c4db11dba4fd3ac3c382a05ab7148dcfb2266eac19399469c7aaf60eecbb1a92d6abf4bdda90752059106149645c6f5ea20b66c3ca634145c64b0c86ff46edc2b7d6269df97efd2f3e6fcda4cc9dc636951a9d6f0dc01f51ae273dcfeb66ec749d3cfe7cb11c45a473e126cab55450c5ffa59b3f3afb686f8258200bb8a529faff7f988d632300b890f73d51c60c64f4679cd86cc1f4602089f93ba03a51c846eed467432084f71c38413d0d9d1b83f9605207e9b28142d7bf94c7aedcd19f0fc93d4b95a1fea7babe2cb8de1a1a08f3a2d8d0aa1e718c1460e15329700e9e14c5cffff9c7a62b09df0a025e96ab03fa316e50d5b3b01ca4c5e0c6ac23f9703462e14f5fb6d5c1c2514d714746db1b5a5cee1111640114a9556cc518168b161b13e989e8f9ac51e2c01f7fbefea6ce6a8714c47279093fbb59fb760b7dd3138004343063485b506b120728d22c422324871c34f2dc7c53ce0bbab87bcd3efcf8fd4fa2bce12a10b00bdbb24791758516d02012613dd74caac26a176392ec11250e81d2566b2373a2b6536c3e2f28742cbca11b201934d19b42241d94a9da5b282eff530ddd3ed20318be47e9264b0a8fb0745e78c9c1f612ed03479ae14a176cfe52edb5eb2712c21fae58bf4c4143da57a9ee28acede9f56700bfa0f5c51da975fec9f8141b76cacdbfe69be80a325666cbd8fe458ed7f8965166b120ffb5e28dfbb5b3141cf963fd07548a4a35d2c749ce3adea69e0e0d4fd4158142fb7050d477fc51b2ef7e6f0e09cb8016a9bdfff7a200cd992a71a156339160b5757e163a14246c94fe11a0e210c5946b3147bc6870c9900e102b82e9a66a243a2e23e7ff98f7d9f017301740ac157f804afebf2f5bebbbf68583d86b01daaf02bc086bc2c4ddecf1a30795cb23a37bcff24ac3307545acc9bc7949edb2ea5b851ceb3bf2d34f049f1664100b0fc8ea326000e032bc5e50cdec80803a468e334002cfa7ccbef11f951f7679f403ce0cff42101702999218a15396952a3faa0154764c4359f037414bad967afca45285bd5ab985364e6b8bec744c00b3f95010eda041112ace0f09833c9b1049c36f03cca4e9264485d5784466e4b908b4b6216bd935abf49553dcdd4e48bc39f8b22f9b4bef1339b5121ad34ef3df4051333b8ea4ce83cff7abc863c43440ab6892281bc96fbf848ae9e82cb1a2d791b8bcf98ddb65baada7c08075dfe27cd06aedb0ff458880d600ba5bdb14c0858415c43c0aa6660298a944d568487853e7dac0c955d1268f70874756f6316e6181313f215ed3724ef760d89df82a178b51169506ada831725827c62b80f2e47fdac38b86192f68fe2fe5794f7adeac9c5bfc9e1fa8d5199fd7df202ee6e1ba38d40b7750f900771ea8e4f00d4c25065cf8867dc929c892f8e4652040862d48e8af1a48fc500882e874995c48cace7754bf0be2765be83001958946c8cb794f8813816e505de401d789223bc0af5739045751640272afb39d45d2be00cac743bfbce9a9a7f4b8f55511f3ad26264a09c19f26ed1b45b0fb254f98e5e1473bbccaa21219b327d1bbedab4a4dfdf516259feef632f72f5092bf78d886772e73ed2250f5ec20ac6fa66cf8c2626d3b5973ce9f4f95ead5c8a65db49966de0fd9e9ce97894b764ec3f75093a4f3ec4507e2507256c59a52969fdabfc100e6ae23acf121bb3acf34d190211b4001b632b10a252be0430bd107ee884a0ba16fc50eb717ae36aba0dbb130dc64b5cc21d1fe87856c8787474333c3a793fe81c9b9b56ee41fd2e1f2d6150495dc3379bf66fa4d53f868047b6c50f8c5a4c2ea2a355b5eb1ab3d3f32791b9ffcb08698dbe841f3338be19e5d927dfb14711b4aed2435fc53340162c878bee30d9d7d2409be614240540f7f5702be3e2ba38d8f999a624acdcaef37dabb86d225f35e92691de25bf68e0115e6680107f07380b28254e9df2e54a5179ed064fc9744dcb553b56720171b0325876c9b82d0120add35ac3f38b41fc28b149f944c66555051ca92341a953739a1674fae837bdb8d8d10adf7ef74092f505375c8414d82805176b680908d5c0f6c2a14bd526631c5abeccaf3469e3ae01c4db2371a77219ee109a83d62aef26efff181f240a163bc0cb253405018b69ba8d62ac582cb186c8c89e3c140bffaa4d99fab17975ccd925efab24b6a181773fe1daac55f18ab1e0264f8d1f7aabe395ce80792bb77cbd0b58fcd928ad74f0342876e098c93f9611887022a92e4d9b1da9c911bb7d762bdcdba36f749e16aad0bcf6f8596b2b50fc65a6811b709d9ad6593c2eb9867af3a276de26d6a6f87ec5173ca79e88122bf5151e98dee268fc8a79a4e83f2427a02ed702b0926ecf0b4bb1a3051f0a4d3cf31038fb600c7eb0cedc0d59ac99bff3b31a9065efecca740fcd948fb9c2eb6197b8226c397de7a4c268fa41877ca1618f77ffa93b2e17348301899bb1a5b389422d7364eb1e5ddd0daf2065894cf10886ce0d3920c0a283de54ec57942d456579851ca3590c26f8c360b7cbaa0328c29532aad80b2627b25641e613b38a2accf5881bbbc7086085a8fcf25895da9244c7dd773bff995e159ea3899487f202d97f2977e4527f75ec64a85cb21b120828b2ac24c711ea2b7cba4b0a195a1840aec7d34a4745b42596f186820584b4b75af29fba5b6d3623718efeebf52e848fe48160fbfd5a0f6511649e3e1c58e599c6d9c7597e5e12227e281204921819fbf9e0c9bd16d598aec601bbdc87e8d94225368cb65da83cbb722d79957a7c0bcea91a45f9b52558ccdcd2754da40fc0fbf78abd06c05f1fc7381eb06e4a0afcca6db7cace72aaacdf498cf9ca42c9b3c6615d9df167ef2d1b868e56a9652beea2f72530f24fe373333d9a524ed48e52e51d3784649a9b9a9f1cfdfabd3cdf832b2dda019bb4e1e1e71e75f88cbc3a16a6848ac2385024abb76249841f630008f3805462604d65eebf4e14b6c2ad9f9e2dc2a5a55d7ce5dde8307ac655b4dfcc99d0f050e838d310957915b4fc838f26f2659d72f801e8c62c6477cc33d7f60e659881422ddad61819b93f0f7817acab429b3c7d3923abce00993ada7fd7e5987cab4f4aea02acabad3f27f223c0108f44d8d5833932b4eb427f83f7b336f214293f8adc0ed2cd45d792cc69a84e01f6fe7020f96cd05c1dd792f30f1dec2c21ecf00ca956e4a2c71b52b1c298ae6e319cf845b97b60e07ab82afa30ffe94c16efb971959951746edde9639bb055feebe25611b595e23cade8420a2ee207977ab47dd559f09d17823e6184f83c44b881e4baa5d9abd6e2f8156a1fff943e61eea0e9b2fe26236e8288c5116ae9a8b0f110794f629c800d08729ea2000d56dbe404a747c149b7890bd6ac91319200b7078e2e039a29f45ffac3ecbafbc8b00db9f2e8eeb92ebf0a494bd4616925c9b289522c76f87d2c73342db85cc9a3ff09ae84c2c4b3618ba220bb6442968d9ae9eec02e577412fbedd827678a320b7dd8503d0bab20ca7fe7d982330506fc38eaaa6f1cde45377b08f0b66590b75fd6d390da80d01bf6c6dfc12f3b31312b75d1c6e8c6b86527b4f7c5464465b655b1c76a2b7dc202cf50f88f41bae5d7b8e8c38f3b254628f2418e2fe00b63f8162c60cd95fc9b0b6bba3a0989bbb858d2f1c892713e3bdc1a50bddfbb5c11f242464183ee9b85734b5683c242a264ea415df1284ffd87a36516518a09171cbad0149753e836aa41b27ff441460cf0f0d59ca9c1023b2bac5be5512827d4a64e6d7283e335682f9f4e0ad5471839e447b803c6b43d7daa2709536bc2ab955880cd25d1a50aa78fd646e31b3382426e1e77429d37712968223046698b51362b974a6c6782bfb17f40ade50c82523c1c87b59ba4cab6db7ea321b345133ef90039ddf3465043f05e0c1f0d9322aaf67408cf0c81162c17fd0a3fa195df5b6916b00811", 0xe63}], 0x2, 0x0, 0x0, 0x8801}, 0x4000001)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b) (async, rerun: 64)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 64)
ioctl$KVM_GET_API_VERSION(r5, 0xae00, 0x0) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000007feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407020100c04100001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) (async)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x240, &(0x7f0000000c40)=ANY=[@ANYBLOB="d300004ebc69b4127a192fb5fa911cc8d24a401faf98a807146883addf0815f2a4457826f7aef5c4e8279a9b73ff1927e1795bc549180624103d0fd9a1ddc8f1560e50b8edf8a530fb86eeebee9d26fec1919acf951c1e060df9e36d9723d743b1c7cf7184f085fb36184a42822c12f7ef4a55888954d7d77ad1136dfbace569f5d9162162cfae67a3e03cc74805ef23ada31149115034443e688fbc9a1234f70f1493aed9e8dc263c57a89dce55cbac708d923c8fe422049700ac66bc8fb1906256bf95d3546204b64687259ef3dea928e284972c0bae004b00004ea83a5a9306e53b7a1f0fb9e8acee0e88b1172d4f76112286bb2b79bc0a04dac1af87912b7636151a8f4be9117f10689b14be0e2efe6ae95c80f10064ef0771dc365321ce94291f76085b90003f00004ef4610299e88ec5e30afbe778207f15535dffa39bb61b52585eadcd048fb71ecda0c03159a9cd8d91d55dbf88a64731795fda6f499199a148aab7bc9d4fdd27008f00004eba4f2ee7810094060a1acfca75989876d4893324e727948fff239025d65005ecae0913a5e93002d6465a687942f1200f10d3c382ec32c8fa1716bfcc1c1a73d0cb8d05717ed2f0aca013352e9eb0408ce4ae40f6155a3c1559fc45155b1cc6e27122417d7598172c8024249ec2c1bd84d41c7c2462ace63c1b867c7422262439ea523718d74598e776475fc2eb084b003900004e642abd37d2285ea52812fa7866e8168b7135c5f1967155db93a3cd976727bfad1be4fe0e54593a0d25605451562caac5678885421488cc8efa000000"])

1.86027197s ago: executing program 5 (id=4334):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x2467, &(0x7f00000004c0)=ANY=[], 0x0)

1.859824219s ago: executing program 5 (id=4335):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
chmod(&(0x7f0000000140)='./file0\x00', 0xfeff)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x4001)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x100000}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp512\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f7", 0xf4240}], 0x1}], 0x1, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00')
getdents(r4, &(0x7f0000000000)=""/182, 0xb6)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
r5 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_int(r6, 0x107, 0xf, 0x0, 0x0)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c)
write$tun(0xffffffffffffffff, &(0x7f0000000400)=ANY=[@ANYBLOB="080008000703030045178cf8c7c5caaf005d11d59da00749aeabd795"], 0x2b)
creat(&(0x7f0000000300)='./file0\x00', 0x0)

1.750448653s ago: executing program 0 (id=4336):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000004500090000030000000100f102000000080002"], 0x1c}}, 0x20000084)

1.750260585s ago: executing program 0 (id=4337):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x2c, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x5, 0x0, 0x0}}]}]}, 0x2c}}, 0x0)

1.681018414s ago: executing program 0 (id=4338):
r0 = socket$unix(0x1, 0x1, 0x0) (async)
r1 = socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r2) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000001c80)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000002000)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_CHANNEL(r2, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c00000006b3f7bb03158a2df2c504bd165ac0200e3a222a9c864b1abb52cc5eb2bea407d35d4db2b201b9e9917280b21b94c51ab154495181ff746e38d5d8343d56b161b4e5e8874c66febaf112ff5c3862ccf3b04fec7ff6fa2092878bf058f94fd42c06509e1f516ae5f348088cab3b174d72b0eb988deb69b65f0ed2459daf8daa1fe5e997df0905209fcf86f595c1e4b7a2a7c47cbeabe831c7dc209f0ae1ae0de303262534bfdba897864e5d0000", @ANYRES16=r3, @ANYBLOB="03012cbd7000fedbdf254100000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) (async)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x64, r6, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x200}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r9}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffffe}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xff}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}]}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x20000010) (async)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r11 = socket(0x400000000010, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x2}}}]}, 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(r11, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r12, {0x3, 0x5}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0xfff, 0x3, 0xa, 0x7}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}}, 0x0)
r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r13) (async)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) (async)
r14 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r15=>0x0})
sendmsg$kcm(r14, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r15, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)='\r', 0x1}], 0x1}, 0x4)

1.519825882s ago: executing program 0 (id=4339):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(streebog256-generic)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES64=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r3, 0x27, 0x14, 0x0, &(0x7f0000000440)="f8ad48cc02cb29dcc8007f5b0800", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r2)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000080)={r6, 0x80000000}, &(0x7f00000001c0)=0x8)
sendmsg$BATADV_CMD_SET_VLAN(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x5c, r4, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x9}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3ff}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x6}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8c0}, 0x24000000)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[], 0x80}}, 0x2004c9c1)
sendmmsg$unix(r2, &(0x7f000000a0c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}], 0x1, 0x4004000)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x40}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x280000c0}, 0x0)
r8 = openat$sndseq(0xffffff9c, &(0x7f00000002c0), 0x2000)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r8, 0x4058534c, &(0x7f0000000380)={0x2, 0xff, 0xe, 0x9, 0xfffffd67, 0x81})
sendmsg$OSF_MSG_REMOVE(r0, 0x0, 0x20000000)

1.390299666s ago: executing program 0 (id=4341):
mount(&(0x7f0000000080)=@nullb, 0x0, &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="cbef"], 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000640)={0x0, 0x3}, 0x8)

1.198310117s ago: executing program 3 (id=4342):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x847ba, 0x600, 0xe, 0x0, 0x0)

969.935599ms ago: executing program 5 (id=4343):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x40, 0x1c8)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x3)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x103401)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0xffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0a003b3e0c7bfb7f3d00000400000000000000", @ANYRES32, @ANYBLOB="00000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x8080)

830.140143ms ago: executing program 2 (id=4344):
syz_usb_disconnect(0xffffffffffffffff)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a8230800090400bc6435fb4d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x7})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$VT_RESIZE(r1, 0x5609, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, &(0x7f0000000a80)=""/188, 0xba)
write$char_usb(r2, 0x0, 0x0)
read$char_usb(r2, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[], 0x0)
r3 = syz_usb_connect(0x3, 0x2d, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io$uac1(r3, 0x0, &(0x7f0000000680)={0x44, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0)

530.384842ms ago: executing program 0 (id=4345):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x1410, 0x10100, 0x3, 0x1, 0x0, r1}, &(0x7f0000000080)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x54, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
futex_waitv(&(0x7f00000001c0)=[{0x6, &(0x7f0000000180)=0x6, 0x2}], 0x1, 0x0, 0x0, 0x0)

0s ago: executing program 5 (id=4346):
mmap(&(0x7f000038f000/0x3000)=nil, 0x3000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r0, &(0x7f0000000580)='1\x00', 0x2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
write$sysctl(r0, &(0x7f00000000c0)='2\x00', 0x2) (fail_nth: 3)

kernel console output (not intermixed with test programs):

] audit: type=1326 audit(1769490330.001:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  624.750673][   T40] audit: type=1326 audit(1769490330.001:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  624.757815][   T40] audit: type=1326 audit(1769490330.001:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  624.765879][   T40] audit: type=1326 audit(1769490330.001:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000
[  624.773815][   T40] audit: type=1326 audit(1769490330.011:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000
[  624.781679][   T40] audit: type=1326 audit(1769490330.011:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf741d598 code=0x7ffc0000
[  624.789517][   T40] audit: type=1326 audit(1769490330.011:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=135 compat=1 ip=0xf741d579 code=0x7ffc0000
[  624.797171][   T40] audit: type=1326 audit(1769490330.011:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  624.804254][   T40] audit: type=1326 audit(1769490330.011:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  624.811242][   T40] audit: type=1326 audit(1769490330.011:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18680 comm="syz.4.3409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  624.950541][T18691] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3411'.
[  624.970869][T18691] FAULT_INJECTION: forcing a failure.
[  624.970869][T18691] name failslab, interval 1, probability 0, space 0, times 0
[  624.975173][T18691] CPU: 0 UID: 0 PID: 18691 Comm: syz.0.3411 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  624.975202][T18691] Tainted: [L]=SOFTLOCKUP
[  624.975206][T18691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  624.975213][T18691] Call Trace:
[  624.975217][T18691]  <TASK>
[  624.975222][T18691]  dump_stack_lvl+0x100/0x190
[  624.975239][T18691]  should_fail_ex.cold+0x5/0xa
[  624.975258][T18691]  should_failslab+0xc2/0x120
[  624.975274][T18691]  kmem_cache_alloc_noprof+0x83/0x780
[  624.975290][T18691]  ? dst_alloc+0x99/0x1a0
[  624.975307][T18691]  ? dst_alloc+0x99/0x1a0
[  624.975320][T18691]  dst_alloc+0x99/0x1a0
[  624.975336][T18691]  rt_dst_alloc+0x35/0x3a0
[  624.975347][T18691]  ip_route_output_key_hash_rcu+0x87a/0x2870
[  624.975366][T18691]  ip_route_output_key_hash+0x118/0x2b0
[  624.975380][T18691]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  624.975398][T18691]  ? find_held_lock+0x2b/0x80
[  624.975412][T18691]  ip_route_output_flow+0x27/0x150
[  624.975427][T18691]  udp_sendmsg+0x1ad5/0x2880
[  624.975445][T18691]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  624.975465][T18691]  ? __pfx_udp_sendmsg+0x10/0x10
[  624.975483][T18691]  ? __lock_acquire+0x4a5/0x2630
[  624.975506][T18691]  ? aa_sk_perm+0x2de/0xb40
[  624.975530][T18691]  ? __pfx_udp_sendmsg+0x10/0x10
[  624.975548][T18691]  inet_sendmsg+0x105/0x140
[  624.975561][T18691]  ____sys_sendmsg+0x9ad/0xc30
[  624.975575][T18691]  ? __pfx_____sys_sendmsg+0x10/0x10
[  624.975587][T18691]  ? _parse_integer_limit+0x17f/0x1d0
[  624.975602][T18691]  ? _kstrtoull+0x13c/0x1f0
[  624.975614][T18691]  ? __pfx__kstrtoull+0x10/0x10
[  624.975628][T18691]  ___sys_sendmsg+0x190/0x1e0
[  624.975642][T18691]  ? __pfx____sys_sendmsg+0x10/0x10
[  624.975655][T18691]  ? __lock_acquire+0x4a5/0x2630
[  624.975693][T18691]  ? find_held_lock+0x2b/0x80
[  624.975713][T18691]  __sys_sendmmsg+0x2ff/0x430
[  624.975732][T18691]  ? __pfx___sys_sendmmsg+0x10/0x10
[  624.975753][T18691]  ? __fget_files+0x215/0x3d0
[  624.975773][T18691]  ? xfd_validate_state+0x129/0x190
[  624.975794][T18691]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  624.975811][T18691]  ? lockdep_hardirqs_on+0x78/0x100
[  624.975825][T18691]  __do_fast_syscall_32+0xde/0x660
[  624.975841][T18691]  do_fast_syscall_32+0x32/0x70
[  624.975855][T18691]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  624.975869][T18691] RIP: 0023:0xf7f41579
[  624.975879][T18691] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  624.975890][T18691] RSP: 002b:00000000f53e550c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  624.975902][T18691] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080004d00
[  624.975908][T18691] RDX: 0000000000000300 RSI: 0000000000000f1c RDI: 0000000000000000
[  624.975915][T18691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  624.975921][T18691] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  624.975928][T18691] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  624.975946][T18691]  </TASK>
[  624.977957][T18689] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3412'.
[  625.022523][T16285] usb usb44-port1: unable to enumerate USB device
[  625.023194][T14768] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  625.232684][T14768] usb 9-1: Using ep0 maxpacket: 32
[  625.236472][T14768] usb 9-1: config index 0 descriptor too short (expected 156, got 27)
[  625.240021][T14768] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  625.244952][T14768] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  625.249461][T14768] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  625.254046][T14768] usb 9-1: config 0 interface 0 has no altsetting 0
[  625.261361][T14768] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  625.265354][T14768] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  625.268901][T14768] usb 9-1: Product: syz
[  625.270797][T14768] usb 9-1: Manufacturer: syz
[  625.273012][T14768] usb 9-1: SerialNumber: syz
[  625.277165][T14768] usb 9-1: config 0 descriptor??
[  625.283055][T14768] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  625.291451][T14768] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  625.511144][T18696] tmpfs: Unknown parameter 'mpol#prefqlé?×Ð_‚u…eXmofIã œ—!�O}cU §KÈã‘zÂÅrᦳJx)FÌoT_��æE»k6§móMÍúHtvé)–g
[  625.511144][T18696] hÝÚOÑîy•1„–û'
[  625.859780][T18707] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3416'.
[  626.219836][T18714] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3418'.
[  626.231057][T18717] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3418'.
[  626.394925][T13900] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  626.401222][T13900] Bluetooth: hci1: Injecting HCI hardware error event
[  626.405381][   T65] Bluetooth: hci1: hardware error 0x00
[  626.434631][T18720] FAULT_INJECTION: forcing a failure.
[  626.434631][T18720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  626.438742][T18720] CPU: 3 UID: 0 PID: 18720 Comm: syz.0.3419 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  626.438760][T18720] Tainted: [L]=SOFTLOCKUP
[  626.438764][T18720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  626.438771][T18720] Call Trace:
[  626.438775][T18720]  <TASK>
[  626.438780][T18720]  dump_stack_lvl+0x100/0x190
[  626.438812][T18720]  should_fail_ex.cold+0x5/0xa
[  626.438831][T18720]  _copy_from_user+0x2e/0xd0
[  626.438854][T18720]  load_msg+0x19e/0x4a0
[  626.438868][T18720]  do_msgsnd+0x1ad/0x1790
[  626.438880][T18720]  ? __mutex_unlock_slowpath+0x15c/0x790
[  626.438906][T18720]  ? __fget_files+0x215/0x3d0
[  626.438921][T18720]  ? __pfx_do_msgsnd+0x10/0x10
[  626.438934][T18720]  ? find_held_lock+0x2b/0x80
[  626.438945][T18720]  ? __might_fault+0xc5/0x140
[  626.438957][T18720]  ? __might_fault+0xc5/0x140
[  626.438973][T18720]  ? __ia32_compat_sys_msgsnd+0xe6/0x130
[  626.438987][T18720]  __ia32_compat_sys_msgsnd+0xe6/0x130
[  626.439003][T18720]  __do_fast_syscall_32+0xde/0x660
[  626.439019][T18720]  do_fast_syscall_32+0x32/0x70
[  626.439033][T18720]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  626.439048][T18720] RIP: 0023:0xf7f41579
[  626.439057][T18720] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  626.439068][T18720] RSP: 002b:00000000f53e550c EFLAGS: 00000292 ORIG_RAX: 0000000000000190
[  626.439079][T18720] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000140
[  626.439086][T18720] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 0000000000000000
[  626.439093][T18720] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  626.439099][T18720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  626.439106][T18720] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  626.439120][T18720]  </TASK>
[  626.994767][T18740] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  626.996938][T18740] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  626.999583][T18740] vhci_hcd vhci_hcd.0: Device attached
[  627.001893][ T6007] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  627.127683][T18741] vhci_hcd: connection closed
[  627.128034][   T63] vhci_hcd vhci_hcd.0: stop threads
[  627.131857][   T63] vhci_hcd vhci_hcd.0: release socket
[  627.134023][   T63] vhci_hcd vhci_hcd.0: disconnect device
[  627.171944][ T6007] usb 8-1: Using ep0 maxpacket: 8
[  627.175199][ T6007] usb 8-1: config 0 has an invalid descriptor of length 9, skipping remainder of the config
[  627.179109][ T6007] usb 8-1: config 0 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  627.183376][ T6007] usb 8-1: config 0 interface 0 has no altsetting 0
[  627.185861][ T6007] usb 8-1: New USB device found, idVendor=04d8, idProduct=06dd, bcdDevice= 0.00
[  627.189756][ T6007] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.194374][ T6007] usb 8-1: config 0 descriptor??
[  627.200742][ T6007] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  627.699268][T18747] FAULT_INJECTION: forcing a failure.
[  627.699268][T18747] name failslab, interval 1, probability 0, space 0, times 0
[  627.707634][T18747] CPU: 1 UID: 0 PID: 18747 Comm: syz.0.3429 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  627.707690][T18747] Tainted: [L]=SOFTLOCKUP
[  627.707696][T18747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  627.707706][T18747] Call Trace:
[  627.707713][T18747]  <TASK>
[  627.707722][T18747]  dump_stack_lvl+0x100/0x190
[  627.707748][T18747]  should_fail_ex.cold+0x5/0xa
[  627.707776][T18747]  should_failslab+0xc2/0x120
[  627.707799][T18747]  ? __d_alloc+0x679/0xa80
[  627.707819][T18747]  __kmalloc_noprof+0xf6/0x9c0
[  627.707835][T18747]  ? __d_lookup+0x25c/0x4a0
[  627.707868][T18747]  ? __d_alloc+0x679/0xa80
[  627.707886][T18747]  __d_alloc+0x679/0xa80
[  627.707910][T18747]  d_alloc+0x4a/0x1e0
[  627.707933][T18747]  lookup_one_qstr_excl+0x175/0x250
[  627.707970][T18747]  ? mnt_want_write+0x161/0x450
[  627.707989][T18747]  filename_create+0x1cf/0x400
[  627.708008][T18747]  ? __pfx_filename_create+0x10/0x10
[  627.708028][T18747]  ? find_held_lock+0x2b/0x80
[  627.708046][T18747]  ? __might_fault+0xc5/0x140
[  627.708068][T18747]  do_symlinkat+0xda/0x510
[  627.708092][T18747]  ? __pfx_do_symlinkat+0x10/0x10
[  627.708112][T18747]  ? strncpy_from_user+0x19d/0x2d0
[  627.708139][T18747]  ? getname_flags.part.0+0x1c5/0x540
[  627.708166][T18747]  __ia32_sys_symlinkat+0x199/0x240
[  627.708191][T18747]  __do_fast_syscall_32+0xde/0x660
[  627.708215][T18747]  do_fast_syscall_32+0x32/0x70
[  627.708237][T18747]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  627.708259][T18747] RIP: 0023:0xf7f41579
[  627.708272][T18747] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  627.708287][T18747] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000130
[  627.708304][T18747] RAX: ffffffffffffffda RBX: 0000000080000400 RCX: 00000000ffffff9c
[  627.708314][T18747] RDX: 0000000080001300 RSI: 0000000000000000 RDI: 0000000000000000
[  627.708324][T18747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  627.708335][T18747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  627.708344][T18747] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  627.708369][T18747]  </TASK>
[  627.814450][  T843] usb 9-1: USB disconnect, device number 4
[  627.825492][  T843] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[  627.852792][T13900] Bluetooth: hci1: Unable to find connection with handle 0x00c9
[  627.951034][ T1122] sr 2:0:0:0: [sr0] tag#4 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  627.954351][ T1122] sr 2:0:0:0: [sr0] tag#4 Sense Key : Not Ready [current] 
[  627.956795][ T1122] sr 2:0:0:0: [sr0] tag#4 Add. Sense: Medium not present
[  627.959265][ T1122] sr 2:0:0:0: [sr0] tag#4 CDB: Read(10) 28 00 00 00 00 02 00 00 02 00
[  627.962019][ T1122] I/O error, dev sr0, sector 8 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  627.966328][T18765] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3432'.
[  628.002744][ T1122] sr 2:0:0:0: [sr0] tag#5 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  628.006838][ T1122] sr 2:0:0:0: [sr0] tag#5 Sense Key : Not Ready [current] 
[  628.009731][ T1122] sr 2:0:0:0: [sr0] tag#5 Add. Sense: Medium not present
[  628.013232][ T1122] sr 2:0:0:0: [sr0] tag#5 CDB: Read(10) 28 00 00 00 00 02 00 00 02 00
[  628.015989][ T1122] I/O error, dev sr0, sector 8 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  628.150299][T18771] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  628.153118][T18771] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  628.157025][T18771] vhci_hcd vhci_hcd.0: Device attached
[  628.183148][T18775] fuse: Bad value for 'rootmode'
[  628.212416][ T1122] sr 2:0:0:0: [sr0] tag#18 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  628.216012][ T1122] sr 2:0:0:0: [sr0] tag#18 Sense Key : Illegal Request [current] 
[  628.218516][ T1122] sr 2:0:0:0: [sr0] tag#18 Add. Sense: Invalid command operation code
[  628.221091][ T1122] sr 2:0:0:0: [sr0] tag#18 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  628.224158][ T1122] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800000 phys_seg 1 prio class 2
[  628.228113][ T1122] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  628.307219][T18773] vhci_hcd: connection closed
[  628.307582][ T1142] vhci_hcd vhci_hcd.0: stop threads
[  628.312450][ T1142] vhci_hcd vhci_hcd.0: release socket
[  628.315002][ T1142] vhci_hcd vhci_hcd.0: disconnect device
[  628.461971][   T65] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  629.042543][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  629.044651][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  629.677288][ T6007] usb 8-1: USB disconnect, device number 18
[  631.736684][T18819] 9p: Bad value for 'rfdno'
[  631.739617][T18819] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3447'.
[  632.324444][T18836] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3451'.
[  632.330427][T18836] geneve2: entered promiscuous mode
[  632.357243][T18840] netlink: 180 bytes leftover after parsing attributes in process `syz.3.3452'.
[  632.591884][   T62] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  632.761973][   T62] usb 8-1: Using ep0 maxpacket: 16
[  632.774582][   T62] usb 8-1: config index 0 descriptor too short (expected 65, got 36)
[  632.778151][   T62] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  632.791889][   T62] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  632.796872][   T62] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  632.801428][   T62] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  632.817488][   T62] usb 8-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  632.820567][   T62] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.827186][   T62] usb 8-1: config 0 descriptor??
[  632.842556][   T62] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input25
[  632.848568][ T5330] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  632.855824][ T5330] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  632.858276][ T5330] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  632.861665][ T5330] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  632.870315][T18189] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  632.877665][ T5330] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  632.880344][ T5330] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  632.887291][ T5330] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  632.890899][ T5330] pxrc 8-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  633.039745][  T843] usb 8-1: USB disconnect, device number 19
[  633.309791][T18859] FAULT_INJECTION: forcing a failure.
[  633.309791][T18859] name failslab, interval 1, probability 0, space 0, times 0
[  633.314002][T18859] CPU: 3 UID: 0 PID: 18859 Comm: syz.2.3458 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  633.314020][T18859] Tainted: [L]=SOFTLOCKUP
[  633.314024][T18859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  633.314030][T18859] Call Trace:
[  633.314034][T18859]  <TASK>
[  633.314039][T18859]  dump_stack_lvl+0x100/0x190
[  633.314056][T18859]  should_fail_ex.cold+0x5/0xa
[  633.314076][T18859]  should_failslab+0xc2/0x120
[  633.314092][T18859]  ? tomoyo_encode2+0xfb/0x3c0
[  633.314102][T18859]  __kmalloc_noprof+0xf6/0x9c0
[  633.314118][T18859]  ? tomoyo_encode2+0xfb/0x3c0
[  633.314127][T18859]  tomoyo_encode2+0xfb/0x3c0
[  633.314140][T18859]  tomoyo_encode+0x29/0x50
[  633.314150][T18859]  tomoyo_realpath_from_path+0x18c/0x690
[  633.314165][T18859]  tomoyo_path_number_perm+0x23c/0x580
[  633.314180][T18859]  ? tomoyo_path_number_perm+0x22e/0x580
[  633.314198][T18859]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  633.314228][T18859]  ? find_held_lock+0x2b/0x80
[  633.314240][T18859]  ? hook_file_ioctl_common+0x146/0x410
[  633.314257][T18859]  ? __fget_files+0x215/0x3d0
[  633.314272][T18859]  ? __fget_files+0x21f/0x3d0
[  633.314286][T18859]  security_file_ioctl_compat+0xd3/0x230
[  633.314304][T18859]  __ia32_compat_sys_ioctl+0xc2/0x360
[  633.314325][T18859]  __do_fast_syscall_32+0xde/0x660
[  633.314341][T18859]  do_fast_syscall_32+0x32/0x70
[  633.314356][T18859]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  633.314370][T18859] RIP: 0023:0xf740d579
[  633.314379][T18859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  633.314390][T18859] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  633.314401][T18859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01864b0
[  633.314408][T18859] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  633.314415][T18859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  633.314421][T18859] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  633.314428][T18859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  633.314442][T18859]  </TASK>
[  633.314452][T18859] ERROR: Out of memory at tomoyo_realpath_from_path.
[  633.809500][T18874] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3461'.
[  634.434188][T18885] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  634.436235][T18885] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  634.438896][T18885] vhci_hcd vhci_hcd.0: Device attached
[  634.516594][T18891] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3467'.
[  634.516736][T18890] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3466'.
[  634.564425][T18886] vhci_hcd: connection closed
[  634.564585][   T63] vhci_hcd vhci_hcd.0: stop threads
[  634.567980][   T63] vhci_hcd vhci_hcd.0: release socket
[  634.570554][   T63] vhci_hcd vhci_hcd.0: disconnect device
[  634.621904][ T1333] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  635.457476][T18914] befs: (nbd2): No write support. Marking filesystem read-only
[  635.644961][T18920] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3475'.
[  635.838522][T18922] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  635.843584][T18922] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  635.851436][T18922] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  635.857004][T18922] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  635.859910][T18922] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  635.863417][T18922] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  637.046544][T18956] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3488'.
[  637.050182][T18956] netlink: 'syz.2.3488': attribute type 2 has an invalid length.
[  637.054446][T18956] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3488'.
[  637.054843][T18958] netlink: 'syz.2.3488': attribute type 2 has an invalid length.
[  638.722426][T13991] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  638.753914][T18984] netlink: 'syz.0.3497': attribute type 1 has an invalid length.
[  638.874486][T13991] usb 8-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  638.877519][T13991] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  638.880120][T13991] usb 8-1: Product: syz
[  638.881551][T13991] usb 8-1: Manufacturer: syz
[  638.883252][T13991] usb 8-1: SerialNumber: syz
[  639.096356][T18976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  639.100359][T18976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  639.132811][T13991] rtl8150 8-1:1.0: couldn't reset the device
[  639.134855][T13991] rtl8150 8-1:1.0: probe with driver rtl8150 failed with error -5
[  639.142762][T13991] usb 8-1: USB disconnect, device number 20
[  639.948928][T18997] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  639.951833][T18997] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  639.954530][T18997] vhci_hcd vhci_hcd.0: Device attached
[  640.261963][  T843] usb 44-1: SetAddress Request (78) to port 0
[  640.264143][  T843] usb 44-1: new SuperSpeed USB device number 78 using vhci_hcd
[  640.602762][T18998] vhci_hcd: connection reset by peer
[  640.605014][   T63] vhci_hcd vhci_hcd.3: stop threads
[  640.606666][   T63] vhci_hcd vhci_hcd.3: release socket
[  640.612628][   T63] vhci_hcd vhci_hcd.3: disconnect device
[  642.239934][ T1333] IPVS: starting estimator thread 0...
[  642.331901][T19023] IPVS: using max 43 ests per chain, 103200 per kthread
[  642.379803][T19027] FAULT_INJECTION: forcing a failure.
[  642.379803][T19027] name failslab, interval 1, probability 0, space 0, times 0
[  642.385682][T19027] CPU: 1 UID: 0 PID: 19027 Comm: syz.0.3508 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  642.385701][T19027] Tainted: [L]=SOFTLOCKUP
[  642.385705][T19027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  642.385712][T19027] Call Trace:
[  642.385717][T19027]  <TASK>
[  642.385722][T19027]  dump_stack_lvl+0x100/0x190
[  642.385740][T19027]  should_fail_ex.cold+0x5/0xa
[  642.385759][T19027]  should_failslab+0xc2/0x120
[  642.385775][T19027]  __kmalloc_cache_noprof+0x80/0x810
[  642.385787][T19027]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  642.385806][T19027]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  642.385825][T19027]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  642.385837][T19027]  tcp_sendmsg_fastopen+0x24d/0x750
[  642.385852][T19027]  mptcp_sendmsg+0x1468/0x1e40
[  642.385867][T19027]  ? aa_sk_perm+0x2de/0xb40
[  642.385887][T19027]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  642.385903][T19027]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  642.385915][T19027]  inet_sendmsg+0x11c/0x140
[  642.385929][T19027]  ____sys_sendmsg+0x9ad/0xc30
[  642.385943][T19027]  ? __pfx_____sys_sendmsg+0x10/0x10
[  642.385962][T19027]  ___sys_sendmsg+0x190/0x1e0
[  642.385976][T19027]  ? __pfx____sys_sendmsg+0x10/0x10
[  642.386006][T19027]  __sys_sendmsg+0x170/0x220
[  642.386024][T19027]  ? __pfx___sys_sendmsg+0x10/0x10
[  642.386045][T19027]  ? __pfx_ksys_write+0x10/0x10
[  642.386062][T19027]  __do_fast_syscall_32+0xde/0x660
[  642.386078][T19027]  do_fast_syscall_32+0x32/0x70
[  642.386093][T19027]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  642.386107][T19027] RIP: 0023:0xf7f41579
[  642.386116][T19027] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  642.386127][T19027] RSP: 002b:00000000f53e550c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  642.386138][T19027] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000080
[  642.386145][T19027] RDX: 000000002404c854 RSI: 0000000000000000 RDI: 0000000000000000
[  642.386151][T19027] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  642.386158][T19027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  642.386165][T19027] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  642.386179][T19027]  </TASK>
[  642.511719][T19029] FAULT_INJECTION: forcing a failure.
[  642.511719][T19029] name failslab, interval 1, probability 0, space 0, times 0
[  642.516162][T19029] CPU: 3 UID: 0 PID: 19029 Comm: syz.3.3509 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  642.516180][T19029] Tainted: [L]=SOFTLOCKUP
[  642.516185][T19029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  642.516191][T19029] Call Trace:
[  642.516196][T19029]  <TASK>
[  642.516201][T19029]  dump_stack_lvl+0x100/0x190
[  642.516218][T19029]  should_fail_ex.cold+0x5/0xa
[  642.516234][T19029]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  642.516247][T19029]  should_failslab+0xc2/0x120
[  642.516263][T19029]  kmem_cache_alloc_noprof+0x83/0x780
[  642.516278][T19029]  ? skb_clone+0x190/0x400
[  642.516298][T19029]  ? skb_clone+0x190/0x400
[  642.516314][T19029]  skb_clone+0x190/0x400
[  642.516331][T19029]  netlink_deliver_tap+0xaed/0xcc0
[  642.516352][T19029]  netlink_unicast+0x650/0x870
[  642.516371][T19029]  ? __pfx_netlink_unicast+0x10/0x10
[  642.516395][T19029]  netlink_sendmsg+0x8b0/0xda0
[  642.516415][T19029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  642.516434][T19029]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  642.516452][T19029]  ____sys_sendmsg+0xa54/0xc30
[  642.516466][T19029]  ? __pfx_____sys_sendmsg+0x10/0x10
[  642.516485][T19029]  ___sys_sendmsg+0x190/0x1e0
[  642.516499][T19029]  ? __pfx____sys_sendmsg+0x10/0x10
[  642.516529][T19029]  __sys_sendmsg+0x170/0x220
[  642.516546][T19029]  ? __pfx___sys_sendmsg+0x10/0x10
[  642.516567][T19029]  ? __pfx_ksys_write+0x10/0x10
[  642.516584][T19029]  __do_fast_syscall_32+0xde/0x660
[  642.516606][T19029]  do_fast_syscall_32+0x32/0x70
[  642.516620][T19029]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  642.516635][T19029] RIP: 0023:0xf743d579
[  642.516645][T19029] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  642.516656][T19029] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  642.516667][T19029] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080006040
[  642.516674][T19029] RDX: 0000000004041080 RSI: 0000000000000000 RDI: 0000000000000000
[  642.516681][T19029] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  642.516687][T19029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  642.516694][T19029] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  642.516708][T19029]  </TASK>
[  642.529374][T19030] loop6: detected capacity change from 0 to 524287999
[  642.655568][T19033] sp0: Synchronizing with TNC
[  642.657886][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.759453][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.762443][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.765183][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.767880][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.770618][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.773286][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.775934][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.778624][T19030] ldm_validate_partition_table(): Disk read failed.
[  642.781018][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.785070][T19030] Buffer I/O error on dev loop6, logical block 0, async page read
[  642.787878][T19030] Dev loop6: unable to read RDB block 0
[  642.822360][T19030]  loop6: unable to read partition table
[  642.825228][T19030] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  642.850821][T19031]  loop6: unable to read partition table
[  642.853238][T19031] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  643.504409][T19048] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  643.507279][T19048] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  643.510912][T19048] vhci_hcd vhci_hcd.0: Device attached
[  643.559071][T19032] [U] è
[  643.616339][T19051] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  643.618997][T19051] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  643.624457][T19051] vhci_hcd vhci_hcd.0: Device attached
[  643.665186][T19051] netlink: 'syz.0.3514': attribute type 12 has an invalid length.
[  643.782005][   T62] usb 46-1: SetAddress Request (15) to port 0
[  643.784031][   T62] usb 46-1: new SuperSpeed USB device number 15 using vhci_hcd
[  643.892685][T14768] usb 38-1: SetAddress Request (71) to port 0
[  643.895247][T14768] usb 38-1: new SuperSpeed USB device number 71 using vhci_hcd
[  644.111471][T19049] vhci_hcd: connection reset by peer
[  644.114855][   T63] vhci_hcd vhci_hcd.4: stop threads
[  644.116619][   T63] vhci_hcd vhci_hcd.4: release socket
[  644.125602][   T63] vhci_hcd vhci_hcd.4: disconnect device
[  644.278558][T19053] vhci_hcd: connection reset by peer
[  644.281678][   T63] vhci_hcd vhci_hcd.0: stop threads
[  644.283549][   T63] vhci_hcd vhci_hcd.0: release socket
[  644.285733][   T63] vhci_hcd vhci_hcd.0: disconnect device
[  644.884473][T19072] netlink: 7 bytes leftover after parsing attributes in process `syz.0.3519'.
[  644.888743][T19072] netlink: 7 bytes leftover after parsing attributes in process `syz.0.3519'.
[  644.926517][T19076] FAULT_INJECTION: forcing a failure.
[  644.926517][T19076] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  645.051917][T19076] CPU: 1 UID: 0 PID: 19076 Comm: syz.4.3521 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  645.051948][T19076] Tainted: [L]=SOFTLOCKUP
[  645.051954][T19076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  645.051967][T19076] Call Trace:
[  645.051975][T19076]  <TASK>
[  645.051983][T19076]  dump_stack_lvl+0x100/0x190
[  645.052011][T19076]  should_fail_ex.cold+0x5/0xa
[  645.052040][T19076]  _copy_from_iter+0x1f4/0x1690
[  645.052072][T19076]  ? __alloc_skb+0x220/0x410
[  645.052095][T19076]  ? __alloc_skb+0x35d/0x410
[  645.052119][T19076]  ? __pfx__copy_from_iter+0x10/0x10
[  645.052146][T19076]  ? __pfx___might_resched+0x10/0x10
[  645.052176][T19076]  netlink_sendmsg+0x808/0xda0
[  645.052207][T19076]  ? __pfx_netlink_sendmsg+0x10/0x10
[  645.052238][T19076]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  645.052266][T19076]  __sys_sendto+0x4aa/0x520
[  645.052290][T19076]  ? __pfx___sys_sendto+0x10/0x10
[  645.052327][T19076]  ? __lock_acquire+0x4a5/0x2630
[  645.052378][T19076]  __ia32_compat_sys_socketcall+0x59a/0x770
[  645.052406][T19076]  ? __fget_files+0x21f/0x3d0
[  645.052426][T19076]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  645.052453][T19076]  ? fput+0x79/0x100
[  645.052494][T19076]  do_int80_emulation+0x101/0x470
[  645.052519][T19076]  asm_int80_emulation+0x1a/0x20
[  645.052536][T19076] RIP: 0023:0xf718572b
[  645.052549][T19076] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  645.052565][T19076] RSP: 002b:00000000f544534c EFLAGS: 00000246 ORIG_RAX: 0000000000000066
[  645.052583][T19076] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f54453f4
[  645.052595][T19076] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  645.052605][T19076] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  645.052614][T19076] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  645.052624][T19076] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  645.052649][T19076]  </TASK>
[  645.196467][T19077] loop6: detected capacity change from 0 to 524287999
[  645.213277][T18129] ldm_validate_partition_table(): Disk read failed.
[  645.215952][T18129] Dev loop6: unable to read RDB block 0
[  645.218263][T18129]  loop6: unable to read partition table
[  645.222544][T19077] ldm_validate_partition_table(): Disk read failed.
[  645.225541][T19077] Dev loop6: unable to read RDB block 0
[  645.227823][T19077]  loop6: unable to read partition table
[  645.235714][T19077] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  645.292784][T19077] ldm_validate_partition_table(): Disk read failed.
[  645.294974][T19077] Dev loop6: unable to read RDB block 0
[  645.296934][T19077]  loop6: unable to read partition table
[  645.299133][T19077] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  645.351964][  T843] usb 44-1: device descriptor read/8, error -110
[  645.680969][T19089] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  645.691002][T19089] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  645.754299][  T843] usb usb44-port1: attempt power cycle
[  645.864199][T19089] geneve2: left promiscuous mode
[  645.866393][T19089] geneve2: left allmulticast mode
[  645.874555][   T63] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  645.878493][   T63] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  645.913021][   T63] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  645.916568][   T63] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  646.132673][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  646.132689][   T40] audit: type=1326 audit(1769490351.401:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  646.167894][T19094] tipc: Started in network mode
[  646.170133][T19094] tipc: Node identity aaaaaaaaaa33, cluster identity 4711
[  646.173428][T19094] tipc: Enabled bearer <eth:vlan1>, priority 10
[  646.177423][T19094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3527'.
[  646.200292][   T40] audit: type=1326 audit(1769490351.411:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  646.221937][   T40] audit: type=1326 audit(1769490351.411:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf741d579 code=0x7ffc0000
[  646.230292][   T40] audit: type=1326 audit(1769490351.411:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  646.239211][   T40] audit: type=1326 audit(1769490351.411:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  646.247799][   T40] audit: type=1326 audit(1769490351.411:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf741d579 code=0x7ffc0000
[  646.256466][   T40] audit: type=1326 audit(1769490351.421:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000
[  646.272182][T19103] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  646.302168][    C2] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  646.325206][  T843] usb usb44-port1: unable to enumerate USB device
[  646.375157][   T40] audit: type=1326 audit(1769490351.421:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf741d579 code=0x7ffc0000
[  646.692123][   T40] audit: type=1326 audit(1769490351.421:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf718572b code=0x7ffc0000
[  646.738153][   T40] audit: type=1326 audit(1769490351.421:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19090 comm="syz.4.3527" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf718572b code=0x7ffc0000
[  647.184483][ T5982] tipc: Node number set to 10070698
[  647.275575][T19116] Bluetooth: MGMT ver 1.23
[  647.484922][T19127] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[  647.487029][T19127] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  647.489671][T19127] vhci_hcd vhci_hcd.0: Device attached
[  647.696502][T19134] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  647.734155][T19128] vhci_hcd: connection closed
[  647.735775][   T63] vhci_hcd vhci_hcd.0: stop threads
[  647.739911][   T63] vhci_hcd vhci_hcd.0: release socket
[  647.742596][   T63] vhci_hcd vhci_hcd.0: disconnect device
[  647.958642][T19140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3538'.
[  648.861958][   T62] usb 46-1: device descriptor read/8, error -110
[  648.943428][T14768] usb 38-1: device descriptor read/8, error -110
[  649.072097][T19149] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode
[  649.083902][T19149] bridge_slave_0: left allmulticast mode
[  649.085782][T19149] bridge_slave_0: left promiscuous mode
[  649.087646][T19149] bridge0: port 1(bridge_slave_0) entered disabled state
[  649.094934][T19149] bridge_slave_1: left allmulticast mode
[  649.096767][T19149] bridge_slave_1: left promiscuous mode
[  649.098663][T19149] bridge0: port 2(bridge_slave_1) entered disabled state
[  649.110666][T19149] bond0: (slave bond_slave_0): Releasing backup interface
[  649.115548][T19149] bond0: (slave bond_slave_1): Releasing backup interface
[  649.121081][T19149] team0: Port device team_slave_0 removed
[  649.125865][T19149] team0: Port device team_slave_1 removed
[  649.128070][T19149] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  649.130334][T19149] batman_adv: batadv0: Removing interface: batadv_slave_0
[  649.138169][T19149] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  649.140485][T19149] batman_adv: batadv0: Removing interface: batadv_slave_1
[  649.144260][T19149] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  649.262482][   T62] usb usb46-port1: attempt power cycle
[  649.343226][T14768] usb usb38-port1: attempt power cycle
[  649.508359][T19164] tipc: Enabled bearer <eth:vlan1>, priority 10
[  649.511521][T19164] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3545'.
[  649.832554][   T62] usb usb46-port1: unable to enumerate USB device
[  649.902391][T14768] usb usb38-port1: unable to enumerate USB device
[  650.356741][T19169] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.493015][T19169] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.508132][   T62] tipc: Node number set to 120098507
[  650.645457][T19169] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.713591][T19169] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.789218][   T13] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  650.800996][   T81] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  650.821297][   T81] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  650.824842][   T81] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  650.960024][T19178] FAULT_INJECTION: forcing a failure.
[  650.960024][T19178] name failslab, interval 1, probability 0, space 0, times 0
[  650.965610][T19178] CPU: 2 UID: 0 PID: 19178 Comm: syz.4.3549 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  650.965638][T19178] Tainted: [L]=SOFTLOCKUP
[  650.965644][T19178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  650.965655][T19178] Call Trace:
[  650.965661][T19178]  <TASK>
[  650.965668][T19178]  dump_stack_lvl+0x100/0x190
[  650.965695][T19178]  should_fail_ex.cold+0x5/0xa
[  650.965724][T19178]  should_failslab+0xc2/0x120
[  650.965747][T19178]  ? tomoyo_encode2+0xfb/0x3c0
[  650.965765][T19178]  __kmalloc_noprof+0xf6/0x9c0
[  650.965792][T19178]  ? tomoyo_encode2+0xfb/0x3c0
[  650.965808][T19178]  tomoyo_encode2+0xfb/0x3c0
[  650.965829][T19178]  tomoyo_encode+0x29/0x50
[  650.965845][T19178]  tomoyo_realpath_from_path+0x18c/0x690
[  650.965869][T19178]  tomoyo_path_number_perm+0x23c/0x580
[  650.965894][T19178]  ? tomoyo_path_number_perm+0x22e/0x580
[  650.965921][T19178]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  650.965974][T19178]  ? find_held_lock+0x2b/0x80
[  650.965990][T19178]  ? hook_file_ioctl_common+0x146/0x410
[  650.966015][T19178]  ? __fget_files+0x215/0x3d0
[  650.966040][T19178]  ? __fget_files+0x21f/0x3d0
[  650.966062][T19178]  security_file_ioctl_compat+0xd3/0x230
[  650.966090][T19178]  __ia32_compat_sys_ioctl+0xc2/0x360
[  650.966119][T19178]  __do_fast_syscall_32+0xde/0x660
[  650.966143][T19178]  do_fast_syscall_32+0x32/0x70
[  650.966163][T19178]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  650.966186][T19178] RIP: 0023:0xf741d579
[  650.966202][T19178] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  650.966218][T19178] RSP: 002b:00000000f544650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  650.966236][T19178] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01864b0
[  650.966247][T19178] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  650.966256][T19178] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  650.966266][T19178] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  650.966276][T19178] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  650.966299][T19178]  </TASK>
[  650.966315][T19178] ERROR: Out of memory at tomoyo_realpath_from_path.
[  651.262136][T19184] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3551'.
[  651.266203][T19179] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  651.268863][T19179] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  651.272338][T19179] vhci_hcd vhci_hcd.0: Device attached
[  651.562391][T19192] vhci_hcd: connection closed
[  651.562758][   T13] vhci_hcd vhci_hcd.2: stop threads
[  651.572058][   T13] vhci_hcd vhci_hcd.2: release socket
[  651.579075][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  651.611895][ T1333] usb 42-1: enqueue for inactive port 0
[  652.192379][ T1333] usb usb42-port1: attempt power cycle
[  652.773008][ T1333] usb usb42-port1: unable to enumerate USB device
[  653.202052][T14768] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  653.351868][T14768] usb 8-1: Using ep0 maxpacket: 8
[  653.357997][T14768] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  653.363202][T14768] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  653.369639][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  653.377709][T14768] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  653.383869][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  653.387495][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  653.391267][T14768] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  653.396593][T14768] usb 8-1: config 168 interface 0 has no altsetting 0
[  653.400186][T14768] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  653.405503][T14768] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  653.409171][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  653.413190][T14768] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  653.417047][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  653.420691][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  653.424648][T14768] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  653.428994][T14768] usb 8-1: config 168 interface 0 has no altsetting 0
[  653.432435][T14768] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  653.436048][T14768] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  653.439739][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  653.444893][T14768] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  653.448763][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  653.452728][T14768] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  653.456459][T14768] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  653.460809][T14768] usb 8-1: config 168 interface 0 has no altsetting 0
[  653.466081][T14768] usb 8-1: string descriptor 0 read error: -22
[  653.468252][T14768] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  653.471438][T14768] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.579807][T14768] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  654.662584][T19255] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  654.931680][   T40] kauditd_printk_skb: 48 callbacks suppressed
[  654.931699][   T40] audit: type=1804 audit(1769490360.191:328): pid=19262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3573" name="file0" dev="hugetlbfs" ino=79851 res=1 errno=0
[  654.973559][   T40] audit: type=1804 audit(1769490360.241:329): pid=19262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3573" name="file0" dev="hugetlbfs" ino=79851 res=1 errno=0
[  655.167675][T19271] FAULT_INJECTION: forcing a failure.
[  655.167675][T19271] name failslab, interval 1, probability 0, space 0, times 0
[  655.171650][T19271] CPU: 3 UID: 0 PID: 19271 Comm: syz.4.3576 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  655.171680][T19271] Tainted: [L]=SOFTLOCKUP
[  655.171685][T19271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  655.171692][T19271] Call Trace:
[  655.171706][T19271]  <TASK>
[  655.171711][T19271]  dump_stack_lvl+0x100/0x190
[  655.171739][T19271]  should_fail_ex.cold+0x5/0xa
[  655.171759][T19271]  should_failslab+0xc2/0x120
[  655.171776][T19271]  __kmalloc_cache_noprof+0x80/0x810
[  655.171802][T19271]  ? sctp_add_bind_addr+0xae/0x3e0
[  655.171825][T19271]  ? sctp_add_bind_addr+0xae/0x3e0
[  655.171838][T19271]  sctp_add_bind_addr+0xae/0x3e0
[  655.171855][T19271]  sctp_copy_local_addr_list+0x349/0x550
[  655.171873][T19271]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  655.171892][T19271]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  655.171910][T19271]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  655.171925][T19271]  sctp_bind_addr_copy+0xe0/0x530
[  655.171943][T19271]  sctp_connect_new_asoc+0x1c9/0x770
[  655.171956][T19271]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  655.171967][T19271]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[  655.171984][T19271]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[  655.172007][T19271]  __sctp_connect+0x3e7/0xc70
[  655.172021][T19271]  ? __pfx___sctp_connect+0x10/0x10
[  655.172034][T19271]  ? __pfx_sctp_inet_connect+0x10/0x10
[  655.172046][T19271]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  655.172060][T19271]  ? __pfx_sctp_inet_connect+0x10/0x10
[  655.172071][T19271]  sctp_inet_connect+0x15f/0x220
[  655.172083][T19271]  __sys_connect_file+0x141/0x1a0
[  655.172101][T19271]  __sys_connect+0x141/0x170
[  655.172115][T19271]  ? __pfx___sys_connect+0x10/0x10
[  655.172136][T19271]  ? ksys_write+0x1ac/0x250
[  655.172149][T19271]  ? __pfx_ksys_write+0x10/0x10
[  655.172164][T19271]  __ia32_sys_connect+0x71/0xb0
[  655.172179][T19271]  ? lockdep_hardirqs_on+0x78/0x100
[  655.172192][T19271]  __do_fast_syscall_32+0xde/0x660
[  655.172208][T19271]  do_fast_syscall_32+0x32/0x70
[  655.172223][T19271]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  655.172238][T19271] RIP: 0023:0xf741d579
[  655.172247][T19271] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  655.172258][T19271] RSP: 002b:00000000f542550c EFLAGS: 00000292 ORIG_RAX: 000000000000016a
[  655.172270][T19271] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000000
[  655.172277][T19271] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  655.172284][T19271] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  655.172291][T19271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  655.172298][T19271] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  655.172313][T19271]  </TASK>
[  655.796641][   T29] libceph: connect (1)[c::]:6789 error -22
[  655.798748][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  656.252005][T16285] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  656.411946][T16285] usb 5-1: Using ep0 maxpacket: 16
[  656.415477][T16285] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  656.418650][T16285] usb 5-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  656.422719][T16285] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  656.426222][T16285] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0
[  656.429275][T16285] usb 5-1: config 0 interface 0 has no altsetting 0
[  656.433211][T16285] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  656.436047][T16285] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.438621][T16285] usb 5-1: Product: syz
[  656.439986][T16285] usb 5-1: Manufacturer: syz
[  656.441459][T16285] usb 5-1: SerialNumber: syz
[  656.444714][T16285] usb 5-1: config 0 descriptor??
[  656.654707][T16285] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input26
[  656.658554][ T5330] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.663111][ T5330] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.668090][ T5330] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.672865][ T5330] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.704900][T18189] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.712090][ T5330] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.718648][ T5330] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.724907][ T5330] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.729460][ T5330] synaptics_usb 5-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  656.832714][ T1333] libceph: connect (1)[c::]:6789 error -22
[  656.834995][ T1333] libceph: mon0 (1)[c::]:6789 connect error
[  656.857094][ T1333] usb 8-1: USB disconnect, device number 21
[  657.070928][   T29] usb 5-1: USB disconnect, device number 24
[  657.074403][T19281] ceph: No mds server is up or the cluster is laggy
[  658.721312][T19335] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3590'.
[  658.754006][T19339] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  660.114374][T19358] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3605'.
[  661.225756][T19386] tipc: Resetting bearer <eth:vlan1>
[  661.277535][T19386] mac80211_hwsim hwsim19 wlan1: left allmulticast mode
[  661.319904][ T1185] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  661.324084][ T1185] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  661.326747][ T1185] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  661.329425][ T1185] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  662.224144][T19413] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3613'.
[  662.311993][    C2] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  662.701965][   T24] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  662.871970][   T24] usb 9-1: Using ep0 maxpacket: 16
[  662.874850][   T24] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  662.877569][   T24] usb 9-1: config 0 has no interface number 0
[  662.879692][   T24] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  662.883194][   T24] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  662.887791][   T24] usb 9-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d
[  662.890798][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  662.893497][   T24] usb 9-1: Product: syz
[  662.894935][   T24] usb 9-1: Manufacturer: syz
[  662.896531][   T24] usb 9-1: SerialNumber: syz
[  662.899744][   T24] usb 9-1: config 0 descriptor??
[  662.907752][   T24] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  663.017022][T19437] siw: device registration error -23
[  663.116944][   T24] usb 9-1: USB disconnect, device number 5
[  663.334956][T19446] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  663.337209][T19446] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  663.340587][T19446] vhci_hcd vhci_hcd.0: Device attached
[  663.525805][T19458] siw: device registration error -23
[  663.602020][   T24] usb 44-1: SetAddress Request (82) to port 0
[  663.604358][   T24] usb 44-1: new SuperSpeed USB device number 82 using vhci_hcd
[  664.134666][T19447] vhci_hcd: connection reset by peer
[  664.136943][ T1143] vhci_hcd vhci_hcd.3: stop threads
[  664.138633][ T1143] vhci_hcd vhci_hcd.3: release socket
[  664.140425][ T1143] vhci_hcd vhci_hcd.3: disconnect device
[  664.222578][T19468] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3629'.
[  665.671907][T14768] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  665.822031][T14768] usb 5-1: Using ep0 maxpacket: 8
[  665.826102][T14768] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  665.829769][T14768] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  665.833966][T14768] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  665.837866][T14768] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.056642][T19523] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3645'.
[  667.468288][T19548] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3650'.
[  668.443637][T16285] usb 5-1: USB disconnect, device number 25
[  668.702036][   T24] usb 44-1: device descriptor read/8, error -110
[  669.102690][   T24] usb usb44-port1: attempt power cycle
[  669.343940][T19607] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  669.346249][T19607] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  669.354212][T19607] vhci_hcd vhci_hcd.0: Device attached
[  669.362326][T19607] random: crng reseeded on system resumption
[  669.404410][T19611] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3668'.
[  669.425641][T19611] 8021q: adding VLAN 0 to HW filter on device bond1
[  669.471968][   T24] usb 44-1: SetAddress Request (84) to port 0
[  669.474021][   T24] usb 44-1: new SuperSpeed USB device number 84 using vhci_hcd
[  669.511958][T14217] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  669.671861][T14217] usb 7-1: Using ep0 maxpacket: 8
[  669.674712][T14217] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  669.677285][T14217] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  669.680666][T14217] usb 7-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  669.684881][T14217] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  669.687825][T14217] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  669.694459][T14217] usbtmc 7-1:16.0: bulk endpoints not found
[  670.218942][T19608] vhci_hcd: connection reset by peer
[  670.221564][ T1185] vhci_hcd vhci_hcd.3: stop threads
[  670.224395][ T1185] vhci_hcd vhci_hcd.3: release socket
[  670.226630][ T1185] vhci_hcd vhci_hcd.3: disconnect device
[  670.761301][T19629] syzkaller0: entered promiscuous mode
[  670.763309][T19629] syzkaller0: entered allmulticast mode
[  670.768595][T19629] netlink: 'syz.0.3672': attribute type 4 has an invalid length.
[  670.771033][T19629] netlink: 'syz.0.3672': attribute type 1 has an invalid length.
[  670.774036][T19629] netlink: 228 bytes leftover after parsing attributes in process `syz.0.3672'.
[  671.780202][T19662] veth0_virt_wifi: entered allmulticast mode
[  671.809593][ T1333] IPVS: starting estimator thread 0...
[  671.813241][T19664] IPVS: fo: FWM 3 0x00000003 - no destination available
[  671.903167][T19667] IPVS: using max 43 ests per chain, 103200 per kthread
[  672.359060][ T1333] usb 7-1: USB disconnect, device number 21
[  672.453970][T14217] usb 8-1: new full-speed USB device number 22 using dummy_hcd
[  672.581864][T19689] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  672.583981][T19689] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  672.586657][T19689] vhci_hcd vhci_hcd.0: Device attached
[  672.785131][T19689] random: crng reseeded on system resumption
[  672.836080][T14217] usb 8-1: unable to read config index 0 descriptor/start: -71
[  672.840286][T14217] usb 8-1: can't read configurations, error -71
[  672.851995][ T6007] usb 38-1: SetAddress Request (75) to port 0
[  672.854860][ T6007] usb 38-1: new SuperSpeed USB device number 75 using vhci_hcd
[  673.164234][T19691] vhci_hcd: connection reset by peer
[  673.170147][ T1185] vhci_hcd vhci_hcd.0: stop threads
[  673.172299][ T1185] vhci_hcd vhci_hcd.0: release socket
[  673.174087][ T1185] vhci_hcd vhci_hcd.0: disconnect device
[  674.379016][T19726] syzkaller0: entered promiscuous mode
[  674.380846][T19726] syzkaller0: entered allmulticast mode
[  674.460386][ T5982] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  674.541939][   T24] usb 44-1: device descriptor read/8, error -110
[  674.611921][ T5982] usb 7-1: Using ep0 maxpacket: 8
[  674.614840][ T5982] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  674.617531][ T5982] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  674.620852][ T5982] usb 7-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  674.625777][ T5982] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  674.629473][ T5982] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.637883][ T5982] usbtmc 7-1:16.0: bulk endpoints not found
[  674.812167][T14768] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  674.940077][   T24] usb usb44-port1: unable to enumerate USB device
[  674.961976][T14768] usb 8-1: Using ep0 maxpacket: 8
[  674.972226][T14768] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  674.975766][T14768] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  674.978923][T14768] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  674.982156][T14768] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  674.985393][T14768] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  674.989498][T14768] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  674.992676][T14768] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  675.218130][T14768] usb 8-1: usb_control_msg returned -32
[  675.220314][T14768] usbtmc 8-1:16.0: can't read capabilities
[  675.569892][T19737] usbtmc 8-1:16.0: usb_control_msg returned -32
[  675.573628][T19728] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3701'.
[  675.576506][T19728] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3701'.
[  675.582861][T19728] geneve3: entered promiscuous mode
[  675.584868][T19728] geneve3: entered allmulticast mode
[  675.587452][ T1142] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  675.590587][ T1142] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  675.595105][ T1142] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  675.597903][   T29] usb 8-1: USB disconnect, device number 24
[  675.598130][ T1142] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.801991][ T1333] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  675.962687][ T1333] usb 5-1: unable to read config index 0 descriptor/start: -71
[  675.965479][ T1333] usb 5-1: can't read configurations, error -71
[  676.524920][T19744] input: syz1 as /devices/virtual/input/input27
[  676.726107][T19750] veth0_virt_wifi: left allmulticast mode
[  676.751592][   T62] usb 7-1: USB disconnect, device number 22
[  676.763618][T19750] geneve2: left promiscuous mode
[  676.767587][ T1185] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  676.775150][ T1185] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  676.780345][ T1185] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  676.786752][ T1185] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  677.902057][ T6007] usb 38-1: device descriptor read/8, error -110
[  678.252898][T19782] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  678.255630][T19782] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  678.258815][T19782] vhci_hcd vhci_hcd.0: Device attached
[  678.265028][T19782] random: crng reseeded on system resumption
[  678.330921][ T6007] usb usb38-port1: attempt power cycle
[  678.521995][T13991] usb 44-1: SetAddress Request (86) to port 0
[  678.524094][T13991] usb 44-1: new SuperSpeed USB device number 86 using vhci_hcd
[  679.212394][T19783] vhci_hcd: connection reset by peer
[  679.215293][ T1142] vhci_hcd vhci_hcd.3: stop threads
[  679.217731][ T1142] vhci_hcd vhci_hcd.3: release socket
[  679.220111][ T1142] vhci_hcd vhci_hcd.3: disconnect device
[  679.397227][ T6007] usb usb38-port1: unable to enumerate USB device
[  680.191939][ T6007] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  680.231550][ T1143] bridge_slave_1: left allmulticast mode
[  680.233814][ T1143] bridge_slave_1: left promiscuous mode
[  680.235797][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[  680.240378][ T1143] bridge_slave_0: left allmulticast mode
[  680.242064][ T1143] bridge_slave_0: left promiscuous mode
[  680.243981][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state
[  680.321917][ T6007] usb 5-1: device descriptor read/64, error -71
[  680.484507][ T1143] bond1 (unregistering): (slave bridge1): Releasing active interface
[  680.581887][ T6007] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  680.699220][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  680.705465][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  680.709693][ T1143] bond0 (unregistering): Released all slaves
[  680.714606][ T1143] bond1 (unregistering): Released all slaves
[  680.721923][ T6007] usb 5-1: device descriptor read/64, error -71
[  680.801675][ T1143] tipc: Left network mode
[  680.832138][ T6007] usb usb5-port1: attempt power cycle
[  681.105681][ T1143] hsr_slave_0: left promiscuous mode
[  681.108833][ T1143] hsr_slave_1: left promiscuous mode
[  681.111769][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  681.135273][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  681.152066][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  681.154369][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  681.165695][ T1143] veth1_macvtap: left promiscuous mode
[  681.168307][ T1143] veth0_macvtap: left promiscuous mode
[  681.181888][ T6007] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  681.203417][ T6007] usb 5-1: device descriptor read/8, error -71
[  681.417842][ T1143] team0 (unregistering): Port device team_slave_1 removed
[  681.441892][ T6007] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  681.451131][ T1143] team0 (unregistering): Port device team_slave_0 removed
[  681.462399][ T6007] usb 5-1: device descriptor read/8, error -71
[  681.583120][ T6007] usb usb5-port1: unable to enumerate USB device
[  681.841164][T19827] qrtr: Invalid version 0
[  681.871511][T19829] batadv_slave_0: entered promiscuous mode
[  681.874277][T19829] batadv_slave_0: left promiscuous mode
[  683.591955][T13991] usb 44-1: device descriptor read/8, error -110
[  683.984911][T13991] usb usb44-port1: attempt power cycle
[  684.542474][T13991] usb usb44-port1: unable to enumerate USB device
[  685.352853][T19920] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3758'.
[  686.293954][T19938] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  686.328993][T19938] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  686.333330][T19938] overlayfs: failed to look up (tracing) for ino (-66)
[  688.485656][T13900] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  688.493007][T13900] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  688.496543][T13900] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  688.501038][T13900] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  688.507835][T13900] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  688.527977][   T65] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  688.531372][   T65] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  688.537279][   T65] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  688.541149][   T65] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  688.545627][   T65] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  688.790496][T19977] chnl_net:caif_netlink_parms(): no params data found
[  688.846869][T19977] bridge0: port 1(bridge_slave_0) entered blocking state
[  688.849226][T19977] bridge0: port 1(bridge_slave_0) entered disabled state
[  688.851530][T19977] bridge_slave_0: entered allmulticast mode
[  688.855167][T19977] bridge_slave_0: entered promiscuous mode
[  688.859613][T19977] bridge0: port 2(bridge_slave_1) entered blocking state
[  688.863067][T19977] bridge0: port 2(bridge_slave_1) entered disabled state
[  688.866026][T19977] bridge_slave_1: entered allmulticast mode
[  688.869684][T19977] bridge_slave_1: entered promiscuous mode
[  688.896419][T19977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  688.900141][T19996] bridge_slave_0: entered allmulticast mode
[  688.904523][T19977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  688.913262][T19996] bridge_slave_0: left allmulticast mode
[  688.926210][T19977] team0: Port device team_slave_0 added
[  688.930862][T19977] team0: Port device team_slave_1 added
[  688.951009][T19977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  688.953395][T19977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  688.963487][T19977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  688.969308][T19977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  688.971656][T19977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  688.980249][T19977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  689.011581][T19977] hsr_slave_0: entered promiscuous mode
[  689.014007][T19977] hsr_slave_1: entered promiscuous mode
[  689.016117][T19977] debugfs: 'hsr0' already exists in 'hsr'
[  689.017964][T19977] Cannot create hsr debugfs directory
[  689.111714][T19977] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  689.123629][T19977] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  689.127795][T19977] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  689.132634][T19977] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  689.176002][T19977] 8021q: adding VLAN 0 to HW filter on device bond0
[  689.184642][T19977] 8021q: adding VLAN 0 to HW filter on device team0
[  689.198080][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.200397][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  689.208766][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.211735][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  689.394080][T19977] 8021q: adding VLAN 0 to HW filter on device batadv0
[  689.535466][T19977] veth0_vlan: entered promiscuous mode
[  689.540810][T19977] veth1_vlan: entered promiscuous mode
[  689.558301][T19977] veth0_macvtap: entered promiscuous mode
[  689.564326][T19977] veth1_macvtap: entered promiscuous mode
[  689.573315][T19977] batman_adv: batadv0: Interface activated: batadv_slave_0
[  689.580229][T19977] batman_adv: batadv0: Interface activated: batadv_slave_1
[  689.587195][   T63] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  689.590118][   T63] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  689.593536][   T63] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  689.596468][   T63] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  689.649793][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  689.652818][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  689.674097][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  689.676697][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  690.465763][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  690.468469][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  690.622050][T13900] Bluetooth: hci2: command tx timeout
[  690.922860][T20058] syzkaller0: entered promiscuous mode
[  690.925447][T20058] syzkaller0: entered allmulticast mode
[  691.013786][T20060] 8021q: adding VLAN 0 to HW filter on device bond0
[  691.020425][T20060] bond0: (slave rose0): Enslaving as an active interface with an up link
[  691.212785][T20081] sch_tbf: burst 0 is lower than device veth0 mtu (1514) !
[  692.101384][T20099] syzkaller0: entered promiscuous mode
[  692.106113][T20099] syzkaller0: entered allmulticast mode
[  692.175453][T20106] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3811'.
[  692.546616][T20123] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3814'.
[  692.551492][   T40] audit: type=1326 audit(1769490397.811:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20113 comm="syz.3.3814" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0
[  692.667581][T20132] syzkaller0: entered promiscuous mode
[  692.669997][T20132] syzkaller0: entered allmulticast mode
[  692.705724][T13900] Bluetooth: hci2: command tx timeout
[  692.999101][T20136] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  693.001211][T20136] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  693.004493][T20136] vhci_hcd vhci_hcd.0: Device attached
[  693.281898][ T1333] usb 42-1: SetAddress Request (87) to port 0
[  693.283810][ T1333] usb 42-1: new SuperSpeed USB device number 87 using vhci_hcd
[  693.504185][T20050] Set syz1 is full, maxelem 65536 reached
[  693.670285][T20137] vhci_hcd: connection reset by peer
[  693.673167][   T81] vhci_hcd vhci_hcd.2: stop threads
[  693.675540][   T81] vhci_hcd vhci_hcd.2: release socket
[  693.677961][   T81] vhci_hcd vhci_hcd.2: disconnect device
[  693.838785][T20155] Set syz1 is full, maxelem 65536 reached
[  694.356744][T20159] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.360127][T20159] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.441948][T20165] IPVS: fo: FWM 3 0x00000003 - no destination available
[  694.461649][T20159] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  694.476577][T20159] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  694.518120][T20159] tipc: Resetting bearer <eth:vlan1>
[  694.574934][T20173] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3834'.
[  694.577792][T20173] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3834'.
[  694.580601][T20173] netlink: 'syz.0.3834': attribute type 7 has an invalid length.
[  694.585737][T20159] wireguard0: left promiscuous mode
[  694.587457][T20159] wireguard0: left allmulticast mode
[  694.598382][   T63] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.610146][   T63] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.613288][   T63] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.616331][   T63] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.782891][T13900] Bluetooth: hci2: command tx timeout
[  694.862205][   T59] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  695.001922][   T59] usb 5-1: device descriptor read/64, error -71
[  695.251945][   T59] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  695.391848][   T59] usb 5-1: device descriptor read/64, error -71
[  695.502295][   T59] usb usb5-port1: attempt power cycle
[  695.648913][T20189] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3838'.
[  695.852170][   T59] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  695.873115][   T59] usb 5-1: device descriptor read/8, error -71
[  696.131866][   T59] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  696.162351][   T59] usb 5-1: device descriptor read/8, error -71
[  696.272091][   T59] usb usb5-port1: unable to enumerate USB device
[  696.678069][T20210] geneve3: left promiscuous mode
[  696.680413][T20210] geneve3: left allmulticast mode
[  696.690379][ T1142] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  696.696725][ T1142] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  696.700472][ T1142] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  696.705372][ T1142] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  696.871937][T13900] Bluetooth: hci2: command tx timeout
[  698.382053][ T1333] usb 42-1: device descriptor read/8, error -110
[  698.518619][T20253] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3858'.
[  698.523120][T20253] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3858'.
[  698.531642][T20253] netlink: 'syz.5.3858': attribute type 7 has an invalid length.
[  698.771917][   T24] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  698.788326][ T1333] usb usb42-port1: attempt power cycle
[  698.791941][T13991] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  698.922129][T13991] usb 10-1: device descriptor read/64, error -71
[  698.932398][   T24] usb 7-1: Using ep0 maxpacket: 8
[  698.935470][   T24] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  698.938110][   T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  698.941064][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  698.944669][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  698.947831][   T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  698.951988][   T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  698.955167][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  699.124264][T20259] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3861'.
[  699.176230][T13991] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  699.179838][   T24] usb 7-1: usb_control_msg returned -32
[  699.181595][   T24] usbtmc 7-1:16.0: can't read capabilities
[  699.311952][T13991] usb 10-1: device descriptor read/64, error -71
[  699.373373][ T1333] usb usb42-port1: unable to enumerate USB device
[  699.422087][T13991] usb usb10-port1: attempt power cycle
[  699.534361][T20275] usbtmc 7-1:16.0: usb_control_msg returned -32
[  699.537926][T20255] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3860'.
[  699.540662][T20255] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3860'.
[  699.548512][T20255] geneve2: entered promiscuous mode
[  699.550173][T20255] geneve2: entered allmulticast mode
[  699.552571][   T81] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  699.555699][   T81] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  699.558486][   T81] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  699.561190][   T81] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  699.574375][ T1333] usb 7-1: USB disconnect, device number 23
[  699.761915][T13991] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  699.782631][T13991] usb 10-1: device descriptor read/8, error -71
[  700.021960][T13991] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  700.042631][T13991] usb 10-1: device descriptor read/8, error -71
[  700.156870][T13991] usb usb10-port1: unable to enumerate USB device
[  701.937271][T14368] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  702.111917][T14368] usb 5-1: Using ep0 maxpacket: 8
[  702.115405][T14368] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  702.118448][T14368] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  702.121696][T14368] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  702.128436][T14368] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  702.131297][T14368] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  702.139684][T14368] usbtmc 5-1:16.0: bulk endpoints not found
[  704.067920][T20383] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  704.070694][T20383] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  704.084155][T20383] vhci_hcd vhci_hcd.0: Device attached
[  704.371938][T14368] usb 44-1: SetAddress Request (90) to port 0
[  704.374754][T14368] usb 44-1: new SuperSpeed USB device number 90 using vhci_hcd
[  704.380587][T20389] Set syz1 is full, maxelem 65536 reached
[  704.738387][   T62] usb 5-1: USB disconnect, device number 36
[  704.765748][T20385] vhci_hcd: connection reset by peer
[  704.767685][   T81] vhci_hcd vhci_hcd.3: stop threads
[  704.769347][   T81] vhci_hcd vhci_hcd.3: release socket
[  704.771398][   T81] vhci_hcd vhci_hcd.3: disconnect device
[  705.690273][T20416] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  705.692370][T20416] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  705.699156][T20416] vhci_hcd vhci_hcd.0: Device attached
[  705.971977][T13991] usb 48-1: SetAddress Request (2) to port 0
[  705.974340][T13991] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[  706.071661][T20419] vhci_hcd: connection reset by peer
[  706.074666][   T81] vhci_hcd vhci_hcd.5: stop threads
[  706.076258][   T81] vhci_hcd vhci_hcd.5: release socket
[  706.092772][   T81] vhci_hcd vhci_hcd.5: disconnect device
[  706.963500][ T5982] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  707.076928][T20456] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3919'.
[  707.432114][ T5982] usb 8-1: Using ep0 maxpacket: 8
[  707.436061][ T5982] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  707.439463][ T5982] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  707.461239][ T5982] usb 8-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  707.465536][ T5982] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  707.468402][ T5982] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  707.476269][ T5982] usbtmc 8-1:16.0: bulk endpoints not found
[  709.422068][T14368] usb 44-1: device descriptor read/8, error -110
[  709.663562][   T59] usb 8-1: USB disconnect, device number 25
[  709.739409][T20536] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  709.742233][T20536] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  709.746762][T20536] vhci_hcd vhci_hcd.0: Device attached
[  709.853828][T14368] usb usb44-port1: attempt power cycle
[  710.092475][T16285] usb 38-1: SetAddress Request (79) to port 0
[  710.094582][T16285] usb 38-1: new SuperSpeed USB device number 79 using vhci_hcd
[  710.154430][T20546] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3942'.
[  710.311840][T20537] vhci_hcd: connection reset by peer
[  710.313860][   T13] vhci_hcd vhci_hcd.0: stop threads
[  710.316153][   T13] vhci_hcd vhci_hcd.0: release socket
[  710.319001][   T13] vhci_hcd vhci_hcd.0: disconnect device
[  710.472399][T14368] usb usb44-port1: unable to enumerate USB device
[  711.022039][T13991] usb 48-1: device descriptor read/8, error -110
[  711.192051][T20576] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  711.194204][T20576] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  711.198943][T20576] vhci_hcd vhci_hcd.0: Device attached
[  711.271978][T13991] usb 48-1: SetAddress Request (3) to port 0
[  711.274576][T13991] usb 48-1: new SuperSpeed USB device number 3 using vhci_hcd
[  712.020444][T20577] vhci_hcd: connection reset by peer
[  712.022916][ T1185] vhci_hcd vhci_hcd.5: stop threads
[  712.024582][ T1185] vhci_hcd vhci_hcd.5: release socket
[  712.026391][ T1185] vhci_hcd vhci_hcd.5: disconnect device
[  712.173889][T20587] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3954'.
[  712.364267][T20600] overlayfs: invalid origin (0000)
[  713.935110][T20624] tipc: Cannot configure node identity twice
[  714.595738][T20646] IPVS: persistence engine module ip_vs_pe_sir not found
[  715.193352][T16285] usb 38-1: device descriptor read/8, error -110
[  715.589072][T16285] usb usb38-port1: attempt power cycle
[  715.740115][T20682] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3979'.
[  716.182834][T16285] usb usb38-port1: unable to enumerate USB device
[  716.392143][T13991] usb 48-1: device descriptor read/8, error -110
[  716.484484][T20694] FAULT_INJECTION: forcing a failure.
[  716.484484][T20694] name failslab, interval 1, probability 0, space 0, times 0
[  716.502056][T20694] CPU: 0 UID: 0 PID: 20694 Comm: syz.2.3983 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  716.502076][T20694] Tainted: [L]=SOFTLOCKUP
[  716.502080][T20694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  716.502087][T20694] Call Trace:
[  716.502094][T20694]  <TASK>
[  716.502099][T20694]  dump_stack_lvl+0x100/0x190
[  716.502118][T20694]  should_fail_ex.cold+0x5/0xa
[  716.502145][T20694]  should_failslab+0xc2/0x120
[  716.502166][T20694]  ? tomoyo_encode2+0xfb/0x3c0
[  716.502197][T20694]  __kmalloc_noprof+0xf6/0x9c0
[  716.502219][T20694]  ? tomoyo_encode2+0xfb/0x3c0
[  716.502228][T20694]  tomoyo_encode2+0xfb/0x3c0
[  716.502241][T20694]  tomoyo_encode+0x29/0x50
[  716.502251][T20694]  tomoyo_realpath_from_path+0x18c/0x690
[  716.502266][T20694]  tomoyo_path_number_perm+0x23c/0x580
[  716.502282][T20694]  ? tomoyo_path_number_perm+0x22e/0x580
[  716.502300][T20694]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  716.502330][T20694]  ? find_held_lock+0x2b/0x80
[  716.502342][T20694]  ? hook_file_ioctl_common+0x146/0x410
[  716.502358][T20694]  ? __fget_files+0x215/0x3d0
[  716.502378][T20694]  ? __fget_files+0x21f/0x3d0
[  716.502400][T20694]  security_file_ioctl_compat+0xd3/0x230
[  716.502425][T20694]  __ia32_compat_sys_ioctl+0xc2/0x360
[  716.502457][T20694]  __do_fast_syscall_32+0xde/0x660
[  716.502480][T20694]  do_fast_syscall_32+0x32/0x70
[  716.502501][T20694]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  716.502521][T20694] RIP: 0023:0xf740d579
[  716.502538][T20694] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  716.502555][T20694] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  716.502597][T20694] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01864b0
[  716.502604][T20694] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  716.502611][T20694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  716.502617][T20694] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  716.502624][T20694] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  716.502639][T20694]  </TASK>
[  716.502652][T20694] ERROR: Out of memory at tomoyo_realpath_from_path.
[  716.511957][T13991] usb usb48-port1: attempt power cycle
[  717.192415][T13991] usb usb48-port1: unable to enumerate USB device
[  717.844575][T20750] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3995'.
[  717.848499][T20750] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3995'.
[  717.860187][T20750] 9p: Bad value for 'rfdno'
[  718.417604][T20770] overlayfs: invalid origin (0000)
[  719.302948][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  719.306292][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  719.528276][T20780] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4004'.
[  719.584072][T20787] capability: warning: `syz.0.4003' uses 32-bit capabilities (legacy support in use)
[  720.305283][T20802] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  720.307485][T20802] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  720.310354][T20802] vhci_hcd vhci_hcd.0: Device attached
[  720.601874][   T59] usb 42-1: SetAddress Request (91) to port 0
[  720.603886][   T59] usb 42-1: new SuperSpeed USB device number 91 using vhci_hcd
[  720.711890][T20803] vhci_hcd: connection reset by peer
[  720.724420][ T1143] vhci_hcd vhci_hcd.2: stop threads
[  720.726130][ T1143] vhci_hcd vhci_hcd.2: release socket
[  720.727914][ T1143] vhci_hcd vhci_hcd.2: disconnect device
[  720.845400][T20830] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  720.847508][T20830] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  720.858476][T20830] vhci_hcd vhci_hcd.0: Device attached
[  721.078030][T20831] vhci_hcd: connection closed
[  721.082582][   T12] vhci_hcd vhci_hcd.3: stop threads
[  721.086011][   T12] vhci_hcd vhci_hcd.3: release socket
[  721.087887][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  721.134288][T13991] usb 44-1: enqueue for inactive port 0
[  721.634437][T13991] usb usb44-port1: attempt power cycle
[  722.202359][T13991] usb usb44-port1: unable to enumerate USB device
[  722.456855][T20876] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4028'.
[  723.733801][T20906] hfsplus: unable to find HFS+ superblock
[  723.992098][T14217] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  724.142003][T14217] usb 10-1: Using ep0 maxpacket: 8
[  724.146036][T14217] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  724.148742][T14217] usb 10-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  724.154244][T14217] usb 10-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  724.158338][T14217] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  724.163231][T14217] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  724.171444][T14217] usbtmc 10-1:16.0: bulk endpoints not found
[  724.402480][T20934] FAULT_INJECTION: forcing a failure.
[  724.402480][T20934] name failslab, interval 1, probability 0, space 0, times 0
[  724.406600][T20934] CPU: 3 UID: 0 PID: 20934 Comm: syz.2.4049 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  724.406618][T20934] Tainted: [L]=SOFTLOCKUP
[  724.406622][T20934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  724.406629][T20934] Call Trace:
[  724.406633][T20934]  <TASK>
[  724.406638][T20934]  dump_stack_lvl+0x100/0x190
[  724.406655][T20934]  should_fail_ex.cold+0x5/0xa
[  724.406674][T20934]  should_failslab+0xc2/0x120
[  724.406690][T20934]  ? lsm_blob_alloc+0x68/0x90
[  724.406702][T20934]  __kmalloc_noprof+0xf6/0x9c0
[  724.406713][T20934]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  724.406729][T20934]  ? lsm_blob_alloc+0x68/0x90
[  724.406740][T20934]  ? __asan_memset+0x23/0x50
[  724.406750][T20934]  lsm_blob_alloc+0x68/0x90
[  724.406763][T20934]  security_task_alloc+0x2a/0x260
[  724.406794][T20934]  copy_process+0x25cc/0x7890
[  724.406822][T20934]  ? __pfx_copy_process+0x10/0x10
[  724.406839][T20934]  ? lockdep_init_map_type+0x5c/0x250
[  724.406856][T20934]  ? lockdep_init_map_type+0x5c/0x250
[  724.406872][T20934]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  724.406892][T20934]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  724.406910][T20934]  vhost_task_create+0x1db/0x370
[  724.406928][T20934]  ? __pfx_vhost_task_create+0x10/0x10
[  724.406944][T20934]  ? register_lock_class+0x40/0x560
[  724.406964][T20934]  ? __pfx_vhost_task_fn+0x10/0x10
[  724.406983][T20934]  ? __pfx___mutex_lock+0x10/0x10
[  724.407001][T20934]  kvm_mmu_post_init_vm+0x1b3/0x370
[  724.407017][T20934]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  724.407032][T20934]  ? kvm_vcpu_ioctl+0x150f/0x16d0
[  724.407046][T20934]  kvm_vcpu_ioctl+0x730/0x16d0
[  724.407058][T20934]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  724.407069][T20934]  ? tomoyo_path_number_perm+0x188/0x580
[  724.407100][T20934]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  724.407122][T20934]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  724.407135][T20934]  ? do_vfs_ioctl+0x226/0x13e0
[  724.407153][T20934]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  724.407177][T20934]  kvm_vcpu_compat_ioctl+0x20f/0x3c0
[  724.407189][T20934]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  724.407201][T20934]  ? __fget_files+0x21f/0x3d0
[  724.407216][T20934]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  724.407228][T20934]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  724.407248][T20934]  __do_fast_syscall_32+0xde/0x660
[  724.407264][T20934]  do_fast_syscall_32+0x32/0x70
[  724.407278][T20934]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  724.407293][T20934] RIP: 0023:0xf740d579
[  724.407302][T20934] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  724.407313][T20934] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  724.407325][T20934] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000ae80
[  724.407332][T20934] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  724.407338][T20934] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  724.407344][T20934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  724.407351][T20934] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  724.407366][T20934]  </TASK>
[  725.662030][   T59] usb 42-1: device descriptor read/8, error -110
[  726.062383][   T59] usb usb42-port1: attempt power cycle
[  726.643226][   T59] usb usb42-port1: unable to enumerate USB device
[  726.771934][T14217] usb 10-1: USB disconnect, device number 6
[  726.849369][   T59] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  727.057622][T20998] netlink: 304 bytes leftover after parsing attributes in process `syz.0.4069'.
[  727.091872][   T59] usb 8-1: Using ep0 maxpacket: 8
[  727.094806][   T59] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  727.097329][   T59] usb 8-1: config 0 has no interface number 0
[  727.099411][   T59] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  727.102886][   T59] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  727.106378][   T59] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  727.109614][   T59] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  727.113865][   T59] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  727.116692][   T59] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.120875][   T59] usb 8-1: config 0 descriptor??
[  727.163166][   T59] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  727.336489][T20977] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  727.521094][T14368] usb 8-1: USB disconnect, device number 26
[  727.524734][T14368] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  727.706949][T21027] netlink: 72 bytes leftover after parsing attributes in process `syz.2.4077'.
[  728.499223][T21049] FAULT_INJECTION: forcing a failure.
[  728.499223][T21049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  728.509225][T21049] CPU: 3 UID: 0 PID: 21049 Comm: syz.3.4086 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  728.509255][T21049] Tainted: [L]=SOFTLOCKUP
[  728.509261][T21049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  728.509272][T21049] Call Trace:
[  728.509279][T21049]  <TASK>
[  728.509302][T21049]  dump_stack_lvl+0x100/0x190
[  728.509330][T21049]  should_fail_ex.cold+0x5/0xa
[  728.509360][T21049]  _copy_to_user+0x32/0xd0
[  728.509389][T21049]  simple_read_from_buffer+0xcb/0x170
[  728.509411][T21049]  proc_fail_nth_read+0x1af/0x230
[  728.509433][T21049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  728.509455][T21049]  ? rw_verify_area+0xce/0x6d0
[  728.509473][T21049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  728.509494][T21049]  vfs_read+0x1e4/0xb30
[  728.509516][T21049]  ? __pfx_vfs_read+0x10/0x10
[  728.509534][T21049]  ? find_held_lock+0x2b/0x80
[  728.509553][T21049]  ? __fget_files+0x215/0x3d0
[  728.509576][T21049]  ? __fget_files+0x21f/0x3d0
[  728.509603][T21049]  ksys_read+0x12a/0x250
[  728.509622][T21049]  ? __pfx_ksys_read+0x10/0x10
[  728.509649][T21049]  do_int80_emulation+0x101/0x470
[  728.509675][T21049]  asm_int80_emulation+0x1a/0x20
[  728.509692][T21049] RIP: 0023:0xf71a572b
[  728.509708][T21049] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  728.509724][T21049] RSP: 002b:00000000f54664bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  728.509742][T21049] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54665d0
[  728.509755][T21049] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  728.509765][T21049] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  728.509775][T21049] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  728.509785][T21049] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  728.509829][T21049]  </TASK>
[  730.135988][T21114] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  730.463373][T21122] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  730.465438][T21122] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  730.468127][T21122] vhci_hcd vhci_hcd.0: Device attached
[  730.619498][   T40] audit: type=1804 audit(1769490435.881:331): pid=21131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4115" name="/newroot/370/file0" dev="tmpfs" ino=2004 res=1 errno=0
[  730.742061][ T5982] usb 38-1: SetAddress Request (83) to port 0
[  730.744714][ T5982] usb 38-1: new SuperSpeed USB device number 83 using vhci_hcd
[  730.804882][T21147] geneve2: left promiscuous mode
[  730.806491][T21147] geneve2: left allmulticast mode
[  730.811032][ T1142] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  730.814986][ T1142] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  730.818077][ T1142] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  730.821292][ T1142] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  731.013746][T21123] vhci_hcd: connection reset by peer
[  731.016132][   T81] vhci_hcd vhci_hcd.0: stop threads
[  731.017951][   T81] vhci_hcd vhci_hcd.0: release socket
[  731.019704][   T81] vhci_hcd vhci_hcd.0: disconnect device
[  731.667377][   T40] audit: type=1326 audit(1769490436.931:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21162 comm="syz.2.4125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000
[  731.680843][   T40] audit: type=1326 audit(1769490436.941:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21162 comm="syz.2.4125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000
[  731.689941][   T40] audit: type=1326 audit(1769490436.941:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21162 comm="syz.2.4125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000
[  731.698009][   T40] audit: type=1326 audit(1769490436.941:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21162 comm="syz.2.4125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000
[  731.700120][T21163] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  731.706659][   T40] audit: type=1326 audit(1769490436.951:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21162 comm="syz.2.4125" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf740d579 code=0x7ffc0000
[  731.716177][T21163] audit: out of memory in audit_log_start
[  731.716389][   T40] audit: type=1326 audit(1769490436.951:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21162 comm="syz.2.4125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000
[  731.725154][   T40] audit: type=1326 audit(1769490436.951:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21162 comm="syz.2.4125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000
[  733.276866][T21226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4149'.
[  733.700891][T21240] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4154'.
[  734.348011][T21273] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4163'.
[  734.877673][T21280] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  735.151902][   T59] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  735.342329][   T59] usb 10-1: Using ep0 maxpacket: 8
[  735.552807][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  735.555567][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  735.559097][   T59] usb 10-1: config 0 has no interfaces?
[  736.230854][ T5982] usb 38-1: device descriptor read/8, error -110
[  736.236730][   T59] usb 10-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64
[  736.239671][   T59] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  736.242301][   T59] usb 10-1: Product: syz
[  736.243673][   T59] usb 10-1: Manufacturer: syz
[  736.245256][   T59] usb 10-1: SerialNumber: syz
[  736.248001][   T59] usb 10-1: config 0 descriptor??
[  736.455258][   T62] usb 10-1: USB disconnect, device number 7
[  736.587227][T21299] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  737.159248][ T5982] usb usb38-port1: attempt power cycle
[  737.200940][T21287] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  737.203588][T21287] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  737.207038][T21287] vhci_hcd vhci_hcd.0: Device attached
[  737.305903][T21313] vhci_hcd: connection closed
[  737.306148][   T81] vhci_hcd vhci_hcd.3: stop threads
[  737.309359][   T81] vhci_hcd vhci_hcd.3: release socket
[  737.311206][   T81] vhci_hcd vhci_hcd.3: disconnect device
[  737.642069][T14768] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  737.722843][ T5982] usb usb38-port1: unable to enumerate USB device
[  737.736869][ T1333] IPVS: starting estimator thread 0...
[  737.801926][T14768] usb 7-1: Using ep0 maxpacket: 8
[  737.805650][T14768] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  737.812020][T14768] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  737.815836][T14768] usb 7-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  737.828391][T21325] IPVS: using max 43 ests per chain, 103200 per kthread
[  737.828407][T14768] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  737.841769][T14768] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.851633][T14768] usbtmc 7-1:16.0: bulk endpoints not found
[  738.295548][T21342] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4181'.
[  739.597913][T21372] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4190'.
[  740.408876][ T6007] usb 7-1: USB disconnect, device number 24
[  741.372164][T21414] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  741.952019][T14768] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  742.101913][T14768] usb 7-1: Using ep0 maxpacket: 8
[  742.104969][T14768] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  742.107589][T14768] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  742.110775][T14768] usb 7-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  742.115222][T14768] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  742.118747][T14768] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.127327][T14768] usbtmc 7-1:16.0: bulk endpoints not found
[  743.062872][T21442] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.563145][T21452] FAULT_INJECTION: forcing a failure.
[  743.563145][T21452] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  743.567324][T21452] CPU: 2 UID: 0 PID: 21452 Comm: syz.5.4216 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  743.567342][T21452] Tainted: [L]=SOFTLOCKUP
[  743.567346][T21452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  743.567352][T21452] Call Trace:
[  743.567357][T21452]  <TASK>
[  743.567362][T21452]  dump_stack_lvl+0x100/0x190
[  743.567379][T21452]  should_fail_ex.cold+0x5/0xa
[  743.567399][T21452]  _copy_to_user+0x32/0xd0
[  743.567417][T21452]  simple_read_from_buffer+0xcb/0x170
[  743.567431][T21452]  proc_fail_nth_read+0x1af/0x230
[  743.567445][T21452]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  743.567459][T21452]  ? rw_verify_area+0xce/0x6d0
[  743.567470][T21452]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  743.567483][T21452]  vfs_read+0x1e4/0xb30
[  743.567497][T21452]  ? __pfx_vfs_read+0x10/0x10
[  743.567508][T21452]  ? find_held_lock+0x2b/0x80
[  743.567519][T21452]  ? __fget_files+0x215/0x3d0
[  743.567534][T21452]  ? __fget_files+0x21f/0x3d0
[  743.567550][T21452]  ksys_read+0x12a/0x250
[  743.567563][T21452]  ? __pfx_ksys_read+0x10/0x10
[  743.567579][T21452]  do_int80_emulation+0x101/0x470
[  743.567596][T21452]  asm_int80_emulation+0x1a/0x20
[  743.567607][T21452] RIP: 0023:0xf717572b
[  743.567616][T21452] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  743.567627][T21452] RSP: 002b:00000000f54154bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  743.567638][T21452] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54155d0
[  743.567646][T21452] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  743.567652][T21452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  743.567658][T21452] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  743.567665][T21452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  743.567680][T21452]  </TASK>
[  744.451558][T21473] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  744.454377][T21473] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  744.465110][T14768] usb 7-1: USB disconnect, device number 25
[  744.469555][T21473] vhci_hcd vhci_hcd.0: Device attached
[  744.725676][T21474] vhci_hcd: connection closed
[  744.725824][ T1142] vhci_hcd vhci_hcd.3: stop threads
[  744.729592][ T1142] vhci_hcd vhci_hcd.3: release socket
[  744.731991][T14217] usb 44-1: SetAddress Request (98) to port 0
[  744.734130][T14217] usb 44-1: new SuperSpeed USB device number 98 using vhci_hcd
[  744.736417][ T1142] vhci_hcd vhci_hcd.3: disconnect device
[  744.762003][T14217] usb 44-1: enqueue for inactive port 0
[  744.987246][T21482] netlink: 'syz.5.4227': attribute type 1 has an invalid length.
[  744.990071][T21482] netlink: 228 bytes leftover after parsing attributes in process `syz.5.4227'.
[  744.993404][T21482] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4227'.
[  745.152484][T14217] usb usb44-port1: attempt power cycle
[  745.341024][T21488] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4229'.
[  745.536864][T21494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4229'.
[  745.712900][T14217] usb usb44-port1: unable to enumerate USB device
[  747.156600][T21526] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  747.158683][T21526] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  747.170352][T21526] vhci_hcd vhci_hcd.0: Device attached
[  747.431989][T13991] usb 48-1: SetAddress Request (6) to port 0
[  747.434650][T13991] usb 48-1: new SuperSpeed USB device number 6 using vhci_hcd
[  747.467115][T21527] vhci_hcd: connection reset by peer
[  747.469156][ T1142] vhci_hcd vhci_hcd.5: stop threads
[  747.471047][ T1142] vhci_hcd vhci_hcd.5: release socket
[  747.472978][ T1142] vhci_hcd vhci_hcd.5: disconnect device
[  748.505237][T21557] Set syz1 is full, maxelem 65536 reached
[  749.391174][T21570] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  749.393760][T21570] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  749.397390][T21570] vhci_hcd vhci_hcd.0: Device attached
[  750.862247][T21573] vhci_hcd: connection closed
[  750.862436][   T81] vhci_hcd vhci_hcd.5: stop threads
[  750.866887][   T81] vhci_hcd vhci_hcd.5: release socket
[  750.869555][   T81] vhci_hcd vhci_hcd.5: disconnect device
[  751.903964][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  751.906070][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  752.462174][T13991] usb 48-1: device descriptor read/8, error -110
[  752.873029][T13991] usb usb48-port1: attempt power cycle
[  753.442555][T13991] usb usb48-port1: unable to enumerate USB device
[  754.851866][T13991] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  754.921951][ T6007] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  755.003764][T13991] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  755.007317][T13991] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.010419][T13991] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  755.013537][T13991] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.019266][T13991] usb 5-1: config 0 descriptor??
[  755.091977][ T6007] usb 7-1: Using ep0 maxpacket: 8
[  755.095032][ T6007] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  755.097647][ T6007] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  755.100877][ T6007] usb 7-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  755.105157][ T6007] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  755.108023][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.114515][ T6007] usbtmc 7-1:16.0: bulk endpoints not found
[  755.229661][T13991] usbhid 5-1:0.0: can't add hid device: -71
[  755.231645][T13991] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  755.237167][T13991] usb 5-1: USB disconnect, device number 37
[  755.672008][ T6007] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  755.853386][ T6007] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  755.857300][ T6007] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.861324][ T6007] usb 5-1: New USB device found, idVendor=047f, idProduct=3333, bcdDevice= 0.40
[  755.864754][ T6007] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.870175][ T6007] usb 5-1: config 0 descriptor??
[  755.935084][T21673] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4281'.
[  755.940948][T21673] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4281'.
[  756.708087][ T6007] plantronics 0003:047F:3333.000A: unknown main item tag 0x0
[  756.714581][ T6007] plantronics 0003:047F:3333.000A: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:3333] on usb-dummy_hcd.0-1/input0
[  756.714968][T21682] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4275'.
[  756.910554][T14768] usb 5-1: USB disconnect, device number 38
[  757.232078][T21692] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  757.235045][T21692] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  757.238654][T21692] vhci_hcd vhci_hcd.0: Device attached
[  757.261403][T21692] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4292'.
[  757.317404][T21692] binder: Binderfs stats mode cannot be changed during a remount
[  757.421936][T14216] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  757.491978][T14216] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  757.684865][T14217] usb 7-1: USB disconnect, device number 26
[  758.341573][T21693] vhci_hcd: connection reset by peer
[  758.372385][ T1143] vhci_hcd vhci_hcd.3: stop threads
[  758.374143][ T1143] vhci_hcd vhci_hcd.3: release socket
[  758.376026][ T1143] vhci_hcd vhci_hcd.3: disconnect device
[  759.742015][T14768] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  759.913576][T21737] binder: 21734:21737 ioctl 0 80000040 returned -22
[  760.001993][T14768] usb 5-1: Using ep0 maxpacket: 8
[  760.215551][T14768] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  760.218122][T14768] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  760.221289][T14768] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  760.232694][T14768] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  760.236272][T14768] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.244943][T14768] usbtmc 5-1:16.0: bulk endpoints not found
[  761.164256][T21768] overlayfs: failed to resolve './file1': -2
[  762.133099][T21789] usb usb8: usbfs: interface 0 claimed by hub while 'syz.5.4310' resets device
[  762.184720][T14768] usb 5-1: USB disconnect, device number 39
[  762.622105][T14216] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  762.860117][T21810] overlayfs: failed to resolve './file1': -2
[  763.181905][ T5982] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  763.331884][ T5982] usb 5-1: Using ep0 maxpacket: 8
[  763.343269][ T5982] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  763.346596][ T5982] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  763.354939][ T5982] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  763.360287][ T5982] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  763.368726][ T5982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.392049][ T5982] usbtmc 5-1:16.0: bulk endpoints not found
[  763.505808][T21828] comedi comedi0: Minor 47 could not be opened
[  763.510730][T21828] netlink: 'syz.3.4322': attribute type 1 has an invalid length.
[  763.554957][T21828] bond3: entered promiscuous mode
[  763.557317][T21828] 8021q: adding VLAN 0 to HW filter on device bond3
[  765.042138][T21845] bond3: left promiscuous mode
[  765.136034][T21851] overlayfs: failed to resolve './file0': -2
[  765.358190][T21853] Set syz1 is full, maxelem 65536 reached
[  765.958223][T14217] usb 5-1: USB disconnect, device number 40
[  766.081932][T14768] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  766.262652][T14768] usb 7-1: too many configurations: 178, using maximum allowed: 8
[  766.277932][T14768] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  766.280836][T14768] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  766.283408][T14768] usb 7-1: Product: syz
[  766.284692][T14768] usb 7-1: Manufacturer: syz
[  766.286128][T14768] usb 7-1: SerialNumber: syz
[  766.294606][T14768] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  766.330478][T13991] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  766.539574][ T1333] usb 7-1: USB disconnect, device number 27
[  767.011882][T14217] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  767.181969][T14217] usb 8-1: Using ep0 maxpacket: 8
[  767.185958][T14217] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  767.189473][T14217] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  767.195479][T14217] usb 8-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  767.200703][T14217] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  767.203919][T14217] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.212455][T14217] usbtmc 8-1:16.0: bulk endpoints not found
[  767.213839][T21897] Set syz1 is full, maxelem 65536 reached
[  767.342250][T13991] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  767.345333][T13991] ath9k_htc: Failed to initialize the device
[  767.349852][ T1333] usb 7-1: ath9k_htc: USB layer deinitialized
[  767.641902][ T1333] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  767.791908][ T1333] usb 7-1: Using ep0 maxpacket: 8
[  767.798855][ T1333] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  767.801168][ T1333] usb 7-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  767.809290][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  767.817399][ T1333] usb 7-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  767.825609][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  767.832481][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  767.841940][ T1333] usb 7-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  767.848135][ T1333] usb 7-1: config 168 interface 0 has no altsetting 0
[  767.856019][ T1333] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  767.860093][ T1333] usb 7-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  767.869146][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  767.877774][ T1333] usb 7-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  767.886215][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  767.896121][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  767.900305][ T1333] usb 7-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  767.905240][ T1333] usb 7-1: config 168 interface 0 has no altsetting 0
[  767.908689][ T1333] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  767.911189][ T1333] usb 7-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  767.914937][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  767.919232][ T1333] usb 7-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  767.923639][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  767.927397][ T1333] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  767.930897][ T1333] usb 7-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  767.935012][ T1333] usb 7-1: config 168 interface 0 has no altsetting 0
[  767.939312][ T1333] usb 7-1: string descriptor 0 read error: -22
[  767.941249][ T1333] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  767.944398][ T1333] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  767.957406][ T1333] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  767.976634][T21904] FAULT_INJECTION: forcing a failure.
[  767.976634][T21904] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  767.985774][T21904] CPU: 0 UID: 0 PID: 21904 Comm: syz.5.4346 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  767.985801][T21904] Tainted: [L]=SOFTLOCKUP
[  767.985807][T21904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  767.985817][T21904] Call Trace:
[  767.985823][T21904]  <TASK>
[  767.985830][T21904]  dump_stack_lvl+0x100/0x190
[  767.985855][T21904]  should_fail_ex.cold+0x5/0xa
[  767.985871][T21904]  ? prepare_alloc_pages+0x16d/0x5f0
[  767.985891][T21904]  should_fail_alloc_page+0xeb/0x140
[  767.985908][T21904]  prepare_alloc_pages+0x1f0/0x5f0
[  767.985928][T21904]  __alloc_frozen_pages_noprof+0x193/0x2410
[  767.985942][T21904]  ? arch_stack_walk+0xa6/0xf0
[  767.985959][T21904]  ? __lock_acquire+0x4a5/0x2630
[  767.985977][T21904]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  767.985993][T21904]  ? look_up_lock_class+0x64/0x120
[  767.986012][T21904]  ? do_raw_spin_lock+0x128/0x260
[  767.986030][T21904]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  767.986047][T21904]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  767.986060][T21904]  ? policy_nodemask+0xed/0x4f0
[  767.986077][T21904]  alloc_pages_mpol+0x1fb/0x550
[  767.986094][T21904]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  767.986109][T21904]  ? break_ksm_pmd_entry+0x850/0xa20
[  767.986121][T21904]  ? break_ksm_pmd_entry+0x850/0xa20
[  767.986137][T21904]  folio_alloc_mpol_noprof+0x36/0x340
[  767.986157][T21904]  vma_alloc_folio_noprof+0xed/0x1d0
[  767.986175][T21904]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  767.986192][T21904]  ? rcu_read_unlock+0x2d/0xb0
[  767.986204][T21904]  ? rcu_read_unlock+0x2d/0xb0
[  767.986217][T21904]  ? __lock_acquire+0x4a5/0x2630
[  767.986234][T21904]  do_wp_page+0x1eb4/0x4c10
[  767.986256][T21904]  ? __pfx_do_wp_page+0x10/0x10
[  767.986275][T21904]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  767.986297][T21904]  __handle_mm_fault+0x1ac0/0x2b50
[  767.986314][T21904]  ? __pfx___handle_mm_fault+0x10/0x10
[  767.986340][T21904]  handle_mm_fault+0x36d/0xa20
[  767.986355][T21904]  break_ksm+0xa2/0x160
[  767.986396][T21904]  ? __pfx_break_ksm+0x10/0x10
[  767.986422][T21904]  run_store+0x7bf/0xad0
[  767.986436][T21904]  ? __lock_acquire+0x4a5/0x2630
[  767.986452][T21904]  ? __pfx_run_store+0x10/0x10
[  767.986470][T21904]  ? find_held_lock+0x2b/0x80
[  767.986481][T21904]  ? sysfs_file_kobj+0xe4/0x290
[  767.986494][T21904]  ? sysfs_file_kobj+0xe4/0x290
[  767.986508][T21904]  ? __pfx_run_store+0x10/0x10
[  767.986520][T21904]  kobj_attr_store+0x58/0x80
[  767.986535][T21904]  ? __pfx_kobj_attr_store+0x10/0x10
[  767.986549][T21904]  sysfs_kf_write+0xf2/0x150
[  767.986564][T21904]  kernfs_fop_write_iter+0x3e0/0x5f0
[  767.986575][T21904]  ? __pfx_sysfs_kf_write+0x10/0x10
[  767.986590][T21904]  vfs_write+0x6ac/0x1070
[  767.986604][T21904]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  767.986617][T21904]  ? __pfx_vfs_write+0x10/0x10
[  767.986640][T21904]  ksys_write+0x12a/0x250
[  767.986653][T21904]  ? __pfx_ksys_write+0x10/0x10
[  767.986665][T21904]  ? __pfx_ksys_write+0x10/0x10
[  767.986686][T21904]  __do_fast_syscall_32+0xde/0x660
[  767.986702][T21904]  do_fast_syscall_32+0x32/0x70
[  767.986717][T21904]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  767.986731][T21904] RIP: 0023:0xf740d579
[  767.986754][T21904] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  767.986765][T21904] RSP: 002b:00000000f541550c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  767.986776][T21904] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  767.986784][T21904] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  767.986790][T21904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  767.986797][T21904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  767.986803][T21904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  767.986819][T21904]  </TASK>
[  768.091884][T13991] ------------[ cut here ]------------
[  768.115303][T13991] [CRTC:35:crtc-0] vblank wait timed out
[  768.117680][T13991] WARNING: drivers/gpu/drm/drm_atomic_helper.c:1920 at drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0, CPU#2: kworker/2:3/13991
[  768.122054][T13991] Modules linked in:
[  768.124595][T13991] CPU: 2 UID: 0 PID: 13991 Comm: kworker/2:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  768.127948][T13991] Tainted: [L]=SOFTLOCKUP
[  768.129285][T13991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  768.132442][T13991] Workqueue: events drm_fb_helper_damage_work
[  768.134274][T13991] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  768.136891][T13991] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d 18 fa 31 0b 8b b3 d8 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 53 ce 75 fc e9 7c fe ff ff e8 d9
[  768.143054][T13991] RSP: 0000:ffffc900034ef688 EFLAGS: 00010246
[  768.144937][T13991] RAX: 0000000000000000 RBX: ffff8880438cd318 RCX: 1ffff11008719a7e
[  768.147453][T13991] RDX: ffff888043d92020 RSI: 0000000000000023 RDI: ffffffff90c27630
[  768.149917][T13991] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  768.152907][T13991] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  768.155357][T13991] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88804be12700
[  768.157830][T13991] FS:  0000000000000000(0000) GS:ffff8880975e3000(0000) knlGS:0000000000000000
[  768.160585][T13991] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  768.162911][T13991] CR2: 0000000081000000 CR3: 000000004fdcc000 CR4: 0000000000352ef0
[  768.165464][T13991] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  768.167911][T13991] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  768.170362][T13991] Call Trace:
[  768.171422][T13991]  <TASK>
[  768.172475][T13991]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  768.174806][T13991]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  768.176623][T13991]  ? lockdep_hardirqs_on+0x78/0x100
[  768.178287][T13991]  ? __pfx_autoremove_wake_function+0x10/0x10
[  768.180395][T13991]  ? drm_atomic_helper_commit_hw_done+0x36d/0x490
[  768.182622][T13991]  drm_atomic_helper_commit_tail+0xff/0x130
[  768.184611][T13991]  commit_tail+0x338/0x430
[  768.186048][T13991]  drm_atomic_helper_commit+0x303/0x380
[  768.187886][T13991]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  768.189841][T13991]  drm_atomic_commit+0x230/0x300
[  768.191454][T13991]  ? __pfx_drm_atomic_commit+0x10/0x10
[  768.193341][T13991]  ? __pfx___drm_printfn_info+0x10/0x10
[  768.195681][T13991]  ? drm_mode_object_get+0x108/0x170
[  768.197401][T13991]  drm_atomic_helper_dirtyfb+0x603/0x790
[  768.199195][T13991]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  768.201145][T13991]  ? do_raw_spin_lock+0x128/0x260
[  768.202867][T13991]  ? find_held_lock+0x2b/0x80
[  768.204360][T13991]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  768.206430][T13991]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  768.208435][T13991]  drm_fb_helper_damage_work+0x348/0x640
[  768.210201][T13991]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  768.212246][T13991]  ? process_one_work+0x80b/0x1840
[  768.213894][T13991]  ? rcu_is_watching+0x12/0xc0
[  768.215499][T13991]  process_one_work+0x9c2/0x1840
[  768.217118][T13991]  ? __pfx_process_one_work+0x10/0x10
[  768.218831][T13991]  ? assign_work+0x19c/0x250
[  768.220046][ T5982] usb 8-1: USB disconnect, device number 27
[  768.220286][T13991]  worker_thread+0x5da/0xe40
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  768.224146][T13991]  ? __pfx_worker_thread+0x10/0x10
[  768.227007][T13991]  ? kthread+0x17d/0x730
[  768.228347][T13991]  ? __pfx_worker_thread+0x10/0x10
[  768.229944][T13991]  kthread+0x3b3/0x730
[  768.231237][T13991]  ? __pfx_kthread+0x10/0x10
[  768.232740][T13991]  ? ret_from_fork+0x79/0xaf0
[  768.234197][T13991]  ? ret_from_fork+0x79/0xaf0
[  768.235641][T13991]  ? rcu_is_watching+0x12/0xc0
[  768.237162][T13991]  ? __pfx_kthread+0x10/0x10
[  768.238622][T13991]  ret_from_fork+0x754/0xaf0
[  768.240055][T13991]  ? __pfx_ret_from_fork+0x10/0x10
[  768.241684][T13991]  ? __switch_to+0x7b9/0x10c0
[  768.243255][T13991]  ? __pfx_kthread+0x10/0x10
[  768.244721][T13991]  ret_from_fork_asm+0x1a/0x30
[  768.246223][T13991]  </TASK>
[  768.247235][T13991] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  768.249438][T13991] CPU: 2 UID: 0 PID: 13991 Comm: kworker/2:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  768.252867][T13991] Tainted: [L]=SOFTLOCKUP
[  768.254206][T13991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  768.257330][T13991] Workqueue: events drm_fb_helper_damage_work
[  768.259296][T13991] Call Trace:
[  768.260646][T13991]  <TASK>
[  768.261641][T13991]  dump_stack_lvl+0x100/0x190
[  768.263227][T13991]  vpanic+0x20d/0x630
[  768.264474][T13991]  panic+0xd1/0xd1
[  768.265639][T13991]  ? __pfx_panic+0x10/0x10
[  768.267125][T13991]  ? check_panic_on_warn+0x1f/0x90
[  768.268730][T13991]  check_panic_on_warn.cold+0x19/0x34
[  768.270407][T13991]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0
[  768.272645][T13991]  __warn.cold+0x191/0x2f8
[  768.274240][T13991]  __report_bug+0x296/0x3d0
[  768.275640][T13991]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0
[  768.277903][T13991]  ? __pfx___report_bug+0x10/0x10
[  768.279503][T13991]  ? lockdep_hardirqs_on+0x78/0x100
[  768.281114][T13991]  report_bug_entry+0xe1/0x290
[  768.282620][T13991]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  768.284828][T13991]  handle_bug+0x1c9/0x2a0
[  768.286216][T13991]  exc_invalid_op+0x17/0x50
[  768.287702][T13991]  asm_exc_invalid_op+0x1a/0x20
[  768.289260][T13991] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  768.291675][T13991] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d 18 fa 31 0b 8b b3 d8 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 53 ce 75 fc e9 7c fe ff ff e8 d9
[  768.297500][T13991] RSP: 0000:ffffc900034ef688 EFLAGS: 00010246
[  768.299372][T13991] RAX: 0000000000000000 RBX: ffff8880438cd318 RCX: 1ffff11008719a7e
[  768.301778][T13991] RDX: ffff888043d92020 RSI: 0000000000000023 RDI: ffffffff90c27630
[  768.304179][T13991] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  768.306557][T13991] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  768.309133][T13991] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88804be12700
[  768.311679][T13991]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x6e6/0x8a0
[  768.313948][T13991]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  768.316272][T13991]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  768.318131][T13991]  ? lockdep_hardirqs_on+0x78/0x100
[  768.319768][T13991]  ? __pfx_autoremove_wake_function+0x10/0x10
[  768.321648][T13991]  ? drm_atomic_helper_commit_hw_done+0x36d/0x490
[  768.323615][T13991]  drm_atomic_helper_commit_tail+0xff/0x130
[  768.325447][T13991]  commit_tail+0x338/0x430
[  768.326810][T13991]  drm_atomic_helper_commit+0x303/0x380
[  768.328518][T13991]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  768.330447][T13991]  drm_atomic_commit+0x230/0x300
[  768.332026][T13991]  ? __pfx_drm_atomic_commit+0x10/0x10
[  768.333692][T13991]  ? __pfx___drm_printfn_info+0x10/0x10
[  768.335412][T13991]  ? drm_mode_object_get+0x108/0x170
[  768.337075][T13991]  drm_atomic_helper_dirtyfb+0x603/0x790
[  768.338814][T13991]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  768.340719][T13991]  ? do_raw_spin_lock+0x128/0x260
[  768.342286][T13991]  ? find_held_lock+0x2b/0x80
[  768.343769][T13991]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  768.345906][T13991]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  768.347907][T13991]  drm_fb_helper_damage_work+0x348/0x640
[  768.349684][T13991]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  768.351654][T13991]  ? process_one_work+0x80b/0x1840
[  768.353284][T13991]  ? rcu_is_watching+0x12/0xc0
[  768.354822][T13991]  process_one_work+0x9c2/0x1840
[  768.356370][T13991]  ? __pfx_process_one_work+0x10/0x10
[  768.358087][T13991]  ? assign_work+0x19c/0x250
[  768.359578][T13991]  worker_thread+0x5da/0xe40
[  768.361076][T13991]  ? __pfx_worker_thread+0x10/0x10
[  768.362742][T13991]  ? kthread+0x17d/0x730
[  768.364098][T13991]  ? __pfx_worker_thread+0x10/0x10
[  768.365712][T13991]  kthread+0x3b3/0x730
[  768.367038][T13991]  ? __pfx_kthread+0x10/0x10
[  768.368565][T13991]  ? ret_from_fork+0x79/0xaf0
[  768.370080][T13991]  ? ret_from_fork+0x79/0xaf0
[  768.371603][T13991]  ? rcu_is_watching+0x12/0xc0
[  768.373086][T13991]  ? __pfx_kthread+0x10/0x10
[  768.374543][T13991]  ret_from_fork+0x754/0xaf0
[  768.376084][T13991]  ? __pfx_ret_from_fork+0x10/0x10
[  768.377751][T13991]  ? __switch_to+0x7b9/0x10c0
[  768.379260][T13991]  ? __pfx_kthread+0x10/0x10
[  768.380718][T13991]  ret_from_fork_asm+0x1a/0x30
[  768.382240][T13991]  </TASK>
[  768.383899][T13991] Kernel Offset: disabled
[  768.385242][T13991] Rebooting in 86400 seconds..