last executing test programs:

2m30.348498195s ago: executing program 0 (id=867):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r0, &(0x7f0000000340)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5, '\x00', 0x0}, 0x1000000}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x4008}], 0x6}}], 0x1, 0x0)

2m30.301132237s ago: executing program 0 (id=868):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=r3], 0x20}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m30.210969263s ago: executing program 0 (id=870):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x60, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x4000000}, @NFTA_COUNTER_BYTES={0xc}]}]}], {0x14, 0x10}}, 0xa8}}, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f000000fe80), 0x40800, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000001200)={'sit0\x00', &(0x7f0000001140)={'syztnl2\x00', 0x0, 0x700, 0x10, 0x6, 0x4, {{0x5, 0x4, 0x0, 0x12, 0x14, 0x66, 0x0, 0x1, 0x2f, 0x0, @empty, @loopback}}}})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfffffff9, 0x2004, &(0x7f0000006680))
r6 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d300987f70e06d038e7ff7fc6e5539b0d650e8b089b3f313b6c090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x1ff003, 0x81, 0x7f, 0x1}, 0x48)
bpf$BPF_GET_PROG_INFO(0x3, &(0x7f0000000340)={r9, 0x0, 0x0}, 0x10)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x8040942d, &(0x7f00000000c0))
ioctl$RNDADDENTROPY(r1, 0x40085203, &(0x7f000000fec0)=ANY=[])

2m29.310530618s ago: executing program 0 (id=874):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
umount2(&(0x7f0000000100)='./file0\x00', 0x8)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000840)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f000000540b4550182195f51584b3"], 0x0}, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x0, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x5, 0x6, 0x0, 0x45, 0x4, 0xbdb], 0x1, 0x280040})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r4)
sendmsg$TIPC_NL_PUBL_GET(r4, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000000)={0x20, r5, 0x341, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x5, 0x2, 0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000814}, 0x14)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd28, 0x25dfdbfe, {{@in6=@dev={0xfe, 0x80, '\x00', 0x17}, @in6=@dev={0xfe, 0x80, '\x00', 0x2b}, 0x0, 0x0, 0x0, 0xe5, 0x2}, {0x0, 0x4, 0x0, 0x3, 0x0, 0x2, 0xfffffffffffffffd}, {0x2000000000, 0x800, 0x6}, 0x0, 0x0, 0x1, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x24008040}, 0x8000)
syz_emit_ethernet(0x46, &(0x7f0000000400)={@local, @random="df00004000", @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x11}, {[@ssrr={0x89, 0x7, 0xa2, [@broadcast]}, @cipso={0x86, 0x6, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
openat$hpet(0xffffff9c, &(0x7f0000000a40), 0x640400, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x40, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r7}})
syz_usb_control_io$hid(r3, 0x0, 0x0)
r9 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
r10 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_POLL(r10, 0x640f)
ioctl$HIDIOCGUSAGE(r9, 0xc018480b, &(0x7f00000000c0)={0x3, 0xffffffff, 0x81, 0x7f, 0x21185045, 0xffffffb3})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x48, r1, 0x101, 0xfffffffa, 0x0, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x9, 0x6f}}}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x8, 0x51, 0x0, 0x1, [{0x4}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008091}, 0x0)

2m27.310904399s ago: executing program 3 (id=884):
personality(0x400000d)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = getpgrp(0xffffffffffffffff)
sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x6)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r5, 0x0)
setsockopt$packet_int(r4, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56547, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x10, 0x6}, {0xffff, 0xffff}, {0x4, 0x10}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000b00)=@newtfilter={0x7c, 0x2c, 0xd27, 0x70bd25, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x4, 0x4}, {}, {0x5, 0x2}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_LINK={0x8, 0x3, 0x80000000}, @TCA_U32_SEL={0x44, 0x5, {0x8, 0xf, 0x3, 0x2, 0x20, 0x9, 0xb11, 0x65, [{0x7fff, 0x401, 0x5, 0x6}, {0x0, 0xe1, 0x7, 0xfffffffd}, {0x3ff, 0xa, 0x9, 0xf}]}}]}}]}, 0x7c}}, 0x24040050)

2m27.265478323s ago: executing program 0 (id=885):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x800, 0x1000, 0x5cc}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x24, 0x0, 0x2}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r0})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
getpid()
socket(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="05000000810000000200000009"], 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x5, r4, 0x0, 0x20}, 0x38)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0xef4, &(0x7f00000003c0)={0x0, 0x26c3, 0x1, 0x3, 0x0, 0x0, r6}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, 0x0)
io_uring_enter(r0, 0x58cd, 0x3ffd, 0x10, 0x0, 0xfffffffffffffe94)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
ioprio_get$uid(0x3, 0x0)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)

2m27.191233846s ago: executing program 3 (id=887):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = openat$sndseq(0xffffff9c, &(0x7f0000000180), 0x40)
readv(r2, &(0x7f00000013c0)=[{&(0x7f0000000280)=""/186, 0xba}], 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0x4}, 'port0\x00', 0x786520dbf34c80ff, 0x20a03, 0x122, 0x0, 0x0, 0xc, 0x400, 0x0, 0x0, 0x87})
openat$sequencer2(0xffffff9c, &(0x7f0000000040), 0x123482, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'rose0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20], 0x20}}, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x7)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e22, 0xdd9, @dev={0xfe, 0x80, '\x00', 0x39}, 0x7b}}, 0x2, 0x5, 0x6, 0x8, 0x18, 0x5, 0xd1}, 0x9c)
close_range(r1, 0xffffffffffffffff, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000140)="8d100100b80038110000000000000008ca6c6abe1cc3076eb2b730883012b914b788ea8bf99a9ada09174d44c83f1b8772afff764f174ef0e48959579090fc775116e05fd0fed4b5d8e69b01bf053b452ca37f99875eee8059c4026154", 0x5d)

2m26.96357697s ago: executing program 3 (id=890):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c00000010000000080000000000000000", @ANYRES32=0x0, @ANYBLOB="2a1302001a800b0001007e656e6576f33c5fef851566fdb226c7af5cd2809653d02c15f604441378abf0c02f35b0104b52629de115cfd52dd3fbc644e6ffbcc34fd015735a4e7cc3b58427f153edc2a9ff257445cafb00b826fd4cbf3582b0a149"], 0x3c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_BSS(r0, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8abb29e09f442f35, 0xffffffffffffffff, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$dri(&(0x7f0000000240), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x140001)
ioctl$DRM_IOCTL_SET_MASTER(r3, 0x641e)
r4 = syz_io_uring_setup(0x65ac, &(0x7f0000000740)={0x0, 0x1caa, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r4, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
ioctl$SNDCTL_DSP_SYNC(r7, 0x5001, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@mask_fadd={0x58, 0x114, 0x8, {{0xf, 0x1}, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0x7, 0x3, 0x28, 0x5}}], 0x58}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8b34, &(0x7f0000000000)={'wlan0\x00'})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb, 0x0, &(0x7f0000000000)="43227504000000b32415f7", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r10 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r10, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
r11 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r11, &(0x7f00000002c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40)
connect$rose(r11, &(0x7f00000001c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x40)

2m26.425470736s ago: executing program 0 (id=891):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000000180), 0x40)
readv(r1, &(0x7f00000013c0)=[{&(0x7f0000000280)=""/186, 0xba}], 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0x4}, 'port0\x00', 0x786520dbf34c80ff, 0x20a03, 0x122, 0x0, 0x0, 0xc, 0x400, 0x0, 0x0, 0x87})
openat$sequencer2(0xffffff9c, 0x0, 0x123482, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'rose0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r4], 0x20}}, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e22, 0xdd9, @dev={0xfe, 0x80, '\x00', 0x39}, 0x7b}}, 0x2, 0x5, 0x6, 0x8, 0x18, 0x5, 0xd1}, 0x9c)
close_range(r0, 0xffffffffffffffff, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000140)="8d100100b80038110000000000000008ca6c6abe1cc3076eb2b730883012b914b788ea8bf99a9ada09174d44c83f1b8772afff764f174ef0e48959579090fc775116e05fd0fed4b5d8e69b01bf053b452ca37f99875eee8059c4026154", 0x5d)

2m26.270957108s ago: executing program 32 (id=891):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000000180), 0x40)
readv(r1, &(0x7f00000013c0)=[{&(0x7f0000000280)=""/186, 0xba}], 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0x4}, 'port0\x00', 0x786520dbf34c80ff, 0x20a03, 0x122, 0x0, 0x0, 0xc, 0x400, 0x0, 0x0, 0x87})
openat$sequencer2(0xffffff9c, 0x0, 0x123482, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'rose0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r4], 0x20}}, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e22, 0xdd9, @dev={0xfe, 0x80, '\x00', 0x39}, 0x7b}}, 0x2, 0x5, 0x6, 0x8, 0x18, 0x5, 0xd1}, 0x9c)
close_range(r0, 0xffffffffffffffff, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000140)="8d100100b80038110000000000000008ca6c6abe1cc3076eb2b730883012b914b788ea8bf99a9ada09174d44c83f1b8772afff764f174ef0e48959579090fc775116e05fd0fed4b5d8e69b01bf053b452ca37f99875eee8059c4026154", 0x5d)

2m25.875622794s ago: executing program 3 (id=894):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
umount2(&(0x7f0000000100)='./file0\x00', 0x8)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000840)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f000000540b4550182195f51584b3"], 0x0}, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x0, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x5, 0x6, 0x0, 0x45, 0x4, 0xbdb], 0x1, 0x280040})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r4)
sendmsg$TIPC_NL_PUBL_GET(r4, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000000)={0x20, r5, 0x341, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x5, 0x2, 0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000814}, 0x14)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd28, 0x25dfdbfe, {{@in6=@dev={0xfe, 0x80, '\x00', 0x17}, @in6=@dev={0xfe, 0x80, '\x00', 0x2b}, 0x0, 0x0, 0x0, 0xe5, 0x2}, {0x0, 0x4, 0x0, 0x3, 0x0, 0x2, 0xfffffffffffffffd}, {0x2000000000, 0x800, 0x6}, 0x0, 0x0, 0x1, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x24008040}, 0x8000)
syz_emit_ethernet(0x46, &(0x7f0000000400)={@local, @random="df00004000", @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x11}, {[@ssrr={0x89, 0x7, 0xa2, [@broadcast]}, @cipso={0x86, 0x6, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
openat$hpet(0xffffff9c, &(0x7f0000000a40), 0x640400, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x40, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r7}})
syz_usb_control_io$hid(r3, 0x0, 0x0)
r9 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
r10 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_POLL(r10, 0x640f)
ioctl$HIDIOCGUSAGE(r9, 0xc018480b, &(0x7f00000000c0)={0x3, 0xffffffff, 0x81, 0x7f, 0x21185045, 0xffffffb3})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x48, r1, 0x101, 0xfffffffa, 0x0, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x9, 0x6f}}}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x8, 0x51, 0x0, 0x1, [{0x4}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008091}, 0x0)

2m23.069992863s ago: executing program 3 (id=906):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = openat$sndseq(0xffffff9c, &(0x7f0000000180), 0x40)
readv(r2, &(0x7f00000013c0)=[{&(0x7f0000000280)=""/186, 0xba}], 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0x4}, 'port0\x00', 0x786520dbf34c80ff, 0x20a03, 0x122, 0x0, 0x0, 0xc, 0x400, 0x0, 0x0, 0x87})
openat$sequencer2(0xffffff9c, &(0x7f0000000040), 0x123482, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'rose0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20], 0x20}}, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x7)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e22, 0xdd9, @dev={0xfe, 0x80, '\x00', 0x39}, 0x7b}}, 0x2, 0x5, 0x6, 0x8, 0x18, 0x5, 0xd1}, 0x9c)
close_range(r1, 0xffffffffffffffff, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000140)="8d100100b80038110000000000000008ca6c6abe1cc3076eb2b730883012b914b788ea8bf99a9ada09174d44c83f1b8772afff764f174ef0e48959579090fc775116e05fd0fed4b5d8e69b01bf053b452ca37f99875eee8059c4026154", 0x5d)

2m22.745013797s ago: executing program 3 (id=907):
socket$inet6(0xa, 0x1, 0x8010000000000084)
socket$can_raw(0x1d, 0x3, 0x1)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
io_setup(0x222, &(0x7f0000000180)=<r1=>0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES16=0x0, @ANYRES64=0x0, @ANYBLOB="a785e3571ad152c58e23de0c0aad4067518944f404000000ee5dc7c09b6c45bbccacea1b37498b2017deb429c1a65021b0c452098ec82dc499ff5c9c3fcd90a090", @ANYRES32=r2, @ANYRES16, @ANYBLOB="00d04a4c5d79580b69dc", @ANYRES8=r0], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x3, &(0x7f0000001240)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xaf, &(0x7f0000000140)=""/175, 0x41000, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f00000006c0)=ANY=[], 0x10c)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x6, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000001240), 0x0, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r7, &(0x7f00000009c0)={0x2, 0x4e24, @loopback}, 0x10)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
writev(r7, &(0x7f0000000200)=[{0x0}], 0x1)
io_submit(r1, 0x1a, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
syz_io_uring_setup(0x4391, &(0x7f0000000080)={0x0, 0x3670, 0x10100, 0x0, 0x31b, 0x0, r8}, &(0x7f00000004c0), &(0x7f0000000040))

2m22.623176572s ago: executing program 33 (id=907):
socket$inet6(0xa, 0x1, 0x8010000000000084)
socket$can_raw(0x1d, 0x3, 0x1)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
io_setup(0x222, &(0x7f0000000180)=<r1=>0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES16=0x0, @ANYRES64=0x0, @ANYBLOB="a785e3571ad152c58e23de0c0aad4067518944f404000000ee5dc7c09b6c45bbccacea1b37498b2017deb429c1a65021b0c452098ec82dc499ff5c9c3fcd90a090", @ANYRES32=r2, @ANYRES16, @ANYBLOB="00d04a4c5d79580b69dc", @ANYRES8=r0], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x3, &(0x7f0000001240)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xaf, &(0x7f0000000140)=""/175, 0x41000, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f00000006c0)=ANY=[], 0x10c)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x6, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000001240), 0x0, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r7, &(0x7f00000009c0)={0x2, 0x4e24, @loopback}, 0x10)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
writev(r7, &(0x7f0000000200)=[{0x0}], 0x1)
io_submit(r1, 0x1a, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
syz_io_uring_setup(0x4391, &(0x7f0000000080)={0x0, 0x3670, 0x10100, 0x0, 0x31b, 0x0, r8}, &(0x7f00000004c0), &(0x7f0000000040))

4.790001718s ago: executing program 2 (id=1596):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x8, 0x7fff7ffc}]})
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc048aeca, &(0x7f0000000180)={0x6, 0x0, [{0x991, 0x0, 0x20298ce9}, {0xaa8, 0x0, 0xa}, {0xa74, 0x0, 0x400}, {0xa1d, 0x0, 0x40}, {0x276}, {0x863, 0x1000000, 0x5}]})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, 0x0, &(0x7f00000003c0)=""/88, &(0x7f0000000440)=""/137, 0x4})
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000000c0))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021300011800b00010074617267657400002000028005000300c400000008000240000000000a0001"], 0xb4}}, 0x0)
r8 = dup(r6)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r8})
ioctl$int_in(r1, 0x40000000af01, 0x0)
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r9, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r9, 0x40345410, &(0x7f0000000000)={{0x0, 0x3, 0xfffffff9, 0x1, 0x3ff}})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000000)={'veth1_virt_wifi\x00', 0x200})
close_range(r0, 0xffffffffffffffff, 0x0)

4.621535817s ago: executing program 2 (id=1599):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
r5 = syz_open_procfs(r1, &(0x7f0000000380)='net/if_inet6\x00')
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x501042, 0x1ef)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r6 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r6)
execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000640)={0x2020}, 0x2020)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
recvmsg(r0, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000180)={0xfffffe, 0x2, 0xfffffffe}, 0x10)
write(r7, &(0x7f0000000000)="240000001a005f0211f9f407000904001f00000000000000000000000800040001000000", 0x24)

3.738708106s ago: executing program 5 (id=1602):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1002, 0x2)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0cc5640, &(0x7f0000000240)={0x2, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x3}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
syz_open_procfs(r2, &(0x7f0000000380)='net/if_inet6\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0300000006000000ff0000000400000081320000", @ANYRES32=0x1, @ANYBLOB="73a800"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="050000000100"/28], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000001000000000000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x15, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000001000000926cd82155dd86c2e79638ee6c3b95e6c8669e63f5c4d2c44f6c736e0e04089214488d10a384f5dd9ef1f3b79543cc9654bf19f33bd627bb8b22752d7af5df31b3d1a7a55c5245dbd90948b149083e01ad15c29ff009f5336969c8db2a3b73041006515128248413578dfe0ce6df5749fcf93f25862b9219bac5eb91f93cacce08d78ce5d501b39715ce06667ec78a0a5c2a570a0ed900a0a1398eef286d43ace2af513ef3b17692f359231020404e6155ac89160000000000000001c031bcfe1fa2f1f2113d1e1addae8bf22b702c9e8b35", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000860000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000005000000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b70400000000000085000000330000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r5, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63ec33c9e9b986c0f4f24abba1a4", 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x6f)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x6)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000100)={0x4, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000340))
r8 = syz_io_uring_setup(0x10d, &(0x7f0000000500)={0x0, 0x6ebb, 0x0, 0x1, 0xfffffffe}, &(0x7f00000000c0)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffd, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
r11 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00')
preadv(r11, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/65, 0x41}], 0x1, 0x1ef, 0x0)
io_uring_enter(r8, 0x3516, 0xe0ff, 0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x8, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x0, 0x700, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2063569a"}, 0x700})

3.554750827s ago: executing program 1 (id=1603):
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000380)={<r0=>0x0, 0x200, 0x0, [0x3ff, 0x307f, 0x2, 0x2, 0xe], [0xffff, 0x80000001, 0x10000, 0x8, 0x100, 0x3, 0x4582, 0x3, 0x9, 0x7, 0xa5, 0x6, 0x6, 0x200, 0x1, 0xfffffffffffffff8, 0x7, 0x8000, 0x7, 0x2, 0x6, 0xffffffffffffffff, 0x8d2, 0x4947, 0x5, 0xfffffffffffffff1, 0xff, 0x2, 0xd4, 0x2, 0x7ff, 0x100, 0x1, 0x9, 0xff, 0x9c, 0x1, 0x0, 0x3, 0xb, 0x9, 0x1, 0x6, 0xd96c, 0xfff, 0x7fffffff, 0x7, 0xfff, 0x2e8, 0x2, 0x8001, 0x3, 0x9, 0x8, 0x1, 0x2, 0x9, 0x0, 0x8, 0x2, 0x0, 0x0, 0x8, 0x3ff, 0x1000, 0x100000000, 0x2, 0xff, 0xfffffffffffffffe, 0x1, 0x0, 0x9b03, 0x8001, 0x7fffffff, 0x2, 0x54a1, 0x7, 0x6450, 0x8, 0x5, 0x0, 0x2, 0x1, 0xa5f9, 0x200, 0x7, 0xff, 0x9, 0x1000, 0x0, 0x7, 0x1000, 0x3, 0x2, 0x10, 0x2, 0x5, 0x5, 0xffffffffffffffe5, 0x3, 0x7, 0x1, 0x7, 0x8, 0x1, 0x4, 0x8, 0x800, 0x2, 0x627, 0x2, 0xffffffffffffffff, 0x4000000000000000, 0x10, 0x2, 0x3b0a, 0x8, 0x5, 0x8, 0xffffffff7fffffff, 0xe1b]})
ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca249435, &(0x7f00000007c0)={0x1, 0x8, @start={r0, 0x0, "fcf40f91176f59a4c106dcac7b095b4a31b0dc275f1c67b8028d04d5b2f13c29c3544638fb0ccf5742ef6c9a278d0795007c8e1927608ce6854e690944073ebc53d0cff0080d808615cffddbd91cbd9d5547b5c732529f19d6c7f1b5899c907dd4abd2dc1e217a00400f286d3f3fac58deeb71d46e24a7bb3705116fc66c5ddbbab4b18c2bfd422758a688a67ac1b7c03401839a91ab0b4e011cfd50e0a1012eaff5642d07ffc8fbc86b2cd53ed33cec646aeff95b126bc43441ed92930d250df0a5da63bf8b6fcd91cd5a1b875dc453648b83903256608eef062fb19fef7e72eeeed0198a71d3b19a97e25dba14354bdf85fd6d046382e12e26c7bf6235b623221aab91d186262e7576a9b9b2b419d22f09bf74fcd2fb944c6c1d31c62d5b3e220992b40c23b92f19e1b2242e4b18804455c332aadd8784c1a18048982920055eb57c8b6150e275eaa2da330a001ef8325474f818aad907dc50d643757c6b44e25a32e440dceecb19f5a9a83dfb6ec5b93115395b385b311a8b75b197b8802e10aceb1ab193763614952d96aab2e03cbc1ec9a4321e5d49547cb99ec53be85ad9f71252a588cf1a708f14da8508e158903da2b2f1d2c0a682b75b3ae29f057b9eecf695797717eaac4abf12f193b5203e9ea2f4c123485f33a7b33e13c61cf634eac7183a55f30a45aa776ec14d6115ba620f005f8e6999bc52e57b9bbfd8b6cb5f74e047195ad83cc1a4623084059eb03d882a7b6893b2b7233eb2f86b00ddf153b534d58fe147132eb4d936211e027e4161018cca7b59a6715edf73907c3a2d266fc26149d20fb627f9916b4aa7db89c4a32a16467b8b47a2450fe8d19a1bec41e68c68714f9b0db9fc514dd0c79cf4bf829201a794f0591dca5c9a7a243219006a11452b8f9d2086259c3e9f4d81aa9ec5127a3e79fc847d9e729ee86f330c8b0ed1b2b3a57218515892bb83d93ea18ebe45a445a1a5e161459d761686b504621ac1d36bd300b6ab249b798ff7e46710c164b921324ff0bdba867e4f6f6fd4f02acef1044ba105bb4d2effcb8750f8b88558c345a3f52642fa5710c37b110b1e8f160028893205e827234ed7ab3c21ba58d0f3b3dd8f19295438705692f5438aa147b5eb362480113ec610bcbf656974e4e88b361ed04d43df53c8b5930cf14e5beb725f7b15f189ce19f4a9dc5cbf2a947425e42b01357ee65cc6216ecaf6345574b03d74f001f05cf7c301a3ca24abb6e35f64059c072beac37fa80fe9a686738eb5bbd6add10b41f8a7b2fa6988dc3215eecdaf503ea1cfbec65ea5ab36272927635db3649e5fb0a972bce1a2888184267c8cba81c2ef95cd0f26c7bb99d473fe219211bb9a8b0a8399e5db3fe7199b76f92f9ded8b2b5cbc54fabd0791522b73f72f5747e41e5464395e8b2b8e9e945ced4e4d9f1ebe5a136ae8256047", "e1926013843b1d805ff11c0b4faed180e9c1cf0ce960230ac254534a29174fd2470a9d89d9d93b46cb2576d193e67f636bfe4a69cb3450528c2cb2f350318c1e3d7e40647ac5b1a1a12aca4e6e004fba7adcf93768d70569d9cc60a7bb340bdb8d7fbd67c2d9e017e0cbbf1e087e5ed1dc43f02b1440a35463c3df951ddae08b7240ab18cabc0421e49dab8d2a0787ff5931147d1f30ebb58923ec288ff79e945ec1dc667738323a096d3a2e70d951406ddee8fb07e46e997a0dd8cee36f0ded97cb27c83abf40e29ed6c3bb7a1b6674a6b5836ad865e7a4fdbd18f53f522ae1a189ccbd73b1c79b5ca17c68a55665a5b1712bdbc48390f34da89298b79c70471092c066f1765115964326c7ef0650af7083384175cad99496e6a6206e6a6fa5ecbcc185b80efc9d9aba39ba5bea7b08f37a598e479360b9953a954bc1beb47068b69f50251963501d147dabacd58a5064e07366a6751cc1651c3bd66dfd1750e2030efe2090fb5441840881611404fe8e6a0ed6911711506d72c103a9a9c614bd1268703d5206b3102229490901c26bc19111f95baa0fcdd678a99cdc86f3fa5fd5460606ed4adf5e657fab52236bc47989c212e55e94f85b77373163c54e017de2cfeaec63dc329b1ed7fd799a526c519d682ef42583c08badc06942eda91c2f7d6355761a5e8e56f826a0d1726719ae51d90b5e43708dfa014db38fcf7ec80364d6ca3a752d02b02e4b1b193cc3ecd3cb1383558644603c5dfebf9b62057142823ed2cd7f4d727a72258e3a0ae069d489a94db015cb509858c1ca0d865e73384bc13eac9bf89918216623e9561ba1bfb556bd0e802ccd384274c5b6b6006be2c4f4f8a2c4f67cb281288a843e7e0011b110f75e439abda894cf3299b1e64c082cf3e8b0cc5ddd76e44355e9280d3112087c34a58da593dfc316797a9620ffe902f58cbf0d4cb1f7a1c7189d2b406dd6580cafdd0c5723abbf0d3be05efff84336f085ebc67575c41b963fb0c2972b456d0ee32a8fb73ff67ab4f5d75925c5adfdb632eaf846685d363beb70caed034d44fa828662d0e7b24320b6987007c5db8bb75144907d79fb3430be8de00feca6eb60ddafa90fa80f88fc2f8a27295bb8fb934e439668e236ff1979da02d7ac27c5ec1738b4244a2f926765e065eb82f2a1471dff77b027f214c06721722c0fe5642686c13c8e4542abb91dc0599d2b34801c47336095c3105f0a64cb066671ee1a066ac27b588d6359a296f4f3e36bbcd336c8065be03578e24e2a1c15badac662ba3b7b1086f2180c3005149e9975e8b158a24d08dec2a85d6ec24e04e684e05d699c01dcceb1cd32773415b47b2271e4562d3fd86099a8b4406f4fe55c8e63520d819cfd17e3e8861e3fe976d7543daddd4b363143c8621fc3bdf79ac5e756bef712ddfac61de107d3177164c44cd8"}, [0xd6, 0x8, 0x3ff, 0x4, 0x7fffffffffffffff, 0x8, 0xffffffffffffffff, 0x1, 0x101, 0xffffffffffffffff, 0x1, 0x1, 0x7fffffff, 0x3, 0x7f, 0x65443e95, 0x0, 0xff, 0x1, 0x8001, 0xffffffffffffffff, 0x3, 0x9, 0xb9, 0x181, 0x3, 0x7fff, 0x9, 0x9, 0x10001, 0x4, 0x180000, 0x7, 0x2, 0x57863563, 0x4, 0x80, 0x7f, 0x3, 0xfffffffffffffffb, 0x9, 0x4, 0xfffffffffffffff7, 0x6, 0x2, 0xbb, 0x4, 0x4, 0x101, 0x1, 0xbb40, 0x8, 0x4, 0x92, 0x9, 0xffffffffffffffff, 0x0, 0x80000000, 0xd4, 0x1ff, 0x800, 0xffffffffffffffff, 0xfffffffffffffff9, 0x6]})
r1 = openat$nvram(0xffffff9c, &(0x7f0000001400), 0x62000, 0x0)
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000001440), &(0x7f0000001480)=0x4)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000024c0)=@delchain={0x24, 0x65, 0xb04, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0x9, 0x1}, {0x2, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004885}, 0x40004)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f00000000c0)={0x1, 0x79e}, 0x8)
sendmmsg(r2, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
sendmsg$NFT_BATCH(r2, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x2c, 0x16, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x54, 0x16, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x49, 0x2, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xf4}, 0x1, 0x0, 0x0, 0x4800}, 0x4804)
r3 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r3, &(0x7f0000000080), 0x10)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, &(0x7f0000000080)=ANY=[@ANYBLOB="0200"], 0x8)
listen(r3, 0x0)
r5 = syz_open_dev$vcsa(&(0x7f0000000300), 0x8f90000, 0x441)
getdents(r5, &(0x7f0000001200)=""/249, 0xf9)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000001300)=@newtaction={0xc8, 0x30, 0x9, 0x0, 0x0, {}, [{0xb4, 0x1, [@m_bpf={0xb0, 0x3fff, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60}, {}, {0x3}, {}, {}, {0x0, 0x8}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xffffffff}}]}, {0x2b, 0x6, "6667eec8428d8e049d8e3ea103ced48a6004a64cf8872379ec4bcd9cf0913d5b0000640a3ebc00"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xc8}}, 0x0)

3.479508048s ago: executing program 1 (id=1604):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='memory.numa_stat\x00', 0x275a, 0x0)
read$FUSE(r1, &(0x7f0000000900)={0x2020}, 0x2020)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x27878bde, 0x244702)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x12)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x200)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x570}]})
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000180)=0xf)
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x2)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r4}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1b, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xd, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r6, 0x2f, 0x0, 0xffffffffffffffff, @void, @value=0x0}, 0x20)
r7 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'bond0\x00', <r8=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r8, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9c, '\x00', r8}, 0x50)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@fallback, 0xffffffffffffffff, 0x7}, 0x20)
r9 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x2fb, 0x402)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r9, 0xc06c4124, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})

3.389456381s ago: executing program 1 (id=1605):
socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r2, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x11)
shutdown(r2, 0x1)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r0, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x4b5, 0x1, 0x12)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000400), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r5, 0xc0145401, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x3})
r6 = socket(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0x0)
r7 = openat$sr(0xffffff9c, &(0x7f0000000040), 0x80000, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r7, 0x541b, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r8, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000200)={<r9=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000400)={r9, 0x5, 0x20}, &(0x7f0000000440)=0xc)

3.31994828s ago: executing program 2 (id=1606):
syz_usb_connect(0x0, 0x9a2, &(0x7f0000000040)=ANY=[@ANYRES8], 0x0)
set_mempolicy(0x1, 0x0, 0x1)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=@newlink={0x48, 0x10, 0x439, 0x70bd2a, 0x0, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_6RD_RELAY_PREFIX={0x8}, @IFLA_IPTUN_6RD_RELAY_PREFIX={0x8, 0xc, 0xee}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000000)=[0x17, 0x5])
syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x10, 0x4b8, 0x202, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x6, 0x40, 0x7, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x7, 0x1, 0x1, 0x7f, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x7, 0x1, 0x2}}, [{{0x9, 0x5, 0x82, 0x2, 0x400, 0x2, 0xd, 0x5}}]}}}]}}]}}, &(0x7f0000000540)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x250, 0x1, 0x9, 0x8, 0x20, 0xe}, 0xe5, &(0x7f0000000180)={0x5, 0xf, 0xe5, 0x5, [@ptm_cap={0x3}, @generic={0xb4, 0x10, 0x5, "7b659128cc4a27f8963fed825d3a43cd8d9ebfe41bcd80e50aa3bb940e0de9eed1acb218fb8b04dbbb25d78e19b4bb748da89c9bd33fa6ab1d0ec13555a06670e40fe1bbd182d2a555212f335d5239e6e53b0a021e8af07bacdabfb95e16c22edd7e3a1106e57fa1c71077d5ffc3340e36ce4c3a92e1d79fd787c6d79846570d18536ae5e544856dd5381910d35d431df2720574db638da68aa443f2f2d8ce6ae19a1425deb25b60881a787ed134b70240"}, @ss_container_id={0x14, 0x10, 0x4, 0x4, "f7dd21ee385de2bde23ee453dd28d029"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0xc0, 0x3, 0x2}, @wireless={0xb, 0x10, 0x1, 0xc, 0x98, 0x7, 0xfb, 0x9, 0x4}]}, 0x6, [{0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x3c01}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x40b}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x43e}}, {0xe1, &(0x7f0000000340)=@string={0xe1, 0x3, "c43e0bb18ce6223a75e763ec0441c3cceffb92f9074f4ec6e708199a184a45ebaac00929c8e1fc25aa6c52b200b4d8bda340de112fc241d8cc2a7205361c10bf989952325f17aefca736442a7015be3a407a954207224b418f41343873b16b026fda18946763f1ad3ae249cb7d9bb636c423e02a7624abfd2cfe7e2b2fea5fa49f4c6afdfa21f58cd30f23d88362897daa2dba8d9ac048400e2f46c9105aabf5524d998c4bf6d4298de94bfc610e844fe4ef911745a603bf5f97525402d35ad2f7ff5bd705984137dd37314f252357f7879b7eaebef1552f2f0d7e2b6a1479"}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x410}}, {0x47, &(0x7f0000000480)=@string={0x47, 0x3, "b787ca6793fd05127194a389112044bb8d6b92d8151e4e1edb44734aea261ec347db57c907ee5e833cae89882d6d53dcd25af0fbfadaee4a39632fcfaa8296fae73febec3f"}}]})

2.759315344s ago: executing program 5 (id=1607):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000180)=0x5, 0x4)
syz_emit_ethernet(0x42, &(0x7f0000000240)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371"}}}}}, 0x0)

2.757168716s ago: executing program 5 (id=1609):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x8, 0x7fff7ffc}]})
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc048aeca, &(0x7f0000000180)={0x6, 0x0, [{0x991, 0x0, 0x20298ce9}, {0xaa8, 0x0, 0xa}, {0xa74, 0x0, 0x400}, {0xa1d, 0x0, 0x40}, {0x276}, {0x863, 0x1000000, 0x5}]})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, 0x0, &(0x7f00000003c0)=""/88, &(0x7f0000000440)=""/137, 0x4})
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000000c0))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021300011800b00010074617267657400002000028005000300c400000008000240000000000a0001"], 0xb4}}, 0x0)
r8 = dup(r6)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r8})
ioctl$int_in(r1, 0x40000000af01, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
close_range(r0, 0xffffffffffffffff, 0x0)

2.598977751s ago: executing program 5 (id=1610):
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r0, 0x104, 0x5, &(0x7f0000000080)=0x3de, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18)
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x18, 0x30, 0x401, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0xf000000, 0x0, 0x854}, 0x0)

2.398635637s ago: executing program 1 (id=1611):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
io_setup(0x7, &(0x7f0000000280)=<r1=>0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x1a0200c, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r3}})
r4 = syz_io_uring_setup(0x22f3, &(0x7f0000000140)={0x0, 0x46f9, 0x10000, 0x2, 0x2cf}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_STATX={0x15, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2800, 0x1})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000b40)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x8, r0, 0x0, 0x0, 0x5, 0x0, 0x6}])

1.653306749s ago: executing program 5 (id=1614):
syz_open_dev$sg(0x0, 0x489, 0x210300)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x0, &(0x7f0000000040)})
getpgrp(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000400000008d0000007100000095"], &(0x7f00000008c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{0x0, 0xeeef0000, 0xe, 0x0, 0x81, 0x4, 0xa, 0x4e, 0x0, 0x5, 0x6, 0x1}, {0x5000, 0xffff1000, 0x3, 0x5, 0x2, 0x8, 0xd, 0x3, 0x0, 0x81, 0x8, 0x1}, {0x5000, 0x0, 0x0, 0x7, 0x3, 0x1, 0x7, 0xf, 0x8, 0x6, 0x2}, {0xeeef0000, 0x5000, 0x4, 0x2, 0x1, 0x3, 0xc, 0x0, 0x1, 0x5, 0x4, 0x8}, {0x100002, 0xeeee8000, 0x9, 0x0, 0x80, 0xee, 0x0, 0x7, 0x7c, 0x0, 0xe, 0x9}, {0x3000, 0x1000, 0x8, 0x1, 0x5, 0x4, 0x1, 0x1, 0x6, 0x86, 0x55, 0x2}, {0xeeee8000, 0xeeee0000, 0xc, 0x7, 0x7, 0x3, 0x1d, 0x47, 0x30, 0x7, 0x8, 0xe1}, {0xf000, 0x2, 0xc, 0xf8, 0xfd, 0xa, 0x2, 0x44, 0x3, 0x8, 0xf, 0xce}, {0x1000, 0x7}, {0x6000, 0x5}, 0x80000035, 0x0, 0x0, 0x50, 0x7, 0x1000, 0xeeef0000, [0x5, 0x8001, 0x8]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000334000/0xc00000)=nil, 0xc00000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x5377f000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

1.569998641s ago: executing program 4 (id=1615):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000040)={0xc0, 0x1f, 0x1, 0x0, 0x0, "", [@nested={0xad, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x4}, @generic="0926b3eb9e87f8c8b3a6caa09a1a38d124a173def80bde05b592a5f49cb8056fef80a90fc8c487e1b6004db5feaf0d98b43fc34265f6f01ce7fed79fa135fe637b9fdc8c89e7777e70aecc0b9c372af84eb990d7d32d6c563a42d4889ed3925ac319f32db2703ff85c5b143715d335c94f3fd06ba27da8f5fe0788f669730c4358c2be63e2", @typed={0x8, 0x96, 0x0, 0x0, @fd}, @nested={0xf, 0x7a, 0x0, 0x1, [@typed={0x8, 0x64, 0x0, 0x0, @fd}, @generic="741194"]}]}]}, 0xc0}], 0x1, 0x0, 0x0, 0x20000080}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)=""/178, 0xb2}], 0x1}, 0x2}], 0x1, 0x40000022, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4089, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f0000000540)=""/158, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0x137c}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1.509719611s ago: executing program 4 (id=1616):
r0 = dup(0xffffffffffffffff)
set_mempolicy(0x2, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0x20010, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x4001)
sched_setscheduler(0x0, 0x1, 0x0)
accept4$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14, 0x80000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet6(0x10, 0x2, 0x4)

1.508342056s ago: executing program 4 (id=1617):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="0003000000000000000000000095000000000000009d1765813677e2eae1118895458ee44fed4125f9e948145f1d7dd2b32f1bbf81"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a3000000000080041007369770014003300766c616e310000000000000000000000bfdb60c594546c18e604a6739d4acce8854f579770a4d89d81c4645cdde5b7bedcb85a7a629182bb31cbe7ac1adbd92f3a1eadf5a9702a96f7c41212f64802f41ce190e624cd68c53f7292307f0d8e3d98f880fdfaa8df92d67030c7ff61d0262ae765c2386918945330eec547780e69481f55086dc3ef703b43ad9a7e60e74e3c138558f7b93d2f7569c0906ce495ce256879d8ccaaf37acc62e4f94c2dae9b"], 0x38}, 0x1, 0x0, 0x0, 0x80c9}, 0x20000000)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), 0xffffffffffffffff)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth0_to_bond\x00'})
socket$netlink(0x10, 0x3, 0x0)
r3 = gettid()
r4 = syz_open_procfs(r3, &(0x7f0000000500)='status\x00')
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x2)
syz_open_procfs(0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
open$dir(0x0, 0x488180, 0x103)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="ad4300000000000020c015"], 0x14}, 0x1, 0x0, 0x0, 0x1004}, 0x2)
read$FUSE(r4, &(0x7f0000003440)={0x2020}, 0x2020)

1.252537919s ago: executing program 5 (id=1618):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000206000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, &(0x7f0000000400)="260f1d9e8000c0fec744240000400000c7442402003800000f011c24673e400f01c80f3566ba6100ec0f01c9b9f40b00000f32b9800000c00f3235000800000f30f2afc421b96a5d0c", 0x49}], 0x1, 0x1a, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
keyctl$describe(0x6, 0x0, 0x0, 0xffffffffffffff87)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x31, 0x40000000788, 0x7fffffffffc, 0x183, 0x40004, 0x0, 0xee, 0x10000000003, 0x4, 0x1000045, 0x6, 0x3b9, 0xf, 0xfffffffffffffffd, 0x15855810, 0x1000], 0x26000, 0x384210})
keyctl$dh_compute(0x17, &(0x7f0000000740), &(0x7f0000000780)=""/4096, 0x1000, &(0x7f0000001840)={0x0})
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(r3, 0xc0905664, &(0x7f00000000c0)={0x0, 0x0, '\x00', @bt={0x3, 0x100, 0x10000, 0x8, 0x6, 0x6, 0x8, 0x2}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001880)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r5 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
getsockopt$ax25_int(r5, 0x101, 0xc, 0x0, &(0x7f0000000300))
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x0, 0x4000)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x1)

1.229085753s ago: executing program 1 (id=1619):
syz_open_dev$sndctrl(0x0, 0x1ff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=@newtaction={0x238, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x224, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_mirred={0x1dc, 0x1f, 0x0, 0x0, {{0xb}, {0x104, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x7, 0x8, 0xffff}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xa, 0x8, 0xffffffffffffffff, 0x1, 0xfffffffe}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x20000000, 0x8, 0x20000000, 0x10000, 0x3}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x7, 0x10000000, 0x4, 0x5}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10, 0x3, 0x5, 0x8, 0x6}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x6, 0x8, 0x3, 0x9}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10001, 0x8, 0xfffffffffffffff8, 0x5, 0x7}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x5, 0x10000000, 0x101, 0x1000}, 0x2}}]}, {0xaf, 0x6, "e33ddd1bf087f65e5b4398a38e73a63d85ff75d380a97661f7859d17fb278abdd2d7ac867e2277646affe840ea14a46ffe983a40e138e3a535763252965dfae89fae34c08578ab17a709c393a361e20a5918cbf19e9119feaedd02a124e3d2567fac825f5c87e5385d88031135055c45e1d23e030f1543536a92195c22e0443abd42244669c6e0f03f184931974ebee6a64465c070c343e98ead0b7b637f25b99779ef5abbad47404556de"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x238}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
socket$netlink(0x10, 0x3, 0x15)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
lseek(r4, 0x8, 0x6)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_SECURITY_KEY(r5, 0x110, 0x1, &(0x7f0000000300)='GPL\x00', 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x4)
fsmount(r3, 0x1, 0xf0)
ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f00000000c0))
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r6, 0x800448f0, &(0x7f0000000180)={0x0, 0x0, "a4cd91", 0x9})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="740000001000010400000000000000", @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800050001000000140007000000000000000005000000000000000108000f", @ANYRESDEC], 0x74}}, 0x0)
bind$rxrpc(r5, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
ioctl$AUTOFS_IOC_READY(0xffffffffffffffff, 0x9360, 0x5e1b3f43)

609.903537ms ago: executing program 4 (id=1620):
socket(0x10, 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x1000006e}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000380)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d63, 0x3}}, 0x44)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000340)=0xff)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb010018000000000000000c0000002f00000000005f0000000000000077a45ddc8aefca23562a4894f44cce421602c26bf99ed4e0da7ca4f85b7a66a553dc1667b81ff037549f9b115480cab89e17c6e2f54a7aabf7943e53acd85e880808a02a8f2fd695bb43a04a"], 0x0, 0x28}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0xd, &(0x7f0000000480)=ANY=[@ANYBLOB="b7080000000000007b8af8ff00000000b7080000faffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="6a007ffeffff7f00000000000800a5000000"], &(0x7f0000000000)='syzkaller\x00', 0x4000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, r8, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x810)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vcan0\x00'})
writev(r7, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r7, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)

399.494916ms ago: executing program 4 (id=1621):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000180), 0x182890, &(0x7f00000003c0)=ANY=[])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x5, 0x2, 0xfffffffffffffffe, 0x8, 0x0, 0x0, {0x40, 0x3, 0x6, 0xffff, 0x1000, 0xfffffffffffffffc, 0x0, 0x0, 0x120, 0x2000, 0x0, 0x0, 0x0, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x2, 0x14c0348, 0x40, 0x1, 0xfffffff1, 0x0, 0x0, 0x0, 0x80, 0x7fffffff}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r2, 0x542f, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000600)=ANY=[@ANYBLOB="5000000010000305fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="11110200338a0000280012800b0001006d61637365630000180002800c0004000400000100c2800008000500f9ffffff08000500", @ANYRES32=r4, @ANYBLOB="7fc05aa98b44188bdbd8a51ceca8f0a983f62efd19e6584ace99542c63a59c6413e5adfb62a300f4d8c7492b33d634576a6df9e893465ef8c6c0dfebd8a6328059e8a71ae2d2c841a5ea8efc2f4de7ff34886eff35f9939827a341273ceb4349e7ca77cd4ad91a058297189e109b270a87035d6fcfa1bcb216ce708c71bde955f528a3698eb8f5fab5c793f28b0a88132169c5"], 0x50}, 0x1, 0x0, 0x0, 0x48890}, 0x0)
r5 = syz_io_uring_setup(0x82a, &(0x7f0000000340)={0x0, 0x193a, 0x400, 0x0, 0x56}, &(0x7f00000002c0), &(0x7f00000004c0))
r6 = io_uring_setup(0x1694, &(0x7f0000000500)={0x0, 0xfffffffd, 0x10000, 0x3, 0xa6, 0x0, r5})
io_uring_register$IORING_UNREGISTER_BUFFERS(r6, 0x1, 0x0, 0x20)
r7 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r2, 0x40405514, &(0x7f0000000140)={0x2, 0x3})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r10, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r11=>0x0})
connect$can_bcm(r10, &(0x7f00000002c0)={0x1d, r11}, 0x10)
sendmsg$can_raw(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f0000000580)=@canfd={{0x1}, 0xff, 0x2, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000004e2f9663a918fa1efd9b0b"}, 0x48}, 0xee}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r9, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f786dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r7, 0xc2c45513, &(0x7f00000000c0)={0x9})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)

339.262183ms ago: executing program 4 (id=1622):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x20004, <r2=>r0, 0x2})
r3 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f00000000c0)={<r4=>0x0, 0x0, r2})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c64d2, &(0x7f00000002c0)={r4})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(0xffffffffffffffff, 0x0, 0x0)
r6 = getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x800448d4, &(0x7f0000000000)={0x1, 0x2, '\x00', 0x0, 0xfd})
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
prctl$PR_SET_PTRACER(0x59616d61, r6)
add_key(&(0x7f0000000140)='encrypted\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r5, 0x90004)
openat$kvm(0xffffff9c, &(0x7f0000000040), 0xe080, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c900"], 0x16)
sync()
sync()
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="2c0000001800090400000001fedbdf250a000000000000000000008008001e0001000000080008"], 0x2c}}, 0x0)
sync()
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
sync()
ppoll(&(0x7f00000000c0)=[{r5, 0x60}], 0x1, 0x0, 0x0, 0x0)

317.921348ms ago: executing program 1 (id=1623):
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r0, 0x104, 0x5, &(0x7f0000000080)=0x3de, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18)
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x18, 0x30, 0x401, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0xf000000, 0x0, 0x854}, 0x0)

249.736421ms ago: executing program 2 (id=1624):
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c45, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x800, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001", @ANYRESHEX], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc3c0000000c0a01010000000f000000000a0000060900020073797a31000000000900010073797a3100000000100003800c000080080003400000000214000000110001"], 0xa0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)={{0x14, 0x10, 0x1, 0x0, 0x8400, {0x7}}, [@NFT_MSG_DELSETELEM={0x3c, 0xe, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x64}, 0x1, 0x0, 0x0, 0x8080}, 0x400c040)
socket$kcm(0xa, 0x922000000003, 0x11)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001340)=ANY=[], 0x78}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000000)={0xc7f0}, 0x10)
write(r4, &(0x7f0000000600)="240000001a005f0214f9f4070009040081000000fd000002000000000800040001e628d9", 0x24)
recvfrom$unix(r4, &(0x7f0000001880)=""/4096, 0x1000, 0x1, &(0x7f00000012c0)=@file={0x1, './file0\x00'}, 0x6e)
getpid()
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000f00)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0200", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x15, 0xd, 0x8}}}}}}, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f00000002c0)={'rose0\x00', 0x1})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x9c, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @local}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT={0x8}]}, 0x9c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)

66.568543ms ago: executing program 2 (id=1625):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000140)=0xfffff801)
ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f0000000040)={{{0x1, 0x1}}, 0x0, 0x180000, 0x0})

0s ago: executing program 2 (id=1626):
syz_open_dev$sg(0x0, 0x489, 0x210300)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002640)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x0, &(0x7f0000000040)})
getpgrp(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000400000008d0000007100000095"], &(0x7f00000008c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000002c0)={{0x0, 0xeeef0000, 0xe, 0x0, 0x81, 0x4, 0xa, 0x4e, 0x0, 0x5, 0x6, 0x1}, {0x5000, 0xffff1000, 0x3, 0x5, 0x2, 0x8, 0xd, 0x3, 0x0, 0x81, 0x8, 0x1}, {0x5000, 0x0, 0x0, 0x7, 0x3, 0x1, 0x7, 0xf, 0x8, 0x6, 0x2}, {0xeeef0000, 0x5000, 0x4, 0x2, 0x1, 0x3, 0xc, 0x0, 0x1, 0x5, 0x4, 0x8}, {0x100002, 0xeeee8000, 0x9, 0x0, 0x80, 0xee, 0x0, 0x7, 0x7c, 0x0, 0xe, 0x9}, {0x3000, 0x1000, 0x8, 0x1, 0x5, 0x4, 0x1, 0x1, 0x6, 0x86, 0x55, 0x2}, {0xeeee8000, 0xeeee0000, 0xc, 0x7, 0x7, 0x3, 0x1d, 0x47, 0x30, 0x7, 0x8, 0xe1}, {0xf000, 0x2, 0xc, 0xf8, 0xfd, 0xa, 0x2, 0x44, 0x3, 0x8, 0xf, 0xce}, {0x1000, 0x7}, {0x6000, 0x5}, 0x80000035, 0x0, 0x0, 0x50, 0x7, 0x1000, 0xeeef0000, [0x5, 0x8001, 0x8]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000334000/0xc00000)=nil, 0xc00000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x5377f000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

kernel console output (not intermixed with test programs):

9434][ T6124] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  260.932361][ T6124] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.938996][ T6124] hub 10-1:1.0: bad descriptor, ignoring hub
[  260.943553][ T6124] hub 10-1:1.0: probe with driver hub failed with error -5
[  260.949523][ T6124] cdc_wdm 10-1:1.0: skipping garbage
[  260.952877][ T6124] cdc_wdm 10-1:1.0: skipping garbage
[  260.956095][ T6124] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  260.960679][ T6124] cdc_wdm 10-1:1.0: Unknown control protocol
[  261.181146][T10578] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  261.183632][T10578] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  261.187525][T10578] vhci_hcd vhci_hcd.0: Device attached
[  261.219896][T10578] random: crng reseeded on system resumption
[  261.238680][T10578] Restarting kernel threads ...
[  261.242328][T10578] Done restarting kernel threads.
[  261.276363][T10584] siw: device registration error -23
[  261.462619][ T3246] usb 42-1: SetAddress Request (26) to port 0
[  261.464828][ T3246] usb 42-1: new SuperSpeed USB device number 26 using vhci_hcd
[  261.483025][ T6069] usb usb40-port1: unable to enumerate USB device
[  261.495134][ T6041] usb 10-1: USB disconnect, device number 2
[  261.557931][ T5940] bridge0: port 3(syz_tun) entered disabled state
[  261.573891][ T5940] syz_tun (unregistering): left allmulticast mode
[  261.576205][ T5940] syz_tun (unregistering): left promiscuous mode
[  261.578472][ T5940] bridge0: port 3(syz_tun) entered disabled state
[  261.585745][  T221] smc: removing ib device syz1
[  261.594520][ T6030] syz1: Port: 1 Link DOWN
[  261.999168][T10579] vhci_hcd: connection reset by peer
[  262.002595][   T46] vhci_hcd vhci_hcd.2: stop threads
[  262.004916][   T46] vhci_hcd vhci_hcd.2: release socket
[  262.007514][   T46] vhci_hcd vhci_hcd.2: disconnect device
[  262.125833][ T6802] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.129152][ T6802] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  262.245459][ T6802] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.249737][ T6802] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  262.309191][ T5300] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  262.313735][ T5300] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  262.316412][ T5300] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  262.319035][ T5300] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  262.321527][ T5300] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  262.338093][T10596] 9p: Bad value for 'wfdno'
[  262.351550][ T6802] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.355417][ T6802] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  262.374261][T10594] lo speed is unknown, defaulting to 1000
[  262.376829][T10594] wg2 speed is unknown, defaulting to 1000
[  262.444200][ T6802] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.447607][ T6802] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  262.553718][T10599] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  262.555921][T10599] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  262.558649][T10599] vhci_hcd vhci_hcd.0: Device attached
[  262.604867][T10594] chnl_net:caif_netlink_parms(): no params data found
[  262.622765][ T6124] wg2 speed is unknown, defaulting to 1000
[  262.624693][ T6124] syz2: Port: 1 Link DOWN
[  262.640391][ T6124] wg2 speed is unknown, defaulting to 1000
[  262.664920][ T6802] bridge_slave_1: left allmulticast mode
[  262.666740][ T6802] bridge_slave_1: left promiscuous mode
[  262.668626][ T6802] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.678189][ T6802] bridge_slave_0: left allmulticast mode
[  262.680098][ T6802] bridge_slave_0: left promiscuous mode
[  262.682144][ T6802] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.726091][T10608] siw: device registration error -23
[  262.940605][ T6802] bond2 (unregistering): (slave geneve2): Releasing active interface
[  262.974989][ T6802] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  263.129356][T10602] vhci_hcd: connection closed
[  263.130078][ T1221] vhci_hcd vhci_hcd.4: stop threads
[  263.134599][ T1221] vhci_hcd vhci_hcd.4: release socket
[  263.140507][ T1221] vhci_hcd vhci_hcd.4: disconnect device
[  263.524802][ T6802] bond0 (unregistering): left promiscuous mode
[  263.526739][ T6802] bond_slave_0: left promiscuous mode
[  263.528501][ T6802] bond_slave_1: left promiscuous mode
[  263.543602][ T6802] bond1 (unregistering): (slave macvlan2): Releasing active interface
[  263.546941][ T6802] macvlan2 (unregistering): left promiscuous mode
[  263.562754][ T6802] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  263.568559][ T6802] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  263.572351][ T6802] bond0 (unregistering): Released all slaves
[  263.576858][ T6802] bond1 (unregistering): Released all slaves
[  263.583066][ T6802] bond2 (unregistering): Released all slaves
[  263.589397][ T6802] bond3 (unregistering): Released all slaves
[  263.596773][ T6802] bond4 (unregistering): Released all slaves
[  263.656112][T10594] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.658948][T10594] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.661570][T10594] bridge_slave_0: entered allmulticast mode
[  263.664426][T10594] bridge_slave_0: entered promiscuous mode
[  263.667650][T10594] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.670089][T10594] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.672489][T10594] bridge_slave_1: entered allmulticast mode
[  263.680743][T10594] bridge_slave_1: entered promiscuous mode
[  263.707819][    T9] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  263.713664][ T6802] tipc: Left network mode
[  263.716695][T10627] lo speed is unknown, defaulting to 1000
[  263.721323][T10594] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.727263][T10594] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  263.748924][ T6802] IPVS: stopping master sync thread 10261 ...
[  263.749974][T10594] team0: Port device team_slave_0 added
[  263.760218][T10627] wg2 speed is unknown, defaulting to 1000
[  263.761588][T10594] team0: Port device team_slave_1 added
[  263.825987][T10594] batman_adv: batadv0: Adding interface: batadv_slave_0
[  263.828240][T10594] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  263.842594][T10594] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  263.851005][T10594] batman_adv: batadv0: Adding interface: batadv_slave_1
[  263.858133][T10594] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  263.866616][T10594] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  263.959856][T10594] hsr_slave_0: entered promiscuous mode
[  263.962130][T10594] hsr_slave_1: entered promiscuous mode
[  263.964729][T10594] debugfs: 'hsr0' already exists in 'hsr'
[  263.966571][T10594] Cannot create hsr debugfs directory
[  263.992395][T10644] syzkaller0: entered promiscuous mode
[  263.994553][T10644] syzkaller0: entered allmulticast mode
[  264.073670][T10648] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1008'.
[  264.222609][ T6802] hsr_slave_0: left promiscuous mode
[  264.227012][ T6802] hsr_slave_1: left promiscuous mode
[  264.229096][ T6802] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  264.231603][ T6802] batman_adv: batadv0: Removing interface: batadv_slave_0
[  264.313139][ T6802] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.316315][ T6802] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.330597][ T6802] veth1_vlan: left promiscuous mode
[  264.335654][ T6802] veth0_vlan: left promiscuous mode
[  264.362637][ T5300] Bluetooth: hci1: command tx timeout
[  264.718690][ T6802] team0 (unregistering): Port device team_slave_1 removed
[  264.744516][ T6802] team0 (unregistering): Port device team_slave_0 removed
[  264.847038][ T1221] smc: removing ib device syz2
[  265.233053][T10677] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1014'.
[  265.252075][T10668] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1013'.
[  265.265418][T10669] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1013'.
[  265.797882][T10691] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  266.057885][T10711] netlink: 'syz.5.1017': attribute type 1 has an invalid length.
[  266.120110][T10594] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  266.124872][T10594] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  266.129090][T10594] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  266.134393][T10594] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  266.184814][T10594] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.196762][T10594] 8021q: adding VLAN 0 to HW filter on device team0
[  266.208086][ T8880] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.210594][ T8880] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.220249][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.222796][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.387586][T10594] 8021q: adding VLAN 0 to HW filter on device batadv0
[  266.432933][ T5300] Bluetooth: hci1: command tx timeout
[  266.436314][T10594] veth0_vlan: entered promiscuous mode
[  266.441089][T10594] veth1_vlan: entered promiscuous mode
[  266.466989][T10594] veth0_macvtap: entered promiscuous mode
[  266.471544][T10594] veth1_macvtap: entered promiscuous mode
[  266.487672][T10735] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  266.489813][T10735] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  266.492470][T10735] vhci_hcd vhci_hcd.0: Device attached
[  266.496993][T10594] batman_adv: batadv0: Interface activated: batadv_slave_0
[  266.506159][T10594] batman_adv: batadv0: Interface activated: batadv_slave_1
[  266.513875][ T8880] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  266.516656][ T8880] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  266.523470][ T3246] usb 42-1: device descriptor read/8, error -110
[  266.523609][ T8880] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.531136][ T8880] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.578325][ T8880] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.580887][ T8880] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.603921][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.607159][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.762729][ T5977] usb 41-1: new low-speed USB device number 10 using vhci_hcd
[  267.062885][T10738] vhci_hcd: connection reset by peer
[  267.285615][ T1141] vhci_hcd vhci_hcd.2: stop threads
[  267.287719][ T1141] vhci_hcd vhci_hcd.2: release socket
[  267.289727][ T1141] vhci_hcd vhci_hcd.2: disconnect device
[  267.573441][T10763] syzkaller0: entered promiscuous mode
[  267.575234][T10763] syzkaller0: entered allmulticast mode
[  268.157112][T10780] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  268.492264][T10796] loop9: detected capacity change from 0 to 7
[  268.512721][ T5300] Bluetooth: hci1: command tx timeout
[  268.640085][T10808] syzkaller0: entered promiscuous mode
[  268.641964][T10808] syzkaller0: entered allmulticast mode
[  268.954613][T10825] siw: device registration error -23
[  269.205067][T10831] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  269.207274][T10831] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  269.213336][T10831] vhci_hcd vhci_hcd.0: Device attached
[  269.288158][T10835] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  269.533957][ T6030] usb 39-1: new low-speed USB device number 8 using vhci_hcd
[  269.780428][T10833] vhci_hcd: connection reset by peer
[  269.786119][ T1141] vhci_hcd vhci_hcd.1: stop threads
[  269.791650][ T1141] vhci_hcd vhci_hcd.1: release socket
[  269.795365][ T1141] vhci_hcd vhci_hcd.1: disconnect device
[  270.592692][ T5300] Bluetooth: hci1: command tx timeout
[  271.269159][T10891] siw: device registration error -23
[  271.275794][T10889] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  271.527844][T10895] siw: device registration error -23
[  271.863030][ T5977] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  272.533634][T10902] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  272.535696][T10902] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  272.538455][T10902] vhci_hcd vhci_hcd.0: Device attached
[  272.752686][T10916] vhci_hcd: connection closed
[  272.756410][ T8880] vhci_hcd vhci_hcd.4: stop threads
[  272.759780][ T8880] vhci_hcd vhci_hcd.4: release socket
[  272.773150][ T8880] vhci_hcd vhci_hcd.4: disconnect device
[  272.802670][ T6451] usb 45-1: new low-speed USB device number 3 using vhci_hcd
[  272.805300][ T6451] usb 45-1: enqueue for inactive port 0
[  272.872664][ T6451] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  272.903029][ T3246] usb usb42-port1: attempt power cycle
[  272.966801][T10922] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  273.238412][T10937] Bluetooth: MGMT ver 1.23
[  273.295243][T10937] syz.5.1064: vmalloc error: size 1734553390, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  273.300858][T10937] CPU: 0 UID: 0 PID: 10937 Comm: syz.5.1064 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  273.300887][T10937] Tainted: [L]=SOFTLOCKUP
[  273.300895][T10937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  273.300907][T10937] Call Trace:
[  273.300914][T10937]  <TASK>
[  273.300922][T10937]  dump_stack_lvl+0x16c/0x1f0
[  273.301040][T10937]  warn_alloc+0x248/0x3a0
[  273.301064][T10937]  ? __pfx_warn_alloc+0x10/0x10
[  273.301087][T10937]  ? reacquire_held_locks+0xcd/0x1f0
[  273.301111][T10937]  ? __lock_acquire+0x436/0x2890
[  273.301130][T10937]  ? ip_set_sockfn_get+0x18e/0xd30
[  273.301154][T10937]  __vmalloc_node_range_noprof+0x12c2/0x16b0
[  273.301179][T10937]  ? lock_acquire+0x179/0x330
[  273.301196][T10937]  ? ip_set_sockfn_get+0x18e/0xd30
[  273.301217][T10937]  ? __lock_acquire+0x436/0x2890
[  273.301233][T10937]  ? trace_contention_end+0xdd/0x110
[  273.301253][T10937]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  273.301271][T10937]  ? find_held_lock+0x2b/0x80
[  273.301303][T10937]  ? ip_set_sockfn_get+0x18e/0xd30
[  273.301322][T10937]  __vmalloc_node_noprof+0xad/0xf0
[  273.301348][T10937]  ? ip_set_sockfn_get+0x18e/0xd30
[  273.301401][T10937]  ip_set_sockfn_get+0x18e/0xd30
[  273.301426][T10937]  ? __pfx_ip_set_sockfn_get+0x10/0x10
[  273.301451][T10937]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  273.301490][T10937]  nf_getsockopt+0x7c/0xe0
[  273.301529][T10937]  ip_getsockopt+0x18c/0x1e0
[  273.301552][T10937]  ? __pfx_ip_getsockopt+0x10/0x10
[  273.301579][T10937]  raw_getsockopt+0x4d/0x1f0
[  273.301600][T10937]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  273.301627][T10937]  do_sock_getsockopt+0x324/0x410
[  273.301658][T10937]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  273.301683][T10937]  ? __fget_files+0x204/0x3c0
[  273.301756][T10937]  __sys_getsockopt+0x123/0x1b0
[  273.301787][T10937]  __ia32_sys_getsockopt+0xbc/0x160
[  273.301808][T10937]  ? __do_fast_syscall_32+0x9a/0x680
[  273.301836][T10937]  ? lockdep_hardirqs_on+0x7c/0x110
[  273.301863][T10937]  __do_fast_syscall_32+0xe8/0x680
[  273.301892][T10937]  do_fast_syscall_32+0x32/0x80
[  273.301909][T10937]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  273.301931][T10937] RIP: 0023:0xf70dd579
[  273.301946][T10937] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  273.301964][T10937] RSP: 002b:00000000f54ac55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  273.301982][T10937] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000000
[  273.301994][T10937] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000080000040
[  273.302006][T10937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  273.302017][T10937] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  273.302029][T10937] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  273.302052][T10937]  </TASK>
[  273.302058][T10937] Mem-Info:
[  273.331674][T10944] siw: device registration error -23
[  273.345019][T10937] active_anon:12606 inactive_anon:8 isolated_anon:0
[  273.345019][T10937]  active_file:7161 inactive_file:15985 isolated_file:0
[  273.345019][T10937]  unevictable:1768 dirty:180 writeback:0
[  273.345019][T10937]  slab_reclaimable:7534 slab_unreclaimable:58063
[  273.345019][T10937]  mapped:30604 shmem:8946 pagetables:1362
[  273.345019][T10937]  sec_pagetables:314 bounce:0
[  273.345019][T10937]  kernel_misc_reclaimable:0
[  273.345019][T10937]  free:44717 free_pcp:11633 free_cma:0
[  273.418405][T10937] Node 0 active_anon:1972kB inactive_anon:8kB active_file:140kB inactive_file:156kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:8kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9952kB pagetables:1588kB sec_pagetables:1156kB all_unreclaimable? yes Balloon:0kB
[  273.434048][T10937] Node 1 active_anon:48652kB inactive_anon:24kB active_file:28504kB inactive_file:63784kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:122396kB dirty:712kB writeback:0kB shmem:32244kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4416kB pagetables:3860kB sec_pagetables:100kB all_unreclaimable? no Balloon:0kB
[  273.487382][ T3246] usb usb42-port1: unable to enumerate USB device
[  273.494169][T10937] Node 0 DMA free:2088kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:448kB local_pcp:60kB free_cma:0kB
[  273.503634][T10937] lowmem_reserve[]: 0 289 289 289 289
[  273.505420][T10937] Node 0 DMA32 free:17116kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:920KB active_anon:1968kB inactive_anon:8kB active_file:140kB inactive_file:156kB unevictable:3536kB writepending:8kB zspages:0kB present:1032196kB managed:296812kB mlocked:0kB bounce:0kB free_pcp:13652kB local_pcp:3244kB free_cma:0kB
[  273.515499][T10937] lowmem_reserve[]: 0 0 0 0 0
[  273.517001][T10937] Node 1 DMA32 free:159408kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48652kB inactive_anon:24kB active_file:28504kB inactive_file:63784kB unevictable:3536kB writepending:712kB zspages:2676kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:32576kB local_pcp:5264kB free_cma:0kB
[  273.536203][T10937] lowmem_reserve[]: 0 0 0 0 0
[  273.537870][T10937] Node 0 DMA: 12*4kB (UM) 3*8kB (U) 2*16kB (UM) 8*32kB (U) 3*64kB (U) 2*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2088kB
[  273.542493][T10937] Node 0 DMA32: 119*4kB (UEH) 60*8kB (UEH) 46*16kB (UMH) 96*32kB (UEH) 67*64kB (UMEH) 29*128kB (UMEH) 13*256kB (UM) 2*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 17116kB
[  273.548096][T10937] Node 1 DMA32: 124*4kB (UME) 1184*8kB (UME) 1322*16kB (UME) 372*32kB (UME) 226*64kB (UME) 108*128kB (UME) 54*256kB (UME) 29*512kB (ME) 6*1024kB (ME) 16*2048kB (UM) 5*4096kB (UM) = 159376kB
[  273.555723][T10937] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  273.558846][T10937] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  273.561793][T10937] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  273.565145][T10937] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  273.568087][T10937] 32469 total pagecache pages
[  273.569704][T10937] 381 pages in swap cache
[  273.571124][T10937] Free swap  = 117484kB
[  273.572469][T10937] Total swap = 124996kB
[  273.574209][T10937] 524155 pages RAM
[  273.575424][T10937] 0 pages HighMem/MovableOnly
[  273.576938][T10937] 209059 pages reserved
[  273.578332][T10937] 0 pages cma reserved
[  273.910995][T10959] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1065'.
[  274.096977][T10955] netlink: 296 bytes leftover after parsing attributes in process `syz.4.1066'.
[  274.115276][T10955] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  274.117335][T10955] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  274.120782][T10955] vhci_hcd vhci_hcd.0: Device attached
[  274.132114][T10955] netlink: 'syz.4.1066': attribute type 1 has an invalid length.
[  274.159038][T10955] bond1: (slave geneve2): making interface the new active one
[  274.161768][T10955] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  274.169874][T10966] vhci_hcd: connection closed
[  274.169895][ T6855] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[  274.176859][ T8880] vhci_hcd vhci_hcd.4: stop threads
[  274.178687][ T8880] vhci_hcd vhci_hcd.4: release socket
[  274.180697][ T8880] vhci_hcd vhci_hcd.4: disconnect device
[  274.184267][ T6855] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[  274.188773][ T6855] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[  274.193914][ T6855] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[  274.387789][T10972] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  274.395970][T10972] CIFS mount error: No usable UNC path provided in device string!
[  274.395970][T10972] 
[  274.399182][T10972] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  274.642778][ T6021] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  274.672754][ T6030] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  274.793483][ T6021] usb 7-1: Using ep0 maxpacket: 8
[  274.797188][ T6021] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  274.812790][ T6021] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  274.817474][ T6021] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  274.821733][ T6021] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  274.832624][ T6021] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  274.836386][ T6021] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.861472][T10976] Cannot find add_set index 2 as target
[  275.424728][T10987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.428033][T10987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.705164][ T6021] usb 7-1: usb_control_msg returned -71
[  275.706964][ T6021] usbtmc 7-1:16.0: can't read capabilities
[  275.717776][ T6021] usb 7-1: USB disconnect, device number 14
[  276.425483][T11002] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1076'.
[  276.883892][T11022] siw: device registration error -23
[  277.616378][T11031] siw: device registration error -23
[  277.650040][T11020] netlink: 296 bytes leftover after parsing attributes in process `syz.2.1078'.
[  277.653900][T11020] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  277.653917][T11020] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  277.654093][T11020] vhci_hcd vhci_hcd.0: Device attached
[  277.656143][T11020] netlink: 'syz.2.1078': attribute type 1 has an invalid length.
[  277.668267][T11034] vhci_hcd: connection closed
[  277.668551][   T46] vhci_hcd vhci_hcd.2: stop threads
[  277.668566][   T46] vhci_hcd vhci_hcd.2: release socket
[  277.668577][   T46] vhci_hcd vhci_hcd.2: disconnect device
[  278.294930][T11041] siw: device registration error -23
[  280.137196][T11082] netlink: 296 bytes leftover after parsing attributes in process `syz.1.1091'.
[  280.180357][T11082] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  280.182785][T11082] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  280.186451][T11082] vhci_hcd vhci_hcd.0: Device attached
[  280.198886][T11082] netlink: 'syz.1.1091': attribute type 1 has an invalid length.
[  280.285817][T11084] vhci_hcd: connection closed
[  280.286029][ T6112] vhci_hcd vhci_hcd.1: stop threads
[  280.289984][ T6112] vhci_hcd vhci_hcd.1: release socket
[  280.291955][ T6112] vhci_hcd vhci_hcd.1: disconnect device
[  280.495514][T11088] siw: device registration error -23
[  282.637797][T11123] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  282.639904][T11123] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  282.642493][T11123] vhci_hcd vhci_hcd.0: Device attached
[  282.977719][T11146] kvm: pic: non byte read
[  282.979585][T11146] kvm: pic: non byte read
[  282.981323][T11146] kvm: pic: non byte read
[  282.983281][ T6030] usb 42-1: SetAddress Request (30) to port 0
[  282.985715][T11146] kvm: pic: non byte read
[  282.987152][ T6030] usb 42-1: new SuperSpeed USB device number 30 using vhci_hcd
[  282.990095][T11146] kvm: pic: non byte read
[  282.991747][T11146] kvm: pic: non byte read
[  282.994270][T11146] kvm: pic: non byte read
[  282.996032][T11146] kvm: pic: non byte read
[  282.998119][T11146] kvm: pic: non byte read
[  282.999997][T11146] kvm: pic: non byte read
[  283.305995][T11136] vhci_hcd: connection reset by peer
[  283.308837][   T13] vhci_hcd vhci_hcd.2: stop threads
[  283.314318][   T13] vhci_hcd vhci_hcd.2: release socket
[  283.317580][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  283.971792][T11149] netlink: 296 bytes leftover after parsing attributes in process `syz.5.1107'.
[  283.978147][T11149] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  283.980277][T11149] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  283.986253][T11149] vhci_hcd vhci_hcd.0: Device attached
[  283.992284][T11149] netlink: 'syz.5.1107': attribute type 1 has an invalid length.
[  284.017707][T11149] bond1: (slave geneve2): making interface the new active one
[  284.020955][T11149] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  284.032801][ T1141] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[  284.035642][ T1141] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[  284.037729][T11163] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  284.038598][ T1141] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[  284.040644][T11163] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  284.051452][ T1141] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[  284.057440][T11160] vhci_hcd: connection closed
[  284.057601][ T1141] vhci_hcd vhci_hcd.5: stop threads
[  284.058658][T11163] vhci_hcd vhci_hcd.0: Device attached
[  284.059235][ T1141] vhci_hcd vhci_hcd.5: release socket
[  284.064774][ T1141] vhci_hcd vhci_hcd.5: disconnect device
[  284.342748][   T54] usb 46-1: SetAddress Request (2) to port 0
[  284.345522][   T54] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  284.537542][T11171] Cannot find del_set index 2 as target
[  284.677022][T11164] vhci_hcd: connection reset by peer
[  284.679939][   T96] vhci_hcd vhci_hcd.4: stop threads
[  284.682014][   T96] vhci_hcd vhci_hcd.4: release socket
[  284.683970][ T5944] Bluetooth: hci1: command 0x0405 tx timeout
[  284.688854][   T96] vhci_hcd vhci_hcd.4: disconnect device
[  284.814442][T11184] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  285.346549][T11197] raw_sendmsg: syz.1.1116 forgot to set AF_INET. Fix it!
[  285.918455][T11203] netlink: 'syz.4.1118': attribute type 3 has an invalid length.
[  286.456260][T11215] siw: device registration error -23
[  287.517896][T11221] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  287.596077][T11219] netlink: 296 bytes leftover after parsing attributes in process `syz.1.1122'.
[  287.601834][T11219] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  287.603944][T11219] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  287.607320][T11219] vhci_hcd vhci_hcd.0: Device attached
[  287.611998][T11219] netlink: 'syz.1.1122': attribute type 1 has an invalid length.
[  287.638702][T11219] bond1: (slave geneve2): making interface the new active one
[  287.641669][T11219] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  287.645147][ T8060] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[  287.658964][T11224] vhci_hcd: connection closed
[  287.659582][ T8060] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[  287.670921][ T6802] vhci_hcd vhci_hcd.1: stop threads
[  287.682853][ T6802] vhci_hcd vhci_hcd.1: release socket
[  287.684678][ T6802] vhci_hcd vhci_hcd.1: disconnect device
[  287.702670][ T8060] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[  287.706340][ T8060] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[  287.746969][T11233] siw: device registration error -23
[  288.141327][ T6030] usb 42-1: device descriptor read/8, error -110
[  288.323279][T11243] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  288.550760][ T6030] usb usb42-port1: attempt power cycle
[  289.162113][ T6030] usb usb42-port1: unable to enumerate USB device
[  289.320113][T11266] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1132'.
[  289.326814][T11266] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1132'.
[  289.402653][   T54] usb 46-1: device descriptor read/8, error -110
[  289.433946][T11270] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  289.803126][   T54] usb usb46-port1: attempt power cycle
[  290.025088][T11258] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  290.028294][T11258] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  290.146331][T11258] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  290.148695][T11258] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  290.199905][T11258] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  290.203307][T11258] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  290.386580][   T54] usb usb46-port1: unable to enumerate USB device
[  290.984383][T11317] netlink: 296 bytes leftover after parsing attributes in process `syz.1.1137'.
[  291.008842][T11317] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  291.011265][T11317] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  291.017808][T11317] vhci_hcd vhci_hcd.0: Device attached
[  291.030644][T11317] netlink: 'syz.1.1137': attribute type 1 has an invalid length.
[  291.060012][T11337] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1139'.
[  291.103349][T11333] vhci_hcd: connection closed
[  291.103905][ T8880] vhci_hcd vhci_hcd.1: stop threads
[  291.107315][ T8880] vhci_hcd vhci_hcd.1: release socket
[  291.109131][ T8880] vhci_hcd vhci_hcd.1: disconnect device
[  291.323165][   T40] audit: type=1326 audit(1766450451.635:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11350 comm="syz.2.1144" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd3579 code=0x0
[  292.222803][   T54] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  292.348671][T11378] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1153'.
[  292.356878][   T54] usb 6-1: device descriptor read/64, error -71
[  292.455828][   T40] audit: type=1326 audit(1766450452.765:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.472640][   T40] audit: type=1326 audit(1766450452.775:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.479121][   T40] audit: type=1326 audit(1766450452.775:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.491541][T11384] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  292.501803][   T40] audit: type=1326 audit(1766450452.775:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.516016][   T40] audit: type=1326 audit(1766450452.775:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.524938][   T40] audit: type=1326 audit(1766450452.775:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.531606][   T40] audit: type=1326 audit(1766450452.775:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.538530][   T40] audit: type=1326 audit(1766450452.785:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.546100][   T40] audit: type=1326 audit(1766450452.795:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11380 comm="syz.4.1154" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf703d579 code=0x7ffc0000
[  292.602659][   T54] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  292.732978][   T54] usb 6-1: device descriptor read/64, error -71
[  292.778651][T11387] netlink: 296 bytes leftover after parsing attributes in process `syz.2.1155'.
[  292.785782][T11387] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  292.787897][T11387] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  292.790569][T11387] vhci_hcd vhci_hcd.0: Device attached
[  292.794578][T11387] netlink: 'syz.2.1155': attribute type 1 has an invalid length.
[  292.809080][T11389] vhci_hcd: connection closed
[  292.809374][ T1221] vhci_hcd vhci_hcd.2: stop threads
[  292.813674][ T1221] vhci_hcd vhci_hcd.2: release socket
[  292.816064][ T1221] vhci_hcd vhci_hcd.2: disconnect device
[  292.843428][   T54] usb usb6-port1: attempt power cycle
[  293.192750][   T54] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  293.215354][   T54] usb 6-1: device descriptor read/8, error -71
[  293.270100][T11396] siw: device registration error -23
[  293.652666][   T54] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  293.763039][   T54] usb 6-1: device descriptor read/8, error -71
[  293.945053][   T54] usb usb6-port1: unable to enumerate USB device
[  294.560841][T11425] x_tables: duplicate underflow at hook 3
[  294.593964][T11430] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1165'.
[  294.640148][T11430] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  295.181009][T11455] siw: device registration error -23
[  295.402869][ T6024] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  295.576592][ T6024] usb 6-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x43, changing to 0x3
[  295.580918][ T6024] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x3 has invalid maxpacket 65, setting to 64
[  295.584560][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  295.592056][ T6024] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  295.595832][ T6024] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  295.598866][ T6024] usb 6-1: Product: syz
[  295.600347][ T6024] usb 6-1: Manufacturer: syz
[  295.601938][ T6024] usb 6-1: SerialNumber: syz
[  295.611810][ T6024] usb 6-1: config 0 descriptor??
[  295.616485][T11448] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  295.627653][ T6024] usb 6-1: selecting invalid altsetting 0
[  295.771912][T11462] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  295.774012][T11462] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  295.782688][T11462] vhci_hcd vhci_hcd.0: Device attached
[  295.943066][T11448] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled
[  296.221025][T11464] vhci_hcd: connection closed
[  296.224108][   T13] vhci_hcd vhci_hcd.5: stop threads
[  296.230332][   T13] vhci_hcd vhci_hcd.5: release socket
[  296.244516][   T13] vhci_hcd vhci_hcd.5: disconnect device
[  296.495151][    T9] usb 47-1: new high-speed USB device number 2 using vhci_hcd
[  296.498077][    T9] usb 47-1: enqueue for inactive port 0
[  297.264118][    T9] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  297.317533][ T6021] usb 6-1: USB disconnect, device number 11
[  297.552718][ T3246] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  297.702643][ T3246] usb 7-1: Using ep0 maxpacket: 32
[  297.706475][ T3246] usb 7-1: config 0 has an invalid interface number: 186 but max is 0
[  297.709948][ T3246] usb 7-1: config 0 has no interface number 0
[  297.713181][ T3246] usb 7-1: config 0 interface 186 has no altsetting 0
[  297.717982][ T3246] usb 7-1: New USB device found, idVendor=0499, idProduct=1000, bcdDevice=30.11
[  297.721827][ T3246] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.726013][ T3246] usb 7-1: Product: syz
[  297.727814][ T3246] usb 7-1: Manufacturer: syz
[  297.729822][ T3246] usb 7-1: SerialNumber: syz
[  297.736767][ T3246] usb 7-1: config 0 descriptor??
[  297.743972][ T3246] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  297.762444][ T3246] snd-usb-audio 7-1:0.186: probe with driver snd-usb-audio failed with error -2
[  297.779844][ T9751] udevd[9751]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.186/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  297.950796][T11481] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1173'.
[  297.955366][T11481] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1173'.
[  298.122594][ T6083] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  298.222232][T11501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1179'.
[  298.285408][ T6083] usb 10-1: too many configurations: 9, using maximum allowed: 8
[  298.294670][ T6083] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.298335][ T6083] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.312602][ T6083] usb 10-1: config 0 interface 0 has no altsetting 0
[  298.316905][ T6083] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.320519][ T6083] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.325120][ T6083] usb 10-1: config 0 interface 0 has no altsetting 0
[  298.329103][ T6083] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.333014][ T6083] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.337420][ T6083] usb 10-1: config 0 interface 0 has no altsetting 0
[  298.342197][ T6083] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.346033][ T6083] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.350515][ T6083] usb 10-1: config 0 interface 0 has no altsetting 0
[  298.355890][ T6083] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.359555][ T6083] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.364532][ T6083] usb 10-1: config 0 interface 0 has no altsetting 0
[  298.368810][ T6083] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.372332][ T6083] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.376813][ T6083] usb 10-1: config 0 interface 0 has no altsetting 0
[  298.381104][ T6083] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.385064][ T6083] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.389575][ T6083] usb 10-1: config 0 interface 0 has no altsetting 0
[  298.394155][ T6083] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.397612][ T6083] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.402092][ T6083] usb 10-1: config 0 interface 0 has no altsetting 0
[  298.407663][ T6083] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  298.411244][ T6083] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  298.414459][ T6083] usb 10-1: Product: syz
[  298.415837][ T6083] usb 10-1: Manufacturer: syz
[  298.417362][ T6083] usb 10-1: SerialNumber: syz
[  298.424609][ T6083] usb 10-1: config 0 descriptor??
[  298.434385][ T6083] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0
[  299.033235][T11506] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  299.036012][T11506] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1180'.
[  299.090520][ T6083] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  299.149303][ T6083] hid-generic 0000:0000:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  299.206286][T11511] fido_id[11511]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  299.215400][T11514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1182'.
[  299.225949][T11514] hsr_slave_0: left promiscuous mode
[  299.232879][T11514] hsr_slave_1: left promiscuous mode
[  299.360849][T11517] siw: device registration error -23
[  299.739070][T11520] siw: device registration error -23
[  300.148465][T11527] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  300.150654][T11527] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  300.153464][T11527] vhci_hcd vhci_hcd.0: Device attached
[  300.388288][ T6003] usb 7-1: USB disconnect, device number 15
[  300.402691][ T6083] usb 39-1: new low-speed USB device number 9 using vhci_hcd
[  300.482802][T11532] netlink: 'syz.2.1187': attribute type 11 has an invalid length.
[  300.691088][    C2] usb 10-1: yurex_control_callback - control failed: -2
[  300.783905][T11528] vhci_hcd: connection reset by peer
[  300.786418][ T6112] vhci_hcd vhci_hcd.1: stop threads
[  300.797484][ T6112] vhci_hcd vhci_hcd.1: release socket
[  300.802853][ T6030] usb 10-1: USB disconnect, device number 3
[  300.804232][ T6112] vhci_hcd vhci_hcd.1: disconnect device
[  300.814101][ T6030] yurex 10-1:0.0: USB YUREX #0 now disconnected
[  301.448005][T11557] siw: device registration error -23
[  302.372758][T11575] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  302.740208][T11573] netlink: 296 bytes leftover after parsing attributes in process `syz.5.1197'.
[  302.756403][T11573] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  302.758575][T11573] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  302.761557][T11573] vhci_hcd vhci_hcd.0: Device attached
[  302.773627][T11573] netlink: 'syz.5.1197': attribute type 1 has an invalid length.
[  302.797068][T11583] vhci_hcd: connection closed
[  302.801074][  T221] vhci_hcd vhci_hcd.5: stop threads
[  302.811143][  T221] vhci_hcd vhci_hcd.5: release socket
[  302.813012][  T221] vhci_hcd vhci_hcd.5: disconnect device
[  303.065029][   T40] kauditd_printk_skb: 52 callbacks suppressed
[  303.065044][   T40] audit: type=1326 audit(1766450463.375:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11586 comm="syz.2.1200" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x0
[  303.397614][T11593] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  303.399880][T11593] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  303.406604][T11593] vhci_hcd vhci_hcd.0: Device attached
[  303.462738][ T6024] usb 7-1: new low-speed USB device number 16 using dummy_hcd
[  303.498649][T11603] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1205'.
[  303.592647][ T6024] usb 7-1: device descriptor read/64, error -71
[  303.662610][ T6069] usb 45-1: new low-speed USB device number 4 using vhci_hcd
[  303.842641][ T6024] usb 7-1: new low-speed USB device number 17 using dummy_hcd
[  303.972589][ T6024] usb 7-1: device descriptor read/64, error -71
[  304.072766][T11594] vhci_hcd: connection reset by peer
[  304.074824][ T1221] vhci_hcd vhci_hcd.4: stop threads
[  304.076715][ T1221] vhci_hcd vhci_hcd.4: release socket
[  304.078497][ T1221] vhci_hcd vhci_hcd.4: disconnect device
[  304.083179][ T6024] usb usb7-port1: attempt power cycle
[  304.330314][T11610] overlayfs: invalid origin (0000)
[  304.422611][ T6024] usb 7-1: new low-speed USB device number 18 using dummy_hcd
[  304.443070][ T6024] usb 7-1: device descriptor read/8, error -71
[  304.554703][T11620] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_bridge, syncid = 32, id = 0
[  304.563985][T11615] fuse: Bad value for 'user_id'
[  304.565687][T11615] fuse: Bad value for 'user_id'
[  304.692748][ T6024] usb 7-1: new low-speed USB device number 19 using dummy_hcd
[  304.713107][ T6024] usb 7-1: device descriptor read/8, error -71
[  304.822843][ T6024] usb usb7-port1: unable to enumerate USB device
[  305.005555][   T40] audit: type=1326 audit(1766450465.315:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11623 comm="syz.4.1210" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0
[  305.237014][T11628] syzkaller0: entered promiscuous mode
[  305.238863][T11628] syzkaller0: entered allmulticast mode
[  305.466000][T11630] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  305.552781][ T6083] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  306.905078][T11659] netlink: 'syz.4.1219': attribute type 12 has an invalid length.
[  306.907617][T11659] netlink: 'syz.4.1219': attribute type 29 has an invalid length.
[  306.910096][T11659] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1219'.
[  306.913136][T11659] netlink: 59 bytes leftover after parsing attributes in process `syz.4.1219'.
[  307.042850][T11664] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  307.050122][T11664] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1217'.
[  307.054612][T11662] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1219'.
[  307.214653][T11675] syzkaller0: entered promiscuous mode
[  307.216473][T11675] syzkaller0: entered allmulticast mode
[  307.717633][T11703] siw: device registration error -23
[  307.872441][T11708] syzkaller0: entered promiscuous mode
[  307.874672][T11708] syzkaller0: entered allmulticast mode
[  308.144889][T11714] siw: device registration error -23
[  308.742680][ T6069] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  308.853314][T11718] siw: device registration error -23
[  308.855518][T11719] binder: BINDER_SET_CONTEXT_MGR already set
[  308.857519][T11719] binder: 11716:11719 ioctl 4018620d 80000040 returned -16
[  310.372692][T11741] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  310.374803][T11741] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  310.384473][T11741] vhci_hcd vhci_hcd.0: Device attached
[  310.393966][T11741] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(7)
[  310.396055][T11741] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  310.404707][T11741] vhci_hcd vhci_hcd.0: Device attached
[  310.407473][T11741] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(9)
[  310.409591][T11741] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  310.414369][T11741] vhci_hcd vhci_hcd.0: Device attached
[  310.418005][T11741] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(11)
[  310.420568][T11741] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  310.426957][T11741] vhci_hcd vhci_hcd.0: Device attached
[  310.531265][T11754] FAULT_INJECTION: forcing a failure.
[  310.531265][T11754] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  310.538919][T11754] CPU: 2 UID: 0 PID: 11754 Comm: syz.2.1238 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  310.538946][T11754] Tainted: [L]=SOFTLOCKUP
[  310.538951][T11754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  310.538961][T11754] Call Trace:
[  310.538967][T11754]  <TASK>
[  310.538973][T11754]  dump_stack_lvl+0x16c/0x1f0
[  310.539002][T11754]  should_fail_ex+0x512/0x640
[  310.539023][T11754]  should_fail_alloc_page+0xe7/0x130
[  310.539049][T11754]  prepare_alloc_pages+0x401/0x670
[  310.539070][T11754]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  310.539084][T11754]  ? blk_mq_get_tag+0x7f4/0xac0
[  310.539102][T11754]  ? __pfx_blk_mq_get_tag+0x10/0x10
[  310.539119][T11754]  ? __pfx_autoremove_wake_function+0x10/0x10
[  310.539137][T11754]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  310.539152][T11754]  ? __lock_acquire+0x436/0x2890
[  310.539167][T11754]  ? do_raw_spin_lock+0x12c/0x2b0
[  310.539180][T11754]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  310.539199][T11754]  ? policy_nodemask+0xea/0x4e0
[  310.539217][T11754]  alloc_pages_mpol+0x1fb/0x550
[  310.539234][T11754]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  310.539251][T11754]  ? __pfx_bio_alloc_bioset+0x10/0x10
[  310.539267][T11754]  ? __pfx___debug_object_init+0x10/0x10
[  310.539287][T11754]  alloc_pages_noprof+0x131/0x390
[  310.539308][T11754]  blk_rq_map_kern+0x4e2/0x7d0
[  310.539324][T11754]  scsi_execute_cmd+0xbd9/0xec0
[  310.539342][T11754]  ? __kasan_kmalloc+0xaa/0xb0
[  310.539358][T11754]  ? __ia32_compat_sys_ioctl+0x242/0x370
[  310.539373][T11754]  ? __pfx_scsi_execute_cmd+0x10/0x10
[  310.539393][T11754]  sr_do_ioctl+0x219/0x840
[  310.539412][T11754]  ? __pfx_sr_do_ioctl+0x10/0x10
[  310.539435][T11754]  sr_packet+0xee/0x1c0
[  310.539450][T11754]  mmc_ioctl_dvd_read_struct+0xd77/0x1410
[  310.539468][T11754]  ? __lock_acquire+0x436/0x2890
[  310.539478][T11754]  ? __pfx_mmc_ioctl_dvd_read_struct+0x10/0x10
[  310.539501][T11754]  cdrom_ioctl+0x28a0/0x3780
[  310.539511][T11754]  ? __pfx___might_resched+0x10/0x10
[  310.539526][T11754]  ? __pfx_cdrom_ioctl+0x10/0x10
[  310.539536][T11754]  ? rpm_resume+0x7f7/0x12f0
[  310.539548][T11754]  ? rcu_is_watching+0x12/0xc0
[  310.539564][T11754]  ? rpm_resume+0x7f7/0x12f0
[  310.539574][T11754]  ? trace_rpm_return_int+0x196/0x1f0
[  310.539587][T11754]  ? rpm_resume+0x7fc/0x12f0
[  310.539599][T11754]  ? sr_block_ioctl+0x118/0x250
[  310.539616][T11754]  ? __pfx_rpm_resume+0x10/0x10
[  310.539627][T11754]  ? do_raw_spin_lock+0x12c/0x2b0
[  310.539640][T11754]  ? find_held_lock+0x2b/0x80
[  310.539657][T11754]  ? lockdep_hardirqs_on+0x7c/0x110
[  310.539674][T11754]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  310.539689][T11754]  ? __pm_runtime_resume+0xc3/0x170
[  310.539704][T11754]  sr_block_ioctl+0x1b0/0x250
[  310.539720][T11754]  ? __pfx_sr_block_ioctl+0x10/0x10
[  310.539734][T11754]  blkdev_compat_ptr_ioctl+0x9f/0xe0
[  310.539748][T11754]  ? __pfx_blkdev_compat_ptr_ioctl+0x10/0x10
[  310.539761][T11754]  compat_blkdev_ioctl+0x2ee/0x7a0
[  310.539778][T11754]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  310.539791][T11754]  ? __fput_deferred+0x480/0x480
[  310.539821][T11754]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  310.539836][T11754]  __ia32_compat_sys_ioctl+0x242/0x370
[  310.539851][T11754]  __do_fast_syscall_32+0xe8/0x680
[  310.539870][T11754]  do_fast_syscall_32+0x32/0x80
[  310.539880][T11754]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  310.539894][T11754] RIP: 0023:0xf7fd3579
[  310.539903][T11754] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  310.539914][T11754] RSP: 002b:00000000f54c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  310.539925][T11754] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005390
[  310.539932][T11754] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  310.539939][T11754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  310.539945][T11754] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  310.539951][T11754] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  310.539964][T11754]  </TASK>
[  310.742698][ T6024] usb 40-1: SetAddress Request (30) to port 0
[  310.745520][ T6024] usb 40-1: new SuperSpeed USB device number 30 using vhci_hcd
[  310.791919][T11742] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  310.795523][T11742] netlink: 84 bytes leftover after parsing attributes in process `syz.5.1235'.
[  310.886091][T11757] syzkaller0: entered promiscuous mode
[  310.887827][T11757] syzkaller0: entered allmulticast mode
[  311.140627][T11751] vhci_hcd: connection closed
[  311.141819][T11747] vhci_hcd: connection closed
[  311.143993][T11745] vhci_hcd: connection reset by peer
[  311.153832][T11749] vhci_hcd: connection closed
[  311.154624][ T1221] vhci_hcd vhci_hcd.1: stop threads
[  311.157915][ T1221] vhci_hcd vhci_hcd.1: release socket
[  311.173305][ T1221] vhci_hcd vhci_hcd.1: disconnect device
[  311.175315][ T1221] vhci_hcd vhci_hcd.1: stop threads
[  311.177076][ T1221] vhci_hcd vhci_hcd.1: release socket
[  311.178890][ T1221] vhci_hcd vhci_hcd.1: disconnect device
[  311.181878][ T1221] vhci_hcd vhci_hcd.1: stop threads
[  311.183670][ T1221] vhci_hcd vhci_hcd.1: release socket
[  311.186089][ T1221] vhci_hcd vhci_hcd.1: disconnect device
[  311.193838][ T1221] vhci_hcd vhci_hcd.1: stop threads
[  311.196930][ T1221] vhci_hcd vhci_hcd.1: release socket
[  311.200948][ T1221] vhci_hcd vhci_hcd.1: disconnect device
[  311.202281][T11759] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1240'.
[  311.206275][T11759] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1240'.
[  311.234764][T11762] fuse: Unknown parameter 'group_i00000000000000000000'
[  311.310563][T11768] batman_adv: batadv0: Adding interface: vlan2
[  311.313604][T11768] batman_adv: batadv0: The MTU of interface vlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  311.324394][T11768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.328924][T11768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.333187][T11768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  311.337290][T11768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.341348][T11768] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active
[  311.473978][T11769] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  311.476211][T11769] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  311.479075][T11769] vhci_hcd vhci_hcd.0: Device attached
[  311.578807][T11775] fuse: Bad value for 'user_id'
[  311.580873][T11775] fuse: Bad value for 'user_id'
[  311.712637][ T6083] usb 47-1: new low-speed USB device number 3 using vhci_hcd
[  312.088223][T11772] vhci_hcd: connection reset by peer
[  312.096354][   T13] vhci_hcd vhci_hcd.5: stop threads
[  312.099405][   T13] vhci_hcd vhci_hcd.5: release socket
[  312.103166][   T13] vhci_hcd vhci_hcd.5: disconnect device
[  312.783992][T11801] syzkaller0: entered promiscuous mode
[  312.785877][T11801] syzkaller0: entered allmulticast mode
[  312.850623][T11805] fuse: Unknown parameter 'group_i00000000000000000000'
[  312.967771][T11809] siw: device registration error -23
[  313.411600][T11820] netlink: 'syz.5.1258': attribute type 1 has an invalid length.
[  313.425260][T11820] netlink: 228 bytes leftover after parsing attributes in process `syz.5.1258'.
[  313.599469][T11823] fuse: Bad value for 'user_id'
[  313.601357][T11823] fuse: Bad value for 'user_id'
[  313.605092][T11824] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_bridge, syncid = 32, id = 0
[  313.893616][T11827] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  313.895680][T11827] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  313.924491][T11827] vhci_hcd vhci_hcd.0: Device attached
[  313.924897][T11830] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1258'.
[  314.071392][   T40] audit: type=1326 audit(1766450474.375:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  314.071700][   T40] audit: type=1326 audit(1766450474.375:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f02598 code=0x7ffc0000
[  314.071877][   T40] audit: type=1326 audit(1766450474.375:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  314.072112][   T40] audit: type=1326 audit(1766450474.375:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f02598 code=0x7ffc0000
[  314.072304][   T40] audit: type=1326 audit(1766450474.375:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  314.072479][   T40] audit: type=1326 audit(1766450474.375:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f02598 code=0x7ffc0000
[  314.072648][   T40] audit: type=1326 audit(1766450474.385:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  314.072809][   T40] audit: type=1326 audit(1766450474.385:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f02598 code=0x7ffc0000
[  314.072969][   T40] audit: type=1326 audit(1766450474.385:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f02598 code=0x7ffc0000
[  314.073120][   T40] audit: type=1326 audit(1766450474.385:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11831 comm="syz.1.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  314.121791][T11837] fuse: Unknown parameter 'group_i00000000000000000000'
[  314.273548][T11828] vhci_hcd: connection closed
[  314.276027][   T13] vhci_hcd vhci_hcd.5: stop threads
[  314.292460][   T13] vhci_hcd vhci_hcd.5: release socket
[  314.295971][   T13] vhci_hcd vhci_hcd.5: disconnect device
[  314.298476][T11839] siw: device registration error -23
[  314.515595][T11840] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  314.518458][T11840] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  314.523858][T11840] vhci_hcd vhci_hcd.0: Device attached
[  314.792811][  T959] usb 45-1: new low-speed USB device number 5 using vhci_hcd
[  315.027436][T11845] vhci_hcd: connection reset by peer
[  315.030045][   T13] vhci_hcd vhci_hcd.4: stop threads
[  315.032461][   T13] vhci_hcd vhci_hcd.4: release socket
[  315.037150][   T13] vhci_hcd vhci_hcd.4: disconnect device
[  315.512341][T11881] fuse: Unknown parameter 'group_id00000000000000000000'
[  315.720925][T11886] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1272'.
[  315.872819][ T6024] usb 40-1: device descriptor read/8, error -110
[  316.264850][ T6024] usb usb40-port1: attempt power cycle
[  316.435081][T11889] siw: device registration error -23
[  316.533215][T11893] binder_alloc: 11891: binder_alloc_buf, no vma
[  316.536352][T11893] binder: 11891:11893 ioctl 5402 0 returned -22
[  316.537203][T11895] bridge1: entered promiscuous mode
[  316.540813][T11895] bridge1: entered allmulticast mode
[  316.544380][T11895] team0: Port device bridge1 added
[  316.550704][T11895] bridge0: port 3(team0) entered blocking state
[  316.553853][T11895] bridge0: port 3(team0) entered disabled state
[  316.555931][T11895] team0: entered allmulticast mode
[  316.557588][T11895] team_slave_0: entered allmulticast mode
[  316.559434][T11895] team_slave_1: entered allmulticast mode
[  316.562454][T11895] team0: entered promiscuous mode
[  316.565172][T11895] team_slave_0: entered promiscuous mode
[  316.567086][T11895] team_slave_1: entered promiscuous mode
[  316.569442][T11895] bridge0: port 3(team0) entered blocking state
[  316.571500][T11895] bridge0: port 3(team0) entered forwarding state
[  316.576711][T11895] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1276'.
[  316.579596][T11895] team0: left allmulticast mode
[  316.581220][T11895] team_slave_0: left allmulticast mode
[  316.583326][T11895] team_slave_1: left allmulticast mode
[  316.585137][T11895] team0: left promiscuous mode
[  316.586793][T11895] team_slave_0: left promiscuous mode
[  316.588671][T11895] team_slave_1: left promiscuous mode
[  316.590685][T11895] bridge0: port 3(team0) entered disabled state
[  316.596050][T11895] bridge_slave_1: left allmulticast mode
[  316.597879][T11895] bridge_slave_1: left promiscuous mode
[  316.599890][T11895] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.607535][T11895] bridge_slave_0: left allmulticast mode
[  316.609475][T11895] bridge_slave_0: left promiscuous mode
[  316.611465][T11895] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.755026][T11913] fuse: Unknown parameter 'group_id00000000000000000000'
[  316.822864][ T6083] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  316.856521][ T6024] usb usb40-port1: unable to enumerate USB device
[  316.919084][T11919] siw: device registration error -23
[  317.228286][T11929] fuse: Bad value for 'user_id'
[  317.229954][T11929] fuse: Bad value for 'user_id'
[  317.435876][T11935] FAULT_INJECTION: forcing a failure.
[  317.435876][T11935] name failslab, interval 1, probability 0, space 0, times 0
[  317.446992][T11935] CPU: 2 UID: 0 PID: 11935 Comm: syz.4.1288 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  317.447012][T11935] Tainted: [L]=SOFTLOCKUP
[  317.447016][T11935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  317.447023][T11935] Call Trace:
[  317.447026][T11935]  <TASK>
[  317.447031][T11935]  dump_stack_lvl+0x16c/0x1f0
[  317.447051][T11935]  should_fail_ex+0x512/0x640
[  317.447065][T11935]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  317.447080][T11935]  should_failslab+0xc2/0x120
[  317.447097][T11935]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  317.447111][T11935]  ? __d_alloc+0x35/0xa80
[  317.447123][T11935]  ? __d_alloc+0x35/0xa80
[  317.447132][T11935]  ? trace_kmem_cache_alloc+0x28/0xb0
[  317.447148][T11935]  __d_alloc+0x35/0xa80
[  317.447157][T11935]  ? __pfx_map_id_range_down+0x10/0x10
[  317.447174][T11935]  d_alloc_pseudo+0x1c/0xc0
[  317.447188][T11935]  alloc_file_pseudo+0xcf/0x230
[  317.447201][T11935]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  317.447216][T11935]  sock_alloc_file+0x50/0x210
[  317.447233][T11935]  do_accept+0x240/0x530
[  317.447244][T11935]  ? do_raw_spin_lock+0x12c/0x2b0
[  317.447257][T11935]  ? __pfx_do_accept+0x10/0x10
[  317.447276][T11935]  __sys_accept4_file+0xcd/0x210
[  317.447288][T11935]  ? __pfx___sys_accept4_file+0x10/0x10
[  317.447307][T11935]  __ia32_sys_accept4+0xd5/0x150
[  317.447320][T11935]  __do_fast_syscall_32+0xe8/0x680
[  317.447339][T11935]  do_fast_syscall_32+0x32/0x80
[  317.447349][T11935]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  317.447363][T11935] RIP: 0023:0xf703d579
[  317.447372][T11935] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  317.447383][T11935] RSP: 002b:00000000f540c55c EFLAGS: 00000296 ORIG_RAX: 000000000000016c
[  317.447394][T11935] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000000
[  317.447400][T11935] RDX: 0000000000000000 RSI: 0000000000080000 RDI: 0000000000000000
[  317.447407][T11935] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  317.447413][T11935] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  317.447419][T11935] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  317.447432][T11935]  </TASK>
[  317.817445][T11944] fuse: Unknown parameter 'group_id00000000000000000000'
[  317.862698][ T6024] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  317.899767][T11946] siw: device registration error -23
[  318.037942][ T6024] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  318.061200][ T6024] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  318.066991][ T6024] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  318.081276][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  318.091921][T11949] siw: device registration error -23
[  318.093500][ T6024] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  318.100575][ T6024] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  318.105659][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  318.110665][ T6024] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  318.115600][ T6024] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  318.120559][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  318.126439][ T6024] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  318.129355][ T6024] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  318.133912][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  318.156738][ T6024] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  318.160218][ T6024] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  318.165275][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  318.169792][ T6024] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  318.173416][    T9] usb usb48-port1: attempt power cycle
[  318.173422][ T6024] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  318.180770][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  318.184643][ T6024] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  318.187893][ T6024] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  318.191445][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  318.283418][ T6024] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  318.290035][ T6024] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  318.300652][ T6024] usb 6-1: config 0 interface 0 has no altsetting 0
[  318.309270][ T6024] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  318.312313][ T6024] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  318.326145][ T6024] usb 6-1: Product: syz
[  318.337209][ T6024] usb 6-1: Manufacturer: syz
[  318.346702][ T6024] usb 6-1: SerialNumber: syz
[  318.385271][ T6024] usb 6-1: config 0 descriptor??
[  318.417773][ T6024] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  318.657629][T11953] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  318.659751][T11953] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  318.672812][T11953] vhci_hcd vhci_hcd.0: Device attached
[  318.717599][T11953] random: crng reseeded on system resumption
[  318.834054][    T9] usb usb48-port1: unable to enumerate USB device
[  318.852993][T11953] Restarting kernel threads ...
[  318.871921][T11953] Done restarting kernel threads.
[  319.062979][T11961] vhci_hcd: connection closed
[  319.063249][ T1221] vhci_hcd vhci_hcd.4: stop threads
[  319.068840][ T1221] vhci_hcd vhci_hcd.4: release socket
[  319.072890][ T1221] vhci_hcd vhci_hcd.4: disconnect device
[  319.905718][    C3] usb 6-1: yurex_control_callback - control failed: -2
[  319.951509][ T6083] usb 6-1: USB disconnect, device number 12
[  319.952659][  T959] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  319.961956][ T6083] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  320.085795][T11986] siw: device registration error -23
[  320.434793][T12000] siw: device registration error -23
[  321.082893][  T959] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  321.243002][  T959] usb 10-1: Using ep0 maxpacket: 16
[  321.250938][  T959] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  321.255579][  T959] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  321.263090][  T959] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice=e5.00
[  321.266253][  T959] usb 10-1: New USB device strings: Mfr=255, Product=0, SerialNumber=0
[  321.272614][  T959] usb 10-1: Manufacturer: syz
[  321.287592][  T959] usb 10-1: config 0 descriptor??
[  321.683059][   T54] usb usb46-port1: attempt power cycle
[  321.716217][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  321.718762][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  322.064953][T12023] siw: device registration error -23
[  322.253256][   T54] usb usb46-port1: unable to enumerate USB device
[  322.985023][T12042] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1315'.
[  323.364634][T12041] 
: renamed from bond_slave_0 (while UP)
[  324.330222][  T959] usbhid 10-1:0.0: can't add hid device: -71
[  324.332220][  T959] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  324.347560][  T959] usb 10-1: USB disconnect, device number 4
[  324.819769][T12088] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  324.838262][T12091] siw: device registration error -23
[  325.070545][T12101] capability: warning: `syz.5.1331' uses 32-bit capabilities (legacy support in use)
[  325.314032][T12102] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  325.316658][T12102] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  325.319457][T12102] vhci_hcd vhci_hcd.0: Device attached
[  325.402677][   T54] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  325.553704][   T54] usb 10-1: Using ep0 maxpacket: 32
[  325.556825][   T54] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  325.562083][   T54] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  325.565067][   T54] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  325.567682][   T54] usb 10-1: Product: syz
[  325.569048][   T54] usb 10-1: Manufacturer: syz
[  325.570624][   T54] usb 10-1: SerialNumber: syz
[  325.577886][   T54] usb 10-1: config 0 descriptor??
[  325.580816][T12106] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  325.592617][   T24] usb 39-1: new low-speed USB device number 10 using vhci_hcd
[  325.803209][T12108] vhci_hcd: connection reset by peer
[  325.805800][ T7814] vhci_hcd vhci_hcd.1: stop threads
[  325.807742][   T54] usb 10-1: USB disconnect, device number 5
[  325.809842][ T7814] vhci_hcd vhci_hcd.1: release socket
[  325.812999][ T7814] vhci_hcd vhci_hcd.1: disconnect device
[  326.500550][T12124] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1336'.
[  326.610885][T12126] siw: device registration error -23
[  327.724522][T12138] FAULT_INJECTION: forcing a failure.
[  327.724522][T12138] name failslab, interval 1, probability 0, space 0, times 0
[  327.729079][T12138] CPU: 3 UID: 0 PID: 12138 Comm: syz.4.1341 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  327.729104][T12138] Tainted: [L]=SOFTLOCKUP
[  327.729109][T12138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  327.729119][T12138] Call Trace:
[  327.729126][T12138]  <TASK>
[  327.729133][T12138]  dump_stack_lvl+0x16c/0x1f0
[  327.729162][T12138]  should_fail_ex+0x512/0x640
[  327.729185][T12138]  ? __kmalloc_cache_node_noprof+0x62/0x830
[  327.729208][T12138]  should_failslab+0xc2/0x120
[  327.729234][T12138]  __kmalloc_cache_node_noprof+0x83/0x830
[  327.729257][T12138]  ? __get_vm_area_node+0x101/0x330
[  327.729279][T12138]  ? __page_table_check_zero+0x2f2/0x4a0
[  327.729306][T12138]  ? __get_vm_area_node+0x101/0x330
[  327.729329][T12138]  ? __pfx___page_table_check_zero+0x10/0x10
[  327.729352][T12138]  __get_vm_area_node+0x101/0x330
[  327.729376][T12138]  __vmalloc_node_range_noprof+0x247/0x16b0
[  327.729394][T12138]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  327.729414][T12138]  ? post_alloc_hook+0x19e/0x220
[  327.729437][T12138]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  327.729456][T12138]  ? __pfx___might_resched+0x10/0x10
[  327.729480][T12138]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  327.729497][T12138]  ? should_fail_alloc_page+0xee/0x130
[  327.729521][T12138]  ? rcu_is_watching+0x12/0xc0
[  327.729543][T12138]  ? trace_mm_page_alloc+0x11b/0x180
[  327.729570][T12138]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  327.729589][T12138]  __vmalloc_node_noprof+0xad/0xf0
[  327.729605][T12138]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  327.729627][T12138]  __vmalloc_noprof+0xa3/0x120
[  327.729638][T12138]  ? __pfx___vmalloc_noprof+0x10/0x10
[  327.729659][T12138]  ? apparmor_capable+0x1d7/0x4e0
[  327.729677][T12138]  bpf_prog_alloc_no_stats+0x58/0x600
[  327.729697][T12138]  ? security_capable+0x7e/0x260
[  327.729721][T12138]  bpf_prog_alloc+0x3b/0x230
[  327.729739][T12138]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  327.729766][T12138]  bpf_prog_load+0x19bc/0x2cc0
[  327.729790][T12138]  ? _parse_integer_limit+0x17f/0x1d0
[  327.729815][T12138]  ? __pfx_bpf_prog_load+0x10/0x10
[  327.729839][T12138]  ? __lock_acquire+0x436/0x2890
[  327.729880][T12138]  __sys_bpf+0x3e72/0x4980
[  327.729898][T12138]  ? __pfx___sys_bpf+0x10/0x10
[  327.729911][T12138]  ? find_held_lock+0x2b/0x80
[  327.729934][T12138]  ? find_held_lock+0x2b/0x80
[  327.729960][T12138]  ? __mutex_unlock_slowpath+0x161/0x790
[  327.729999][T12138]  ? fput+0x70/0xf0
[  327.730015][T12138]  ? ksys_write+0x1ac/0x250
[  327.730033][T12138]  ? __pfx_ksys_write+0x10/0x10
[  327.730061][T12138]  __ia32_sys_bpf+0x76/0xe0
[  327.730076][T12138]  ? lockdep_hardirqs_on+0x7c/0x110
[  327.730099][T12138]  __do_fast_syscall_32+0xe8/0x680
[  327.730123][T12138]  do_fast_syscall_32+0x32/0x80
[  327.730138][T12138]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  327.730158][T12138] RIP: 0023:0xf703d579
[  327.730171][T12138] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  327.730192][T12138] RSP: 002b:00000000f540c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  327.730205][T12138] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800054c0
[  327.730214][T12138] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  327.730223][T12138] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  327.730233][T12138] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  327.730243][T12138] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  327.730265][T12138]  </TASK>
[  327.730273][T12138] syz.4.1341: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  327.853428][T12138] CPU: 3 UID: 0 PID: 12138 Comm: syz.4.1341 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  327.853447][T12138] Tainted: [L]=SOFTLOCKUP
[  327.853451][T12138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  327.853457][T12138] Call Trace:
[  327.853462][T12138]  <TASK>
[  327.853467][T12138]  dump_stack_lvl+0x16c/0x1f0
[  327.853487][T12138]  warn_alloc+0x248/0x3a0
[  327.853502][T12138]  ? __pfx_warn_alloc+0x10/0x10
[  327.853514][T12138]  ? trace_kmalloc+0x2b/0xb0
[  327.853529][T12138]  ? __kmalloc_cache_node_noprof+0x2ed/0x830
[  327.853548][T12138]  ? __kasan_kmalloc+0x8a/0xb0
[  327.853563][T12138]  ? __get_vm_area_node+0x208/0x330
[  327.853583][T12138]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  327.853593][T12138]  ? post_alloc_hook+0x19e/0x220
[  327.853608][T12138]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  327.853625][T12138]  ? __pfx___might_resched+0x10/0x10
[  327.853641][T12138]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  327.853653][T12138]  ? should_fail_alloc_page+0xee/0x130
[  327.853675][T12138]  ? rcu_is_watching+0x12/0xc0
[  327.853690][T12138]  ? trace_mm_page_alloc+0x11b/0x180
[  327.853708][T12138]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  327.853722][T12138]  __vmalloc_node_noprof+0xad/0xf0
[  327.853732][T12138]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  327.853747][T12138]  __vmalloc_noprof+0xa3/0x120
[  327.853761][T12138]  ? __pfx___vmalloc_noprof+0x10/0x10
[  327.853774][T12138]  ? apparmor_capable+0x1d7/0x4e0
[  327.853789][T12138]  bpf_prog_alloc_no_stats+0x58/0x600
[  327.853803][T12138]  ? security_capable+0x7e/0x260
[  327.853821][T12138]  bpf_prog_alloc+0x3b/0x230
[  327.853834][T12138]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  327.853851][T12138]  bpf_prog_load+0x19bc/0x2cc0
[  327.853868][T12138]  ? _parse_integer_limit+0x17f/0x1d0
[  327.853887][T12138]  ? __pfx_bpf_prog_load+0x10/0x10
[  327.853902][T12138]  ? __lock_acquire+0x436/0x2890
[  327.853926][T12138]  __sys_bpf+0x3e72/0x4980
[  327.853939][T12138]  ? __pfx___sys_bpf+0x10/0x10
[  327.853948][T12138]  ? find_held_lock+0x2b/0x80
[  327.853965][T12138]  ? find_held_lock+0x2b/0x80
[  327.853982][T12138]  ? __mutex_unlock_slowpath+0x161/0x790
[  327.854007][T12138]  ? fput+0x70/0xf0
[  327.854034][T12138]  ? ksys_write+0x1ac/0x250
[  327.854050][T12138]  ? __pfx_ksys_write+0x10/0x10
[  327.854068][T12138]  __ia32_sys_bpf+0x76/0xe0
[  327.854078][T12138]  ? lockdep_hardirqs_on+0x7c/0x110
[  327.854094][T12138]  __do_fast_syscall_32+0xe8/0x680
[  327.854113][T12138]  do_fast_syscall_32+0x32/0x80
[  327.854123][T12138]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  327.854137][T12138] RIP: 0023:0xf703d579
[  327.854145][T12138] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  327.854156][T12138] RSP: 002b:00000000f540c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  327.854167][T12138] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800054c0
[  327.854173][T12138] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  327.854185][T12138] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  327.854191][T12138] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  327.854198][T12138] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  327.854211][T12138]  </TASK>
[  327.854243][T12138] Mem-Info:
[  327.958830][T12138] active_anon:21757 inactive_anon:10 isolated_anon:0
[  327.958830][T12138]  active_file:7334 inactive_file:16005 isolated_file:0
[  327.958830][T12138]  unevictable:1768 dirty:318 writeback:0
[  327.958830][T12138]  slab_reclaimable:7584 slab_unreclaimable:58541
[  327.958830][T12138]  mapped:33791 shmem:17534 pagetables:1361
[  327.958830][T12138]  sec_pagetables:315 bounce:0
[  327.958830][T12138]  kernel_misc_reclaimable:0
[  327.958830][T12138]  free:24974 free_pcp:20558 free_cma:0
[  327.972308][T12138] Node 0 active_anon:1972kB inactive_anon:8kB active_file:140kB inactive_file:156kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:72kB dirty:140kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9844kB pagetables:1588kB sec_pagetables:1156kB all_unreclaimable? yes Balloon:0kB
[  327.981562][T12138] Node 1 active_anon:85056kB inactive_anon:32kB active_file:29196kB inactive_file:63864kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:134492kB dirty:1132kB writeback:0kB shmem:66596kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4708kB pagetables:3856kB sec_pagetables:104kB all_unreclaimable? no Balloon:0kB
[  327.991056][T12138] Node 0 DMA free:2088kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:532kB local_pcp:36kB free_cma:0kB
[  327.999884][T12138] lowmem_reserve[]: 0 289 289 289 289
[  328.001598][T12138] Node 0 DMA32 free:17340kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:920KB active_anon:1968kB inactive_anon:8kB active_file:140kB inactive_file:156kB unevictable:3536kB writepending:140kB zspages:0kB present:1032196kB managed:296812kB mlocked:0kB bounce:0kB free_pcp:15156kB local_pcp:3604kB free_cma:0kB
[  328.011423][T12138] lowmem_reserve[]: 0 0 0 0 0
[  328.012942][T12138] Node 1 DMA32 free:80248kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:85056kB inactive_anon:32kB active_file:29196kB inactive_file:63864kB unevictable:3536kB writepending:1132kB zspages:2676kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:67020kB local_pcp:20556kB free_cma:0kB
[  328.022844][T12138] lowmem_reserve[]: 0 0 0 0 0
[  328.212847][T12138] Node 0 DMA: 12*4kB (UM) 3*8kB (U) 2*16kB (UM) 8*32kB (U) 3*64kB (U) 2*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2088kB
[  328.217995][T12138] Node 0 DMA32: 119*4kB (UEH) 60*8kB (UEH) 46*16kB (UMH) 125*32kB (UEH) 70*64kB (UMEH) 26*128kB (UMEH) 11*256kB (UM) 2*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 17340kB
[  328.223208][T12138] Node 1 DMA32: 2212*4kB (UE) 1598*8kB (UE) 1386*16kB (UE) 143*32kB (UME) 46*64kB (UME) 19*128kB (UE) 2*256kB (ME) 2*512kB (UE) 2*1024kB (UE) 3*2048kB (M) 2*4096kB (UM) = 71680kB
[  328.228846][T12138] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  328.231876][T12138] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  328.234770][T12138] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  328.237690][T12138] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  328.240835][T12138] 40658 total pagecache pages
[  328.242800][T12138] 414 pages in swap cache
[  328.244523][T12138] Free swap  = 117484kB
[  328.246222][T12138] Total swap = 124996kB
[  328.247905][T12138] 524155 pages RAM
[  328.249465][T12138] 0 pages HighMem/MovableOnly
[  328.251344][T12138] 209059 pages reserved
[  328.253377][T12138] 0 pages cma reserved
[  328.386159][T12141] Process accounting resumed
[  328.601760][T12164] siw: device registration error -23
[  329.165127][T12176] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  329.167214][T12176] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  329.169680][T12176] vhci_hcd vhci_hcd.0: Device attached
[  329.344288][T12179] vhci_hcd: connection closed
[  329.345549][   T13] vhci_hcd vhci_hcd.2: stop threads
[  329.353767][   T13] vhci_hcd vhci_hcd.2: release socket
[  329.359566][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  329.403344][    T9] usb 41-1: new low-speed USB device number 11 using vhci_hcd
[  329.406079][    T9] usb 41-1: enqueue for inactive port 0
[  329.472722][    T9] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  330.104484][T12214] siw: device registration error -23
[  330.742651][   T24] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  331.364418][T12238] netlink: 'syz.2.1361': attribute type 10 has an invalid length.
[  331.484794][T12221] Process accounting resumed
[  331.743486][T12250] GUP no longer grows the stack in syz.5.1365 (12250): 80006000-8000a000 (80002000)
[  331.747511][T12250] CPU: 2 UID: 0 PID: 12250 Comm: syz.5.1365 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  331.747530][T12250] Tainted: [L]=SOFTLOCKUP
[  331.747534][T12250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  331.747553][T12250] Call Trace:
[  331.747558][T12250]  <TASK>
[  331.747563][T12250]  dump_stack_lvl+0x16c/0x1f0
[  331.747585][T12250]  gup_vma_lookup+0x1d2/0x220
[  331.747602][T12250]  __get_user_pages+0x241/0x3590
[  331.747624][T12250]  ? find_held_lock+0x2b/0x80
[  331.747639][T12250]  ? __pfx___get_user_pages+0x10/0x10
[  331.747659][T12250]  get_user_pages_remote+0x243/0xab0
[  331.747676][T12250]  ? mas_new_root+0x690/0x6e0
[  331.747694][T12250]  ? __pfx_get_user_pages_remote+0x10/0x10
[  331.747712][T12250]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  331.747731][T12250]  __access_remote_vm+0x24d/0x850
[  331.747749][T12250]  ? do_raw_spin_lock+0x12c/0x2b0
[  331.747762][T12250]  ? __pfx___access_remote_vm+0x10/0x10
[  331.747780][T12250]  proc_pid_cmdline_read+0x4de/0x8e0
[  331.747793][T12250]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  331.747806][T12250]  ? rw_verify_area+0xcf/0x6c0
[  331.747821][T12250]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  331.747831][T12250]  vfs_readv+0x5c1/0x8b0
[  331.747848][T12250]  ? __pfx_vfs_readv+0x10/0x10
[  331.747872][T12250]  ? __fget_files+0x20e/0x3c0
[  331.747891][T12250]  ? do_preadv+0x1a6/0x270
[  331.747904][T12250]  do_preadv+0x1a6/0x270
[  331.747918][T12250]  ? __pfx_do_preadv+0x10/0x10
[  331.747936][T12250]  __do_fast_syscall_32+0xe8/0x680
[  331.747955][T12250]  do_fast_syscall_32+0x32/0x80
[  331.747965][T12250]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  331.747979][T12250] RIP: 0023:0xf70dd579
[  331.747988][T12250] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  331.747998][T12250] RSP: 002b:00000000f54ac55c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  331.748009][T12250] RAX: ffffffffffffffda RBX: 0000000000000024 RCX: 0000000080000040
[  331.748016][T12250] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000
[  331.748022][T12250] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  331.748029][T12250] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  331.748035][T12250] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  331.748048][T12250]  </TASK>
[  332.318238][T12259] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  332.320500][T12259] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  332.323185][T12259] vhci_hcd vhci_hcd.0: Device attached
[  332.328718][T12260] vhci_hcd: connection closed
[  332.328911][ T1221] vhci_hcd vhci_hcd.4: stop threads
[  332.331971][ T1221] vhci_hcd vhci_hcd.4: release socket
[  332.333765][ T1221] vhci_hcd vhci_hcd.4: disconnect device
[  332.497213][T12264] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  332.500040][T12264] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  332.503628][T12264] vhci_hcd vhci_hcd.0: Device attached
[  332.705616][T12270] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  332.708227][T12270] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1368'.
[  332.713614][T12265] vhci_hcd: connection closed
[  332.713899][  T221] vhci_hcd vhci_hcd.5: stop threads
[  332.717543][  T221] vhci_hcd vhci_hcd.5: release socket
[  332.720043][  T221] vhci_hcd vhci_hcd.5: disconnect device
[  332.742612][   T24] usb 47-1: new low-speed USB device number 4 using vhci_hcd
[  332.745097][   T24] usb 47-1: enqueue for inactive port 0
[  332.812698][   T24] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  333.090015][T12269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1369'.
[  333.092982][T12269] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1369'.
[  333.117474][T12274] netlink: 296 bytes leftover after parsing attributes in process `syz.4.1370'.
[  333.131067][T12274] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  333.133222][T12274] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  333.135689][T12274] vhci_hcd vhci_hcd.0: Device attached
[  333.143938][T12269] batadv1: entered allmulticast mode
[  333.149681][T12274] netlink: 'syz.4.1370': attribute type 1 has an invalid length.
[  333.173769][T12277] vhci_hcd: connection closed
[  333.174061][  T221] vhci_hcd vhci_hcd.4: stop threads
[  333.177250][  T221] vhci_hcd vhci_hcd.4: release socket
[  333.178956][  T221] vhci_hcd vhci_hcd.4: disconnect device
[  333.204617][T12269] input: syz1 as /devices/virtual/input/input10
[  334.047950][T12296] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  334.200598][T12298] syz.4.1376 (12298): drop_caches: 2
[  334.717039][T12305] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1377'.
[  335.358069][T12294] Process accounting resumed
[  335.461986][T12314] siw: device registration error -23
[  335.487469][T12312] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  335.489643][T12312] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  335.492123][T12312] vhci_hcd vhci_hcd.0: Device attached
[  335.509321][T12293] Process accounting resumed
[  335.735717][T12322] siw: device registration error -23
[  335.783267][   T24] usb 39-1: new low-speed USB device number 11 using vhci_hcd
[  336.026012][T12315] vhci_hcd: connection reset by peer
[  336.033711][   T96] vhci_hcd vhci_hcd.1: stop threads
[  336.037025][   T96] vhci_hcd vhci_hcd.1: release socket
[  336.039623][   T96] vhci_hcd vhci_hcd.1: disconnect device
[  336.149929][T12326] syzkaller0: entered promiscuous mode
[  336.151693][T12326] syzkaller0: entered allmulticast mode
[  336.455250][T12333] kvm: requested 181028 ns i8254 timer period limited to 200000 ns
[  336.459074][T12333] kvm: requested 10057 ns i8254 timer period limited to 200000 ns
[  336.464118][T12333] kvm: requested 147504 ns i8254 timer period limited to 200000 ns
[  336.467499][T12333] kvm: requested 35200 ns i8254 timer period limited to 200000 ns
[  336.471372][T12333] kvm: requested 132419 ns i8254 timer period limited to 200000 ns
[  336.485117][T12333] kvm: requested 186057 ns i8254 timer period limited to 200000 ns
[  336.490887][T12333] kvm: requested 155885 ns i8254 timer period limited to 200000 ns
[  336.492120][T12324] syz.5.1381 (12324) used greatest stack depth: 19208 bytes left
[  336.513457][T12333] kvm: requested 154209 ns i8254 timer period limited to 200000 ns
[  336.518266][T12333] kvm: requested 15085 ns i8254 timer period limited to 200000 ns
[  336.521060][T12338] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1385'.
[  336.526761][T12333] kvm: requested 165942 ns i8254 timer period limited to 200000 ns
[  336.745737][T12344] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1388'.
[  336.842232][T12340] netlink: 296 bytes leftover after parsing attributes in process `syz.5.1386'.
[  336.857730][T12340] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  336.860097][T12340] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  336.862751][T12340] vhci_hcd vhci_hcd.0: Device attached
[  336.865996][T12340] netlink: 'syz.5.1386': attribute type 1 has an invalid length.
[  336.907733][T12353] siw: device registration error -23
[  336.911454][T12347] vhci_hcd: connection closed
[  336.912838][ T8880] vhci_hcd vhci_hcd.5: stop threads
[  336.919700][ T8880] vhci_hcd vhci_hcd.5: release socket
[  336.925059][ T8880] vhci_hcd vhci_hcd.5: disconnect device
[  337.335656][T12359] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  337.338423][T12359] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  337.342098][T12359] vhci_hcd vhci_hcd.0: Device attached
[  337.402086][T12359] random: crng reseeded on system resumption
[  337.424805][T12359] Restarting kernel threads ...
[  337.426861][T12359] Done restarting kernel threads.
[  337.633451][  T959] usb 46-1: SetAddress Request (10) to port 0
[  337.635455][  T959] usb 46-1: new SuperSpeed USB device number 10 using vhci_hcd
[  337.906907][T12367] fuse: Invalid rootmode
[  337.936860][T12360] Process accounting resumed
[  338.180353][T12361] vhci_hcd: connection reset by peer
[  338.213347][ T8880] vhci_hcd vhci_hcd.4: stop threads
[  338.215493][ T8880] vhci_hcd vhci_hcd.4: release socket
[  338.217609][ T8880] vhci_hcd vhci_hcd.4: disconnect device
[  338.495974][T12380] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.499202][T12380] batadv_slave_0: entered allmulticast mode
[  339.748230][T12389] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  339.750380][T12389] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  339.761451][T12389] vhci_hcd vhci_hcd.0: Device attached
[  339.901607][T12391] netlink: 296 bytes leftover after parsing attributes in process `syz.5.1400'.
[  339.907685][T12391] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  339.909875][T12391] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  339.912484][T12391] vhci_hcd vhci_hcd.0: Device attached
[  339.918836][T12391] netlink: 'syz.5.1400': attribute type 1 has an invalid length.
[  339.955118][T12397] vhci_hcd: connection closed
[  339.955394][ T8060] vhci_hcd vhci_hcd.5: stop threads
[  339.959645][ T8060] vhci_hcd vhci_hcd.5: release socket
[  339.962045][ T8060] vhci_hcd vhci_hcd.5: disconnect device
[  339.971523][T12400] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  339.974232][T12400] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1398'.
[  340.072684][   T54] usb 41-1: new low-speed USB device number 12 using vhci_hcd
[  340.364778][T12406] overlayfs: missing 'lowerdir'
[  340.386649][T12393] vhci_hcd: connection reset by peer
[  340.390657][   T13] vhci_hcd vhci_hcd.2: stop threads
[  340.393260][   T13] vhci_hcd vhci_hcd.2: release socket
[  340.395671][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  340.464700][T12408] fuse: Invalid rootmode
[  340.569142][T12411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1405'.
[  340.836183][T12425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1406'.
[  340.839096][T12425] nbd: must specify at least one socket
[  340.902684][   T24] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  341.524704][T12429] netlink: 'syz.1.1410': attribute type 5 has an invalid length.
[  341.548588][T12426] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  341.550825][T12426] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  341.554040][T12426] vhci_hcd vhci_hcd.0: Device attached
[  341.585282][T12426] random: crng reseeded on system resumption
[  341.594168][T12426] Restarting kernel threads ...
[  341.596097][T12426] Done restarting kernel threads.
[  341.776323][T12430] vhci_hcd: connection closed
[  341.776555][  T221] vhci_hcd vhci_hcd.4: stop threads
[  341.780056][  T221] vhci_hcd vhci_hcd.4: release socket
[  341.782411][  T221] vhci_hcd vhci_hcd.4: disconnect device
[  341.897091][T12438] can0: slcan on ttynull.
[  342.192670][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  342.262592][T12450] fuse: Bad value for 'fd'
[  342.672885][  T959] usb 46-1: device descriptor read/8, error -110
[  342.809833][T12458] netlink: 296 bytes leftover after parsing attributes in process `syz.4.1415'.
[  342.946352][T12432] can0 (unregistered): slcan off ttynull.
[  342.989386][T12454] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  342.991706][T12454] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  342.994411][T12454] vhci_hcd vhci_hcd.0: Device attached
[  342.997846][T12454] netlink: 'syz.4.1415': attribute type 1 has an invalid length.
[  343.045682][T12462] vhci_hcd: connection closed
[  343.046040][ T8880] vhci_hcd vhci_hcd.4: stop threads
[  343.049359][ T8880] vhci_hcd vhci_hcd.4: release socket
[  343.051157][ T8880] vhci_hcd vhci_hcd.4: disconnect device
[  343.076458][  T959] usb usb46-port1: attempt power cycle
[  343.118588][T12473] fuse: Invalid rootmode
[  343.203695][T12471] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  343.205830][T12471] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  343.208714][T12471] vhci_hcd vhci_hcd.0: Device attached
[  343.362593][T12477] vhci_hcd: connection closed
[  343.362826][ T1221] vhci_hcd vhci_hcd.1: stop threads
[  343.366220][ T1221] vhci_hcd vhci_hcd.1: release socket
[  343.368108][ T1221] vhci_hcd vhci_hcd.1: disconnect device
[  343.394218][ T6082] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  343.643612][  T959] usb usb46-port1: unable to enumerate USB device
[  344.250886][   T40] kauditd_printk_skb: 104 callbacks suppressed
[  344.250896][   T40] audit: type=1326 audit(1766450504.555:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12512 comm="syz.5.1422" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70dd579 code=0x0
[  345.153606][T12541] fuse: Bad value for 'rootmode'
[  345.883762][T12546] netlink: 296 bytes leftover after parsing attributes in process `syz.2.1429'.
[  345.890222][T12546] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  345.892318][T12546] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  345.895515][T12546] vhci_hcd vhci_hcd.0: Device attached
[  345.898863][T12546] netlink: 'syz.2.1429': attribute type 1 has an invalid length.
[  345.914126][T12558] vhci_hcd: connection closed
[  345.915520][  T221] vhci_hcd vhci_hcd.2: stop threads
[  345.919023][  T221] vhci_hcd vhci_hcd.2: release socket
[  345.920809][  T221] vhci_hcd vhci_hcd.2: disconnect device
[  346.052610][   T54] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  346.190503][ T8060] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  346.213772][ T6802] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  346.222623][ T6802] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  346.226296][ T6802] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  346.257981][   T40] audit: type=1326 audit(1766450506.565:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12564 comm="syz.4.1434" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0
[  346.284060][   T40] audit: type=1400 audit(1766450506.595:267): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=12567 comm="syz.1.1435"
[  346.327196][T12571] fuse: Bad value for 'rootmode'
[  346.466789][T12573] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  346.469016][T12573] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  346.471607][T12573] vhci_hcd vhci_hcd.0: Device attached
[  346.712785][ T6069] usb 47-1: new low-speed USB device number 5 using vhci_hcd
[  346.947030][T12574] vhci_hcd: connection reset by peer
[  346.949461][  T221] vhci_hcd vhci_hcd.5: stop threads
[  346.951581][  T221] vhci_hcd vhci_hcd.5: release socket
[  346.953979][  T221] vhci_hcd vhci_hcd.5: disconnect device
[  349.504258][T12623] siw: device registration error -23
[  350.082655][ T5990] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  350.212632][ T5990] usb 6-1: device descriptor read/64, error -71
[  350.452660][ T5990] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  350.589246][T12637] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  350.592061][T12637] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  350.592768][ T5990] usb 6-1: device descriptor read/64, error -71
[  350.595205][T12637] vhci_hcd vhci_hcd.0: Device attached
[  350.703969][ T5990] usb usb6-port1: attempt power cycle
[  350.914402][T12643] fuse: Bad value for 'fd'
[  351.042622][ T5990] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  351.382989][ T5990] usb 6-1: device descriptor read/8, error -71
[  351.414408][T12638] vhci_hcd: connection closed
[  351.414583][ T1221] vhci_hcd vhci_hcd.5: stop threads
[  351.417879][ T1221] vhci_hcd vhci_hcd.5: release socket
[  351.419684][ T1221] vhci_hcd vhci_hcd.5: disconnect device
[  351.503097][T12646] fuse: Unknown parameter 'use00000000000000000000'
[  351.652618][ T5990] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  351.675750][ T5990] usb 6-1: device descriptor read/8, error -71
[  351.782942][ T5990] usb usb6-port1: unable to enumerate USB device
[  351.862901][ T6069] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  351.987747][T12654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1458'.
[  352.761130][T12664] input: syz0 as /devices/virtual/input/input11
[  353.327863][T12672] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1463'.
[  353.409473][T12674] fuse: Unknown parameter 'use00000000000000000000'
[  353.782643][T12678] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  353.784695][T12678] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  353.798972][T12678] vhci_hcd vhci_hcd.0: Device attached
[  353.869355][T12679] vhci_hcd: connection closed
[  353.870909][  T221] vhci_hcd vhci_hcd.2: stop threads
[  353.880504][  T221] vhci_hcd vhci_hcd.2: release socket
[  353.882255][  T221] vhci_hcd vhci_hcd.2: disconnect device
[  353.891378][T12683] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1465'.
[  354.665685][T12709] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1471'.
[  355.189206][T12712] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  355.191323][T12712] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  355.194560][T12712] vhci_hcd vhci_hcd.0: Device attached
[  355.344754][T12713] vhci_hcd: connection closed
[  355.344977][ T7814] vhci_hcd vhci_hcd.1: stop threads
[  355.348485][ T7814] vhci_hcd vhci_hcd.1: release socket
[  355.350372][ T7814] vhci_hcd vhci_hcd.1: disconnect device
[  355.392798][ T6082] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  355.545242][T12718] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  355.547986][T12718] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  355.551553][T12718] vhci_hcd vhci_hcd.0: Device attached
[  355.722794][T12728] random: crng reseeded on system resumption
[  355.765672][T12718] Restarting kernel threads ...
[  355.767439][T12718] Done restarting kernel threads.
[  355.822642][ T6041] usb 48-1: SetAddress Request (10) to port 0
[  355.825116][ T6041] usb 48-1: new SuperSpeed USB device number 10 using vhci_hcd
[  356.264707][T12721] vhci_hcd: connection reset by peer
[  356.267153][   T96] vhci_hcd vhci_hcd.5: stop threads
[  356.268955][   T96] vhci_hcd vhci_hcd.5: release socket
[  356.270770][   T96] vhci_hcd vhci_hcd.5: disconnect device
[  357.383721][T12763] netlink: 296 bytes leftover after parsing attributes in process `syz.5.1483'.
[  357.400371][T12763] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  357.403150][T12763] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  357.413346][T12763] vhci_hcd vhci_hcd.0: Device attached
[  357.420272][T12763] netlink: 'syz.5.1483': attribute type 1 has an invalid length.
[  357.716959][T12767] vhci_hcd: connection closed
[  357.717447][ T6802] vhci_hcd vhci_hcd.5: stop threads
[  357.742623][ T6802] vhci_hcd vhci_hcd.5: release socket
[  357.745143][ T6802] vhci_hcd vhci_hcd.5: disconnect device
[  357.846546][   T40] audit: type=1326 audit(1766450518.155:268): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.857971][   T40] audit: type=1326 audit(1766450518.155:269): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.868943][   T40] audit: type=1326 audit(1766450518.155:270): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.878714][   T40] audit: type=1326 audit(1766450518.155:271): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.886312][   T40] audit: type=1326 audit(1766450518.155:272): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.893238][   T40] audit: type=1326 audit(1766450518.155:273): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.899987][   T40] audit: type=1326 audit(1766450518.155:274): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.906725][   T40] audit: type=1326 audit(1766450518.155:275): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.914902][   T40] audit: type=1326 audit(1766450518.155:276): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  357.921673][   T40] audit: type=1326 audit(1766450518.165:277): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=12775 comm="syz.1.1487" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f02579 code=0x7ffc0000
[  358.328192][T12795] random: crng reseeded on system resumption
[  358.348116][T12795] Restarting kernel threads ...
[  358.354149][T12795] Done restarting kernel threads.
[  358.362319][T12790] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  358.364386][T12790] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  358.372328][T12790] vhci_hcd vhci_hcd.0: Device attached
[  358.594240][T12803] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1495'.
[  358.642705][ T6124] usb 42-1: SetAddress Request (34) to port 0
[  358.652620][ T6124] usb 42-1: new SuperSpeed USB device number 34 using vhci_hcd
[  358.895835][T12801] block nbd5: NBD_DISCONNECT
[  358.898445][T12801] block nbd5: Disconnected due to user request.
[  358.914108][T12801] block nbd5: shutting down sockets
[  358.919995][T12819] FAULT_INJECTION: forcing a failure.
[  358.919995][T12819] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  358.927641][T12819] CPU: 0 UID: 0 PID: 12819 Comm: syz.4.1497 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  358.927660][T12819] Tainted: [L]=SOFTLOCKUP
[  358.927664][T12819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.927671][T12819] Call Trace:
[  358.927675][T12819]  <TASK>
[  358.927679][T12819]  dump_stack_lvl+0x16c/0x1f0
[  358.927700][T12819]  should_fail_ex+0x512/0x640
[  358.927715][T12819]  should_fail_alloc_page+0xe7/0x130
[  358.927734][T12819]  prepare_alloc_pages+0x401/0x670
[  358.927751][T12819]  ? rcu_is_watching+0x12/0xc0
[  358.927768][T12819]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  358.927782][T12819]  ? bpf_ksym_find+0x124/0x1c0
[  358.927792][T12819]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.927806][T12819]  ? unwind_get_return_address+0x59/0xa0
[  358.927824][T12819]  ? __lock_acquire+0x436/0x2890
[  358.927837][T12819]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  358.927851][T12819]  ? stack_trace_save+0x8e/0xc0
[  358.927872][T12819]  ? __lock_acquire+0x436/0x2890
[  358.927884][T12819]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  358.927906][T12819]  ? policy_nodemask+0xea/0x4e0
[  358.927924][T12819]  alloc_pages_mpol+0x1fb/0x550
[  358.927942][T12819]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  358.927962][T12819]  folio_alloc_mpol_noprof+0x36/0x2f0
[  358.927975][T12819]  vma_alloc_folio_noprof+0xed/0x1e0
[  358.927986][T12819]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  358.928001][T12819]  do_anonymous_page+0xc81/0x2190
[  358.928018][T12819]  __handle_mm_fault+0x1ecf/0x2bb0
[  358.928034][T12819]  ? __pfx___handle_mm_fault+0x10/0x10
[  358.928046][T12819]  ? __pte_offset_map_lock+0x174/0x310
[  358.928062][T12819]  ? find_held_lock+0x2b/0x80
[  358.928081][T12819]  ? follow_page_pte+0x5cf/0x1390
[  358.928100][T12819]  handle_mm_fault+0x3fe/0xad0
[  358.928114][T12819]  __get_user_pages+0x54e/0x3590
[  358.928134][T12819]  ? __sys_setsockopt+0x120/0x1a0
[  358.928147][T12819]  ? __ia32_sys_setsockopt+0xbc/0x160
[  358.928160][T12819]  ? __do_fast_syscall_32+0xe8/0x680
[  358.928176][T12819]  ? do_fast_syscall_32+0x32/0x80
[  358.928186][T12819]  ? __pfx___get_user_pages+0x10/0x10
[  358.928207][T12819]  __gup_longterm_locked+0x2dd/0x17e0
[  358.928224][T12819]  ? __lock_acquire+0x380/0x2890
[  358.928236][T12819]  ? __pfx___gup_longterm_locked+0x10/0x10
[  358.928260][T12819]  pin_user_pages+0x13c/0x160
[  358.928277][T12819]  ? __pfx_pin_user_pages+0x10/0x10
[  358.928293][T12819]  ? __kvmalloc_node_noprof+0x3c9/0xa40
[  358.928310][T12819]  ? xdp_umem_create+0x657/0x1270
[  358.928326][T12819]  xdp_umem_create+0x741/0x1270
[  358.928343][T12819]  xsk_setsockopt+0x9cf/0xc00
[  358.928356][T12819]  ? __pfx_xsk_setsockopt+0x10/0x10
[  358.928372][T12819]  ? aa_sock_opt_perm+0xfd/0x1b0
[  358.928391][T12819]  ? __pfx_xsk_setsockopt+0x10/0x10
[  358.928404][T12819]  do_sock_setsockopt+0xf3/0x1d0
[  358.928422][T12819]  __sys_setsockopt+0x120/0x1a0
[  358.928452][T12819]  __ia32_sys_setsockopt+0xbc/0x160
[  358.928465][T12819]  ? __do_fast_syscall_32+0x9a/0x680
[  358.928482][T12819]  ? lockdep_hardirqs_on+0x7c/0x110
[  358.928499][T12819]  __do_fast_syscall_32+0xe8/0x680
[  358.928517][T12819]  do_fast_syscall_32+0x32/0x80
[  358.928527][T12819]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.928541][T12819] RIP: 0023:0xf703d579
[  358.928550][T12819] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.928561][T12819] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  358.928571][T12819] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000011b
[  358.928578][T12819] RDX: 0000000000000004 RSI: 00000000800000c0 RDI: 0000000000000020
[  358.928584][T12819] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.928611][T12819] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.928618][T12819] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.928639][T12819]  </TASK>
[  359.108855][T12826] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1499'.
[  359.117474][T12797] vhci_hcd: connection reset by peer
[  359.119345][  T221] vhci_hcd vhci_hcd.2: stop threads
[  359.121056][  T221] vhci_hcd vhci_hcd.2: release socket
[  359.123141][  T221] vhci_hcd vhci_hcd.2: disconnect device
[  359.180571][T12831] siw: device registration error -23
[  359.784016][T12836] netlink: 296 bytes leftover after parsing attributes in process `syz.5.1502'.
[  359.790712][T12836] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[  359.793397][T12836] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  359.797074][T12836] vhci_hcd vhci_hcd.0: Device attached
[  359.800327][T12836] netlink: 'syz.5.1502': attribute type 1 has an invalid length.
[  359.822473][T12843] vhci_hcd: connection closed
[  359.822757][ T6802] vhci_hcd vhci_hcd.5: stop threads
[  359.825918][ T6802] vhci_hcd vhci_hcd.5: release socket
[  359.832711][ T6802] vhci_hcd vhci_hcd.5: disconnect device
[  359.972877][T12853] netlink: 'syz.4.1507': attribute type 1 has an invalid length.
[  359.975354][T12853] netlink: 'syz.4.1507': attribute type 2 has an invalid length.
[  360.034795][T12857] program syz.4.1507 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  360.070293][T12857] netlink: 'syz.4.1507': attribute type 10 has an invalid length.
[  360.119510][T12859] program syz.2.1509 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  360.133669][ T6030] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  360.294184][ T6030] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  360.298399][ T6030] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  360.302419][ T6030] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  360.306426][ T6030] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.313104][T12851] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  360.317882][T12863] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  360.320348][T12863] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  360.323613][T12863] vhci_hcd vhci_hcd.0: Device attached
[  360.325038][ T6030] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  360.527523][   T54] usb 6-1: USB disconnect, device number 17
[  360.673740][T12870] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  360.675890][T12870] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  360.678642][T12870] vhci_hcd vhci_hcd.0: Device attached
[  360.706421][T12870] random: crng reseeded on system resumption
[  360.715085][T12870] Restarting kernel threads ...
[  360.717272][T12870] Done restarting kernel threads.
[  360.982127][T12864] vhci_hcd: connection closed
[  360.982393][ T1221] vhci_hcd vhci_hcd.2: stop threads
[  360.991874][ T1221] vhci_hcd vhci_hcd.2: release socket
[  360.996178][ T1221] vhci_hcd vhci_hcd.2: disconnect device
[  361.032433][T12877] vivid-007: disconnect
[  361.369031][T12871] vhci_hcd: connection reset by peer
[  361.374146][ T6802] vhci_hcd vhci_hcd.5: stop threads
[  361.378144][ T6802] vhci_hcd vhci_hcd.5: release socket
[  361.381423][ T6041] usb 48-1: device descriptor read/8, error -110
[  361.381443][ T6802] vhci_hcd vhci_hcd.5: disconnect device
[  361.674018][T12884] @: renamed from vlan0 (while UP)
[  361.783526][ T6041] usb usb48-port1: attempt power cycle
[  361.790739][T12874] vivid-007: reconnect
[  361.872371][T12889] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1516'.
[  361.875695][T12889] netlink: 31 bytes leftover after parsing attributes in process `syz.4.1516'.
[  361.878545][T12889] netlink: 'syz.4.1516': attribute type 3 has an invalid length.
[  361.881226][T12889] netlink: 'syz.4.1516': attribute type 2 has an invalid length.
[  361.884148][T12889] netlink: 31 bytes leftover after parsing attributes in process `syz.4.1516'.
[  361.890280][ T6003] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  361.983241][T12893] Invalid source name
[  361.984573][T12893] UBIFS error (pid: 12893): cannot open "./file0", error -22
[  362.047916][T12903] input: syz0 as /devices/virtual/input/input12
[  363.712717][ T6124] usb 42-1: device descriptor read/8, error -110
[  363.892702][    T9] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  364.233795][ T6041] usb usb48-port1: unable to enumerate USB device
[  364.375025][T12933] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  364.378233][T12933] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1524'.
[  364.690290][T12937] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  364.693064][T12937] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  364.697155][T12937] vhci_hcd vhci_hcd.0: Device attached
[  364.750068][T12937] random: crng reseeded on system resumption
[  364.752726][ T6124] usb 42-1: SetAddress Request (35) to port 0
[  364.752758][ T6124] usb 42-1: new SuperSpeed USB device number 35 using vhci_hcd
[  364.790793][T12937] Restarting kernel threads ...
[  364.794692][T12937] Done restarting kernel threads.
[  365.472887][T12938] vhci_hcd: connection reset by peer
[  365.475124][ T6802] vhci_hcd vhci_hcd.2: stop threads
[  365.476880][ T6802] vhci_hcd vhci_hcd.2: release socket
[  365.478666][ T6802] vhci_hcd vhci_hcd.2: disconnect device
[  365.481746][T12950] /dev/nullb0: Can't open blockdev
[  366.333827][T12963] input input13: cannot allocate more than FF_MAX_EFFECTS effects
[  366.792993][   T40] kauditd_printk_skb: 48 callbacks suppressed
[  366.793012][   T40] audit: type=1804 audit(1766450527.095:326): pid=12977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1539" name="/newroot/165/file0/file0" dev="9p" ino=71827843 res=1 errno=0
[  366.814583][T12978] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  366.816760][T12978] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  366.819474][T12978] vhci_hcd vhci_hcd.0: Device attached
[  366.848773][T12978] random: crng reseeded on system resumption
[  367.054948][T12978] Restarting kernel threads ...
[  367.057126][T12978] Done restarting kernel threads.
[  367.082750][ T6069] usb 40-1: SetAddress Request (34) to port 0
[  367.084923][ T6069] usb 40-1: new SuperSpeed USB device number 34 using vhci_hcd
[  367.535066][T12979] vhci_hcd: connection reset by peer
[  367.537049][ T6802] vhci_hcd vhci_hcd.1: stop threads
[  367.538999][ T6802] vhci_hcd vhci_hcd.1: release socket
[  367.540951][ T6802] vhci_hcd vhci_hcd.1: disconnect device
[  368.105604][T13001] fuse: Unknown parameter ''
[  369.126668][T13032] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  369.170758][   T40] audit: type=1326 audit(1766450529.475:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.177786][   T40] audit: type=1326 audit(1766450529.475:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.185010][   T40] audit: type=1326 audit(1766450529.475:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.191941][   T40] audit: type=1326 audit(1766450529.475:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.199322][   T40] audit: type=1326 audit(1766450529.475:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.286970][   T40] audit: type=1326 audit(1766450529.475:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.294076][   T40] audit: type=1326 audit(1766450529.475:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.300861][   T40] audit: type=1326 audit(1766450529.485:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.308196][   T40] audit: type=1326 audit(1766450529.485:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13027 comm="syz.2.1554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  369.368638][T13036] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  369.370715][T13036] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  369.373649][T13036] vhci_hcd vhci_hcd.0: Device attached
[  369.400116][T13036] random: crng reseeded on system resumption
[  369.407441][T13036] Restarting kernel threads ...
[  369.409289][T13036] Done restarting kernel threads.
[  369.642662][   T54] usb 48-1: SetAddress Request (14) to port 0
[  369.644856][   T54] usb 48-1: new SuperSpeed USB device number 14 using vhci_hcd
[  369.792675][ T6124] usb 42-1: device descriptor read/8, error -110
[  369.902734][ T6124] usb usb42-port1: attempt power cycle
[  370.076698][T13037] vhci_hcd: connection reset by peer
[  370.078853][ T1221] vhci_hcd vhci_hcd.5: stop threads
[  370.080608][ T1221] vhci_hcd vhci_hcd.5: release socket
[  370.083103][ T1221] vhci_hcd vhci_hcd.5: disconnect device
[  370.166389][T13063] overlayfs: conflicting lowerdir path
[  370.171814][T13063] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  370.184970][T13063] syzkaller0: entered promiscuous mode
[  370.187379][T13063] syzkaller0: entered allmulticast mode
[  370.463324][ T6124] usb usb42-port1: unable to enumerate USB device
[  371.494990][T13078] siw: device registration error -23
[  372.147197][ T6069] usb 40-1: device descriptor read/8, error -110
[  372.592089][ T6069] usb usb40-port1: attempt power cycle
[  372.882763][T13104] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1571'.
[  372.952176][T13103] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  372.954349][T13103] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  372.966539][T13103] vhci_hcd vhci_hcd.0: Device attached
[  373.010404][T13103] random: crng reseeded on system resumption
[  373.017043][T13103] Restarting kernel threads ...
[  373.018957][T13103] Done restarting kernel threads.
[  373.022623][ T6069] usb 40-1: SetAddress Request (37) to port 0
[  373.029803][ T6069] usb 40-1: new SuperSpeed USB device number 37 using vhci_hcd
[  373.142046][T13112] support for cryptoloop has been removed.  Use dm-crypt instead.
[  373.429821][T13123] siw: device registration error -23
[  373.658567][T13106] vhci_hcd: connection reset by peer
[  373.660565][ T6112] vhci_hcd vhci_hcd.1: stop threads
[  373.662244][ T6112] vhci_hcd vhci_hcd.1: release socket
[  373.664106][ T6112] vhci_hcd vhci_hcd.1: disconnect device
[  374.672720][   T54] usb 48-1: device descriptor read/8, error -110
[  375.073113][   T54] usb usb48-port1: attempt power cycle
[  375.431925][T13166] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1584'.
[  375.436066][T13163] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1586'.
[  375.654747][   T54] usb usb48-port1: unable to enumerate USB device
[  376.355145][T13173] overlayfs: workdir and upperdir must be separate subtrees
[  376.426222][T13177] siw: device registration error -23
[  377.409627][T13188] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1593'.
[  377.434891][T13189] tipc: Started in network mode
[  377.437034][T13189] tipc: Node identity 222e30697ed3, cluster identity 4711
[  377.440230][T13189] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  377.452633][T13189] syzkaller0: entered promiscuous mode
[  377.455309][T13189] syzkaller0: entered allmulticast mode
[  377.485698][T13189] syzkaller0: mtu greater than device maximum
[  377.490613][T13187] tipc: Resetting bearer <eth:syzkaller0>
[  377.503807][T13187] tipc: Disabling bearer <eth:syzkaller0>
[  377.547031][T13204] usb usb8: usbfs: process 13204 (syz.1.1594) did not claim interface 0 before use
[  378.011329][T13220] siw: device registration error -23
[  378.112608][ T6069] usb 40-1: device descriptor read/8, error -110
[  378.466233][ T6069] usb usb40-port1: unable to enumerate USB device
[  379.192616][ T6030] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  379.322669][ T6030] usb 7-1: device descriptor read/64, error -71
[  379.510081][T13260] siw: device registration error -23
[  379.562615][ T6030] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  379.749398][ T6030] usb 7-1: device descriptor read/64, error -71
[  379.853482][ T6030] usb usb7-port1: attempt power cycle
[  379.886306][T13270] siw: device registration error -23
[  380.169764][T13274] serio: Serial port ptm0
[  380.202639][ T6030] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  380.223064][ T6030] usb 7-1: device descriptor read/8, error -71
[  380.472639][ T6030] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  380.568342][T13276] overlay: filesystem on ./file0 not supported as upperdir
[  380.597399][ T6030] usb 7-1: device descriptor read/8, error -71
[  380.703647][ T6030] usb usb7-port1: unable to enumerate USB device
[  380.772602][T13291] siw: device registration error -23
[  381.246091][T13299] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  381.591450][T13301] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(11)
[  381.593577][T13301] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  381.600492][T13301] vhci_hcd vhci_hcd.0: Device attached
[  381.732159][ T6451] IPVS: starting estimator thread 0...
[  381.743592][T13305] netlink: 'syz.4.1620': attribute type 4 has an invalid length.
[  381.759322][T13305] netlink: 'syz.4.1620': attribute type 4 has an invalid length.
[  381.822618][T13307] IPVS: using max 44 ests per chain, 105600 per kthread
[  381.842690][ T6069] usb 47-1: new low-speed USB device number 7 using vhci_hcd
[  382.119364][T13302] vhci_hcd: connection reset by peer
[  382.127126][ T8060] vhci_hcd vhci_hcd.5: stop threads
[  382.132714][ T8060] vhci_hcd vhci_hcd.5: release socket
[  382.134932][ T8060] vhci_hcd vhci_hcd.5: disconnect device
[  382.192059][T13318] usb usb8: usbfs: process 13318 (syz.2.1625) did not claim interface 0 before use
[  382.227516][T13319] siw: device registration error -23
[  382.735883][T13310] ------------[ cut here ]------------
[  382.738186][T13310] WARNING: drivers/gpu/drm/drm_prime.c:224 at drm_prime_destroy_file_private+0x43/0x60, CPU#0: syz.4.1622/13310
[  382.743042][T13310] Modules linked in:
SYZFAIL: failed to recv rpc
[  382.744525][T13310] CPU: 0 UID: 0 PID: 13310 Comm: syz.4.1622 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  382.747995][T13310] Tainted: [L]=SOFTLOCKUP
[  382.749424][T13310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  382.753107][T13310] RIP: 0010:drm_prime_destroy_file_private+0x43/0x60
[  382.755226][T13310] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 21 48 8b 83 90 00 00 00 48 85 c0 75 06 5b e9 33 0b 6e fc e8 2e 0b 6e fc 90 <0f> 0b 90 5b e9 24 0b 6e fc e8 6f ed d6 fc eb d8 66 66 2e 0f 1f 84
[  382.761251][T13310] RSP: 0018:ffffc9002676fc88 EFLAGS: 00010293
[  382.763304][T13310] RAX: 0000000000000000 RBX: ffff88805017b380 RCX: ffffffff8b76c5d1
[  382.765912][T13310] RDX: ffff88804c370000 RSI: ffffffff85504d72 RDI: ffff88805017b410
[  382.768496][T13310] RBP: ffff88805017b000 R08: 0000000000000001 R09: fffff52004cedf71
[  382.770866][T13310] R10: ffffc9002676fb8f R11: 0000000000000000 R12: ffff888043ebe000
[  382.773448][T13310] R13: ffff88805017b2b0 R14: 0000000000000000 R15: ffff88805017b2d8
[  382.775934][T13310] FS:  0000000000000000(0000) GS:ffff8880976fc000(0063) knlGS:0000000057b7f440
[  382.778744][T13310] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  382.780882][T13310] CR2: 0000000032e07ffc CR3: 00000000694f7000 CR4: 0000000000352ef0
[  382.783494][T13310] Call Trace:
[  382.784601][T13310]  <TASK>
[  382.785561][T13310]  drm_file_free.part.0+0x7ee/0xcd0
[  382.787230][T13310]  drm_close_helper.isra.0+0x186/0x1f0
[  382.788996][T13310]  drm_release+0x1ab/0x360
[  382.790440][T13310]  ? __pfx_drm_release+0x10/0x10
[  382.792032][T13310]  __fput+0x402/0xb70
[  382.793392][T13310]  task_work_run+0x150/0x240
[  382.794885][T13310]  ? __pfx_task_work_run+0x10/0x10
[  382.796547][T13310]  ? __do_sys_close_range+0x278/0x730
[  382.798282][T13310]  exit_to_user_mode_loop+0xfb/0x540
[  382.800003][T13310]  __do_fast_syscall_32+0x4a4/0x680
[  382.801705][T13310]  do_fast_syscall_32+0x32/0x80
[  382.803433][T13310]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  382.805577][T13310] RIP: 0023:0xf703d579
[  382.806851][T13310] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  382.812961][T13310] RSP: 002b:00000000ff9e9b8c EFLAGS: 00000202 ORIG_RAX: 00000000000001b4
[  382.815583][T13310] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[  382.818084][T13310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  382.820609][T13310] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  382.823246][T13310] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  382.825748][T13310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  382.828253][T13310]  </TASK>
[  382.829280][T13310] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  382.831571][T13310] CPU: 0 UID: 0 PID: 13310 Comm: syz.4.1622 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  382.834978][T13310] Tainted: [L]=SOFTLOCKUP
[  382.836347][T13310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  382.839687][T13310] Call Trace:
[  382.840780][T13310]  <TASK>
[  382.841734][T13310]  dump_stack_lvl+0x3d/0x1f0
[  382.843212][T13310]  vpanic+0x640/0x6f0
[  382.844514][T13310]  ? drm_prime_destroy_file_private+0x43/0x60
[  382.846450][T13310]  panic+0xca/0xd0
[  382.847659][T13310]  ? __pfx_panic+0x10/0x10
[  382.849149][T13310]  ? check_panic_on_warn+0x1f/0xb0
[  382.850783][T13310]  check_panic_on_warn+0xab/0xb0
[  382.852401][T13310]  __warn+0x108/0x3c0
[  382.853703][T13310]  __report_bug+0x2a0/0x520
[  382.855162][T13310]  ? drm_prime_destroy_file_private+0x43/0x60
[  382.857120][T13310]  ? __pfx___report_bug+0x10/0x10
[  382.858737][T13310]  ? find_held_lock+0x2b/0x80
[  382.860260][T13310]  ? drm_master_release+0x2c1/0x600
[  382.861935][T13310]  ? drm_prime_destroy_file_private+0x43/0x60
[  382.863895][T13310]  report_bug+0xb2/0x220
[  382.865278][T13310]  ? drm_prime_destroy_file_private+0x43/0x60
[  382.867213][T13310]  handle_bug+0x127/0x260
[  382.868640][T13310]  exc_invalid_op+0x17/0x50
[  382.870120][T13310]  asm_exc_invalid_op+0x1a/0x20
[  382.871707][T13310] RIP: 0010:drm_prime_destroy_file_private+0x43/0x60
[  382.873818][T13310] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 21 48 8b 83 90 00 00 00 48 85 c0 75 06 5b e9 33 0b 6e fc e8 2e 0b 6e fc 90 <0f> 0b 90 5b e9 24 0b 6e fc e8 6f ed d6 fc eb d8 66 66 2e 0f 1f 84
[  382.879926][T13310] RSP: 0018:ffffc9002676fc88 EFLAGS: 00010293
[  382.881874][T13310] RAX: 0000000000000000 RBX: ffff88805017b380 RCX: ffffffff8b76c5d1
[  382.884399][T13310] RDX: ffff88804c370000 RSI: ffffffff85504d72 RDI: ffff88805017b410
[  382.886904][T13310] RBP: ffff88805017b000 R08: 0000000000000001 R09: fffff52004cedf71
[  382.889451][T13310] R10: ffffc9002676fb8f R11: 0000000000000000 R12: ffff888043ebe000
[  382.891965][T13310] R13: ffff88805017b2b0 R14: 0000000000000000 R15: ffff88805017b2d8
[  382.894482][T13310]  ? __mutex_unlock_slowpath+0x161/0x790
[  382.896286][T13310]  ? drm_prime_destroy_file_private+0x42/0x60
[  382.898272][T13310]  ? drm_prime_destroy_file_private+0x42/0x60
[  382.900236][T13310]  drm_file_free.part.0+0x7ee/0xcd0
[  382.901923][T13310]  drm_close_helper.isra.0+0x186/0x1f0
[  382.903667][T13310]  drm_release+0x1ab/0x360
[  382.905133][T13310]  ? __pfx_drm_release+0x10/0x10
[  382.906728][T13310]  __fput+0x402/0xb70
[  382.907902][T13310]  task_work_run+0x150/0x240
[  382.909814][T13310]  ? __pfx_task_work_run+0x10/0x10
[  382.911896][T13310]  ? __do_sys_close_range+0x278/0x730
[  382.914061][T13310]  exit_to_user_mode_loop+0xfb/0x540
[  382.915793][T13310]  __do_fast_syscall_32+0x4a4/0x680
[  382.917563][T13310]  do_fast_syscall_32+0x32/0x80
[  382.919248][T13310]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  382.921286][T13310] RIP: 0023:0xf703d579
[  382.922597][T13310] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  382.929264][T13310] RSP: 002b:00000000ff9e9b8c EFLAGS: 00000202 ORIG_RAX: 00000000000001b4
[  382.931899][T13310] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[  382.934402][T13310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  382.936935][T13310] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  382.939462][T13310] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  382.941998][T13310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  382.944556][T13310]  </TASK>
[  382.946208][T13310] Kernel Offset: disabled
[  382.947597][T13310] Rebooting in 86400 seconds..