last executing test programs:

5m19.500879718s ago: executing program 0 (id=2108):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6400000002060500000000000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a3000000000180007800c000180e8ff014000000000080008000000001005000500020000000500010006"], 0x64}}, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0xa, 0x4, 0xfff, 0x7, 0x88, 0xffffffffffffffff, 0x1}, 0x50)
socket$alg(0x26, 0x5, 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x100, 0x14, 0x193}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff) (async)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffe37, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010) (async)
openat$nullb(0xffffff9c, &(0x7f0000000040), 0x552501, 0x0)

5m19.451094295s ago: executing program 0 (id=2110):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000b40)=ANY=[@ANYBLOB="1201000000000010580413500000000000010902240001000050000904000081030000000921faff000122a00009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = fsopen(&(0x7f00000000c0)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000040)='ro\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
io_setup(0x23, &(0x7f0000000280)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f00000006c0)=[&(0x7f0000000700)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
syz_usb_control_io(r0, &(0x7f0000000540)={0x18, &(0x7f0000000180)=ANY=[@ANYBLOB="4023a0"], 0x0, 0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xbb, 0x5, &(0x7f0000000740))
geteuid()
r4 = socket$kcm(0x10, 0x2, 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x18, &(0x7f00000001c0)={0x0, 0x24, 0xb1, {0xb1, 0x24, "2988f6dd86673a30f0b42a8d3aa9b9d8ed44fa07c9405a6d5376a8d77b6cc01f783ecf5577144f03a9b4ee08589e55f06bd02579f15607cedeff9f96b93d92af149a8a9f5c1c89eb117c82396ac7ade779d7ead0870dfaf485d8a8947740df2581a3a594ec61fd4b82cf725bf016fadbbdc96ded577aaba82d506812e869ecb8152113e0a8b7ef65b9be7056d186df3ec1a9da232c160654dfffbc7c41f87e24253e429aad1f74d861f706040cc8bd"}}, &(0x7f0000000280)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x812}}, &(0x7f0000000100)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000000140)={0x20, 0x29, 0xf, {0xf, 0x29, 0x6, 0x80, 0x9, 0x7, "32ae2f4d", "f9abf074"}}, &(0x7f0000000340)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0xd, 0x4, 0xe, 0x4f, 0x2, 0xb964, 0x2}}}, &(0x7f0000000980)={0x44, &(0x7f00000003c0)={0x20, 0x16, 0x41, "b42e6ba5b3af78148f5b93a5b15a11249ad0679cdca1e727c17b4f979c36ac7dca584bf10ffe4572453a66ce2952c151e6bc858102e0d1e3c2319ab75efef1d29a"}, &(0x7f0000000440)={0x0, 0xa, 0x1, 0x4a}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0x3}, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f0000000500)={0x20, 0x0, 0x8, {0xe0, 0x10, [0xf0f]}}, &(0x7f0000000580)={0x40, 0x7, 0x2, 0x1}, &(0x7f00000005c0)={0x40, 0x9, 0x1, 0x2}, &(0x7f0000000600)={0x40, 0xb, 0x2, 'KZ'}, &(0x7f0000000780)={0x40, 0xf, 0x2, 0x7}, &(0x7f00000007c0)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, &(0x7f0000000800)={0x40, 0x17, 0x6, @remote}, &(0x7f0000000840)={0x40, 0x19, 0x2, "46eb"}, &(0x7f0000000880)={0x40, 0x1a, 0x2, 0x3}, &(0x7f00000002c0)={0x40, 0x1c, 0x1, 0x2}, &(0x7f0000000900)={0x40, 0x1e, 0x1}, &(0x7f0000000940)={0x40, 0x21, 0x1}})
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000680)="d800000019008111e00212ba0d8105040a600200ff0f040b067c55a1bc000900080006990300000015000500fe8081780d001500031101400200000901ac040000d67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, &(0x7f0000000040)=0x3, 0x4)
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCGKEYCODE_V2(r5, 0x80284504, &(0x7f0000000040)=""/185)

5m17.466753266s ago: executing program 0 (id=2119):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x5e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = io_uring_setup(0xe58, &(0x7f0000000400)={0x0, 0xf7a8, 0x8, 0x1, 0x320})
r4 = openat$sndseq(0xffffff9c, &(0x7f0000000100), 0x80002)
ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(r0, 0x4038587a, &(0x7f0000000640)={{<r5=>r0, &(0x7f0000000280)='\x06:*\'\\\x00', 0x40000, &(0x7f0000000480)={@_ha_fsid={[0x7, 0x5]}, {0xb8, 0x3, 0x9, 0x9}}, 0x0, &(0x7f00000004c0), &(0x7f0000000500)=0x100}, {[0x10001, 0x0, 0x3f08, 0xf]}, 0x6, 0xd7, &(0x7f0000000540)=""/215})
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000680)=[r4, r2, r5, r2, r2, r1, r2], 0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r9 = memfd_secret(0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f00000007c0)={'gretap0\x00', &(0x7f00000006c0)={'erspan0\x00', <r10=>0x0, 0x20, 0x7800, 0xd65, 0x0, {{0x2f, 0x4, 0x1, 0x2c, 0xbc, 0x68, 0x0, 0x1, 0x6, 0x0, @loopback, @multicast2, {[@timestamp={0x44, 0x8, 0x72, 0x0, 0x1, [0x6]}, @ra={0x94, 0x4}, @end, @cipso={0x86, 0x64, 0xffffffffffffffff, [{0x7, 0xa, "6ff3dcb465032371"}, {0x2, 0x12, "96f8759f344759324fa0102a42e24e5c"}, {0x2, 0x12, "f4e3f278e45509c91e7fd95e955be7c3"}, {0x1, 0x5, "659be9"}, {0x1, 0x7, "ee3d6e0c07"}, {0x6, 0xa, "ad07097d9cd77281"}, {0x1, 0xb, "c6720be38d249cab7c"}, {0x0, 0xf, "36f6a2cd9cbc61c011a7181d56"}]}, @rr={0x7, 0x1b, 0x4c, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @multicast2]}, @end, @cipso={0x86, 0x1a, 0xfffffffffffffffe, [{0x6, 0xe, "d4c1b0dfb19a407f474cb3d1"}, {0x1, 0x6, "ee5ba25d"}]}]}}}}})
getresuid(&(0x7f0000000180)=<r11=>0x0, &(0x7f00000001c0), &(0x7f0000000340))
syz_emit_ethernet(0x3e, &(0x7f0000000440)=ANY=[@ANYRES32=0x41424344, @ANYRESHEX=r11, @ANYBLOB], 0x0)
setsockopt$inet_IP_XFRM_POLICY(r9, 0x0, 0x11, &(0x7f0000000800)={{{@in=@private=0xa010101, @in=@remote, 0x4e21, 0xad, 0x4e22, 0xffff, 0xa, 0x20, 0x80, 0x0, r10, r11}, {0x5, 0x7, 0xfff, 0xa, 0x5, 0x0, 0xc45e}, {0x4f, 0x8000, 0x3, 0x400}, 0x400, 0x6e6bbf, 0x1, 0x1, 0x2, 0x3}, {{@in=@loopback, 0x4d6, 0x2b}, 0x2, @in6=@empty, 0x3507, 0x0, 0x1, 0x4, 0x9, 0x4, 0x6}}, 0xe4)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2800)
connect$unix(0xffffffffffffffff, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0xa, 0x0, 0x0, 0x0, 0x1)

5m16.539937621s ago: executing program 0 (id=2125):
r0 = syz_open_dev$usbmon(&(0x7f0000000100), 0x2, 0x40001)
ioctl$MON_IOCQ_URB_LEN(r0, 0x9201)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x5, 0x7fffff7f}]})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r4=>0x0})
r5 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x180000b, 0x28011, r5, 0x0)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_BT_SECURITY(r6, 0x112, 0x4, &(0x7f0000000180)={0xfc, 0x8}, 0x2)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000005400019b4abd70010000000007000000", @ANYRES32=r4, @ANYBLOB="20000100", @ANYRES32=r4, @ANYBLOB="000002000000000000000000000000000000000186dd"], 0x38}}, 0x0)

5m16.538569243s ago: executing program 0 (id=2127):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f0000001e40), 0x0, 0x100, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)={{0x14}, [@NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x7}, @NFT_OBJECT_CT_TIMEOUT=@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}}, @NFT_MSG_NEWFLOWTABLE={0x1a8, 0x16, 0xa, 0x900, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x78, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6tnl0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg1\x00'}, {0x14, 0x1, 'pim6reg1\x00'}, {0x14, 0x1, 'rose0\x00'}, {0x14, 0x1, 'rose0\x00'}]}]}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xd8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14}, {0x14, 0x1, 'vcan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'pimreg1\x00'}, {0x14, 0x1, 'geneve1\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'ipvlan1\x00'}, {0x14, 0x1, 'sit0\x00'}, {0x14, 0x1, 'bridge0\x00'}, {0x14, 0x1, 'pim6reg0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x9}], {0x14}}, 0x204}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
r3 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$video(0x0, 0x1d24, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x18, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r8 = socket$inet(0x2b, 0x801, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=ANY=[@ANYBLOB='j\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010328bd7000fedbdf251c000000"], 0x14}, 0x1, 0xffff000000000000}, 0x10)
setsockopt$IP_VS_SO_SET_ADD(r8, 0x0, 0x48f, &(0x7f0000000000)={0x1, @private, 0x0, 0x0, 'sed\x00', 0xa, 0xfffffffb, 0x14}, 0x2c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, 0xffffffffffffffff, 0x0)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000480), r3)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000024c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x70bd2a, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x4982, 0x701ca}, [@IFLA_LINKINFO={0x28, 0x37, 0x0, 0x1, @veth={{0x9}, {0x10, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x10000, 0x48124}}}}}}, @IFLA_PROTO_DOWN={0x5, 0x27, 0x2}]}, 0x50}, 0x1, 0x0, 0x0, 0xc10}, 0x8000)
sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)={0x68, 0x1, 0x1, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [@CTA_TUPLE_REPLY={0x4c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0xe}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0xe}]}, @CTA_ZONE={0x6}]}, 0x68}, 0x1, 0x0, 0x0, 0x1010}, 0x24008000)
r10 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r10, 0x40086602, &(0x7f0000000000))
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x11)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
sendfile(r9, r9, 0x0, 0x2000fb)

5m15.484656564s ago: executing program 0 (id=2136):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000000c0)={r2, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r4=>0x0], &(0x7f0000000040), 0x1, r3})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000300)={0x201, 0x0, &(0x7f0000000180), &(0x7f0000000400)=[0x3], &(0x7f0000000280)=[r4], 0x0, 0x0, 0xffffffffffffffff})
syz_io_uring_setup(0x810, &(0x7f0000000480)={0x0, 0x5c2d, 0x80, 0x2, 0x12c}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x6})
ioctl$UFFDIO_WRITEPROTECT(r8, 0xc018aa06, &(0x7f0000000080)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xe, 0x2)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r9=>0x0})
syz_emit_ethernet(0x62, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x2c, 0x6, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4, {[@sack={0x5, 0x16, [0x0, 0x2, 0x7fffffff, 0x7, 0x0]}]}}}}}}}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r10, r9, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)=ANY=[], 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x25, 0x0, 0x2000004}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0xe5, 0x0, @fd, 0xff, 0x0, 0x0, 0x1})

5m0.158900739s ago: executing program 32 (id=2136):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000000c0)={r2, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r4=>0x0], &(0x7f0000000040), 0x1, r3})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000300)={0x201, 0x0, &(0x7f0000000180), &(0x7f0000000400)=[0x3], &(0x7f0000000280)=[r4], 0x0, 0x0, 0xffffffffffffffff})
syz_io_uring_setup(0x810, &(0x7f0000000480)={0x0, 0x5c2d, 0x80, 0x2, 0x12c}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x6})
ioctl$UFFDIO_WRITEPROTECT(r8, 0xc018aa06, &(0x7f0000000080)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x0, 0xe, 0x2)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r9=>0x0})
syz_emit_ethernet(0x62, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x2c, 0x6, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4, {[@sack={0x5, 0x16, [0x0, 0x2, 0x7fffffff, 0x7, 0x0]}]}}}}}}}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r10, r9, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)=ANY=[], 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x25, 0x0, 0x2000004}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0xe5, 0x0, @fd, 0xff, 0x0, 0x0, 0x1})

7.138250648s ago: executing program 1 (id=4008):
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$USBDEVFS_DROP_PRIVILEGES(0xffffffffffffffff, 0x4004551e, &(0x7f0000000180)=0xfffffff7)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000100), 0x4)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x3, 0xc58, {0x5, 0x4, 0x0, 0x7, 0x0, 0x65, 0xe, 0x4e, 0x24, 0xc, @empty, @dev={0xac, 0x14, 0x14, 0x44}}}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x1f000000, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)

7.042023736s ago: executing program 1 (id=4010):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103040, 0x0)
fcntl$setlease(r1, 0x400, 0x0) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$getflags(r3, 0x401)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@enum={0x3, 0x0, 0x0, 0xf, 0x4000000}]}, {0x0, [0x0, 0x0, 0x61, 0x5f]}}, 0x0, 0x2a, 0x0, 0x1}, 0x28) (async)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000240)={0x1, 0x0, [{0x40000073}]}) (async)
ioctl$UI_GET_SYSNAME(r2, 0x8040552c, &(0x7f0000000000))

6.945682869s ago: executing program 1 (id=4011):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
r1 = socket(0x10, 0x3, 0x4)
openat2$dir(0xffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x51, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0xa)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000140)='2', 0x1}, {&(0x7f0000000600)="8da09354cc8a8fafd988501453e85cfd4f0112d4d84f11fa06fffd31819607e72ef34f685de971eccbf7c34e9ae1c1ad28417fd25630a2ade9101a0f2f9c0cb7728002ddc942b6dc61fc2de600f0580fd9f64bcaca58d38cd76b2121fc4109a8b1613a902b75c363295ae8651fe31883094620e68a68bb0718c035b2d1f5ddadfff13f4fb8ae4fd2723dd124746fbf200f667fc6aff03d2ad8da1b0230cbf65dea97", 0xa2}, {&(0x7f00000006c0)="4eeaa8b2b5e47a425b9a0cb7bb015b1524109bad5040e696cccca2f209a54d152cf48b0e23fe5f7fd414aeaef794556c74dea14fbc0e5c6e442b769bbd9c359d8f2bb9014b377377321f344df9fda001b5078f5eabe3a5742593a410ee24cbf7401e9dbf57cd8343e0a83261117b594124e526f38d0f52fa5606d1ae3dcd5e57e6bd2efc56ee107525af2612639ca9f21baad86bf11ef81e1c15879b30d89a4d6e16297d7c203c21d92f9fb90b8ea0b61ae1bdbc29c5638c9f3681a29afcb500", 0xc0}], 0x3)
landlock_restrict_self(0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
unshare(0x2000600)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ppoll(&(0x7f0000001040)=[{r5, 0x462}], 0x1, 0x0, &(0x7f00000010c0)={[0x3]}, 0x8)
setuid(0xee01)
r6 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)={r3, r6, 0x3, 0xc1, &(0x7f0000000500)="8e423888fda2b613a938b814dd79d863f97517d56da9b83f89a1310c662cf3413f04bf3b70337ba9f9d7a52f9aa099023851b0713b9ae71375945be163e21c5f098ffb1f4fa5cb50901621fb50b16734a49d6c3147c5a7450023ee98e0931cdce80d1f3606cd75b193a5e3bd1b0f74d42b05c9bf72ff7e156a92d66917a052fdbe87d9421da9c7f6c580172395b30d98aaf4a0b8e4e7af22ce9613fa812a589318c444a45a3bc14f11a5d0e09b0e84e1a5a3242b8bea7b0cbacf29e7e5274d32f0", 0xf2, 0x8, 0x922b, 0x5, 0xca, 0x2, 0x40, 'syz1\x00'})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
get_thread_area(0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x68, 0x14, 0xf2b, 0x70bd2b, 0x0, {0x2, 0x0, 0x0, 0x0, {0xd, 0x4}, {0xb, 0x10}, {0x0, 0x1}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0xec, 0x200, 0x80000a, 0x0, 0xfffffffe, 0x7a}}, {0x4}}, {{0x1c, 0x1, {0x7, 0xc, 0x18, 0x0, 0x0, 0x2, 0x2d8ee843}}, {0x4}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

4.884875596s ago: executing program 1 (id=4017):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
utimes(0x0, 0x0) (fail_nth: 3)

4.817142875s ago: executing program 1 (id=4019):
socket$inet_sctp(0x2, 0x5, 0x84)
openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_open_dev$sndpcmc(&(0x7f00000000c0), 0x1, 0x1cb8c0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141102)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000000)={0x0, 0x1f00, 0x0})
bind$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r3 = accept4(r1, 0x0, 0x0, 0x0)
sendto(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom(r2, 0x0, 0x0, 0x100, 0x0, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0xa00, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xd, 0x10, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.920002178s ago: executing program 3 (id=4025):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.empty_time\x00', 0x0, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$fb1(0xffffff9c, &(0x7f0000000180), 0x101000, 0x0)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="10000000feff53663e"], 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x3c)
r4 = dup(r0)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000200002000e95f42ed71000000250000b1c505f571e323b88d0e859796bdd70110f2f91131babab58a8a39f146a0e22effa5c336259ef7760eea085a8196adb400139fa25e4983f88df1afb4c1ba05ac1dce7b0cbdd3a6eda246fba609b08d8d77adcd60e35688e6191c4c302425efc9907821439aff8275fa3ff01a45b9d6457770b4a3cd03362f02a03518626ae034ccf846d17f5e0602f8ad1c69839e282dfdbab5c5612ef88971fb6a9a429ca60c5a7de3", @ANYRES32=r8, @ANYBLOB="08002600b41400000a000600ffffffffffff000004006e8008003500000000000a003400020202020202000004002800"], 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r4, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xe909ac222daa592c}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r5, 0x100, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @void}}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0x8000)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r9 = syz_io_uring_setup(0x497, &(0x7f0000000480)={0x0, 0x707b, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
r12 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r12, 0x5)
accept4$inet6(r12, 0x0, 0x0, 0x800)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000300)=@IORING_OP_RENAMEAT={0x23, 0x14, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000100)='./file0\x00'})
r13 = getpid()
syz_pidfd_open(r13, 0x0)
process_madvise(r1, &(0x7f00000006c0)=[{&(0x7f0000000000)="1d", 0x1}, {&(0x7f0000000040)="bc", 0x1}], 0x2, 0x0, 0x0)
socket(0x11, 0x2, 0x0)
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0x4f)

3.919050542s ago: executing program 1 (id=4027):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x9, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x44004000)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001700)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a9c160000060a010400000000000000000a00000170160480380001800a0001006d617463680000002800028010000300709c897c82b1095a67232d630800024000000001090001006d61726b000000001c0001800a00010072656469720000000c000280080002400000000e181601800a00010072616e676500000008160280e01204800c00028008000180fffffffc041001008e3edb2f6e69c6b60b706062426af6ec4fc765968fc127f37253aae8421d5e4d4ddacf1d2f663294bcb4c4eaefb8438c5c1f7e078001d192c9898dcc0ee2f2d7bfbd1291f58d3d91ec1e32b7c62e68c6c009c98f5f7246a97099d1e40dd10ced10eddb631fe85cec94852593cc4451cc1982f8ad547d0f310ce8284ced579fb2fe820460060ce2d814bc5d093a05d52289087acadd5c66a424a7f90513dafed13fe296e96a5691a8dd57048dbc03e06edd97a5785c09fa7f66adf1d4672ae97170c23d040587a96bb8945637de4e8499e2912ad552e3e0943061942cacc717cdab0739eaa448a6af77e0f25d018389da87af705ef2e788833b3f558158ae6c17dc173e50cbcffe8a4a728c390a19e351508fd76fe60184d9da2e3d3126f352f7c58f661d9133a0582fecf9815bb30c7ba69b0561680db01ae37eac016d72790e65bec5efd42789358faa9d2a8b31f01a213fba9b991bbb93e86945a2511e49969673a413bc161d249623e18f5360a081a5f04a989a2147a406c2c93095a6cc6cd2f59dfc058ecd0b3100fd5626023578ed2f01dfbeca7762a7904af2f82d572340eaa808399b19b95c6a3cecfa1fe97cf7e70b2b6eab5622af6a7b096440ad9e45ff89879e4ad10c43b09ee9d25a5eaa0bdf93cf07ef19a7a67b0b05a5e58af18f740ab98f50891cfb5c66e451ed3c93330d76caff60c8c349703e73aa71b0137b581cbaa0f1962be03a44dc895f1dec8efcd777804b90b84b4dbc1f939d70dcc6ae43a12721f73fa721683dde2d600332c695ab5cb43eca14b550b24e62f68b91e6efcbc50ee0fc684a43eadbcd1c97ef3f3ddb6ece0e7387d39f7d0030a77f58fc6e280560d1c60349cb880d480b985efb0a33d5e3099077410b24acb1adee5c740d7affccb60359cbadb9e9d833298c50fd1efdd7209794becd0c3818d9f53600c1f66cfc5c6480d947112060f4172c0979087a7f4489532e4f4abd060dfa6ad24a2a13cb97eaa7d5fe484db50dc6203eacdd05ad7cdef56bfc8b40720c5d2d103f99dce9c82d640485460a7b0714fa0a3ee716f6f5aec3f5617abf4fbf7c75c9f6e0219108a51b4efefa768adf8daa20d179c49a70fcd8d10eab0672d08dafcc01dcfe2ab6484ca2859a6d170a476ee183958508b628a13c4d1404f6fb0b0b6bb13af30263b6aa07125136d73c7d3b0244e1b34d911b3cbecc9b9848e4f9af2e8f08ab6d5859e6140caa96e381f80e2f6c552a8939acf5417af17c5f40d028c5189b67753c397c70c367d7b92d548961d67587b0e6998206cc1b2b63e798e7513fd146860cb04232e9593d2932fb34f09c5b12288f45cdc67c99306af78a8bd01d351e98a4dbac34bda2aa5e88b2eab56be54c5b709ead710593ef1922dfbcbe3ab16cd3b8addef2c1238d76ebfa8d2eeffd64534c6fbdaff77e74629f48fea21278822faf521900e25c99a9ccb66480f5658b77b4b7109657623a2428258c33a86fc495a6b3ac76bbe106651cdc6c429c08cc17d25dc458a82b80f709c6c778aa13e60f25b18408219e0241892e198236b19bbcc5ac26e97bbcc2e6ebb8d658bde4d249797256809a55fab63473f586a510533c26a4a7a3339f4706c048a651d1947721c8e0ce5e7e581fdd637297be70744fa54051eecd2311c9ce44bf3a782d9c8368ad4fe4c5f1a8e848fad7d8252dae9f55fa9483e1afe989e5a88bf8a319a1bbe4ef938e994f89e13b0355859504f31928291b1cb8586a54574ce427f82f6ab2025fca695a2aee6c2242af30badd38888d6a4d6cabfffa3b676b21fb4f255cfac0b8cd4905c018df6879cb5277ab8df7c7b90380684aa063a6a33688afab093123615c8d0edea51847ea49633911ad1c40739b1fa901fc5313c34aedabdc78f2944537624a9eb2a7870b03d00660c009dcbde9a6e582e0eec1befef810625742a361e0fb24e3f247a17495d9a7d1817e42465144652ca1c8cb43e43ff663a33a0a8572472c3ea0b77e5a2e392ae7569d2d49691d1c73834e1be86fde49f86477b35ceb59001e59e9064b7fc27e5ae0e91584e90db0608af0cd41a905672dd81bf8aee1a8908c45cd0bdeb6ba65f8432af491e4d4098bcce9210c2b1b9e316b695661a68ce01f302381abd646fd6eb71a989be1d03575555153ba2a00708b23bf953dac7f55053c236e62a01297aa388489058593c59ef082d6f2059c6facca259ba265373d0bf4feeb588eebf394f764a1c10ecd92a2cdbf3b27a7089eea7d80d5ed528ee0cd8f733f0d5078dca940cc3f0402e659c8131546d009a5e37ee3efb92ed6e988421b89bb77227fed75eecff75b727753871e1670c701c98117951625f6f3c8ff473206e5a7b027dbff2fbb0c6749cbef58be98c04421a7e33ecd65c2dfce723ebb75c5d74902f115fb93203c6082d4d5bce140d5be22d87f632c2a6287da6aa8065a402540372faa788114429c5685dc2fd34c8d5485088bfa7064f3d55f435362aaa94c94a4e98b138111a9a74f73aff1e8fe6841e54e7399f21fc8e880a6c1dd5e9d4c2a93502d1e2b78b929c18e2e3e8f22cbfa5b442b39651c741d941fe34e802b852c789ba162c6f24fb7bf1d90a85f4b4ad07f861b5e46fac36b2a69f7810eef02ea5761e5d6730aeb2259fe8ddb09f6de60089f9e39a301840c4d08a671a77b8e122280517075aaa8bcae3f3428a5c22cf200d12bf6a7113053e88155f89f6601b92a3ada2f33d68ac1159dcafb9b46ca2f945c0353f2c40044c9946aa2ff46a4c3152707a447a923ab86b4f41ea93684d64212546d3e37821d5ba7b8c70483b46a97c9a900e16f70b4cb40974ace2684097f2e934eb28b99b4e383c37de752a6bc8db0efe2979dae5cf27bb6d7b0c591bc73ede1ef8a346e9400509108dbee4ae80364a8538308a3b1f631074ccd2bdff52ffa7e063a24279bd2511a740c9a0182b4c03d6e6359ae58f19eaaaf37a238b14717cd0dcb1c54f5439f3dc0cbe1f720167df5d279df95a43b5fde4dd361aa2ceac7ed0895094897a1af03caff78597f72a049d7bd2d070a9f12a696f47e6e94af912d1b96114d0ef3ec4a2827911abbddf466225b48d23f207b2323b7db8da8c1c92558b009c4dc4ff66a596fda531aa87105441f31c9032a235d7db74516ad69f8a5ea9401d8f9950ef610a865aea6553088423c3592f594af2fd6de744ab63418e03f170765637ccb88c951b3ce35305a2dc20abff2e380d3db8215a796c86371eebc485a7c7dcf31362c9c880f93ae88e97510c794f169d60c7248b0ad6cc082c7d57de68f7e1c9f37628cf26b1625da73ff1b7cc07d20af81eec19aef868a40baadd3562f0d9c450055588437dc9ad22a4e1f75c4a468f29126bf3422dc6f8a17e8f141c8164bfd3d3ceb1f8c3d7d18e618804f330926d0ed92ecca72b4c39ed9aff3314a9c29826127c27aaae72f50f4f40ee5c80d2c8495aa7471619a42f952ac1c1eb3fda818fd3213b9c5e40aa69f99639b2b1ddadcd173504d3b5cba46aaa845a43e160bd19504f84657382ebb691b943dbd8738c9379bd2d557ae7880262f546c887b76eaa8cf3ce02e75f10f481416a1c87b0147c7230f1be3639133ae20870a03bc78ea75dac8ba6bacef6a1635666b050231c34fe063205f52a602f527ac92e4f098219d10f5fd1b44356a82a944ed9a5bbfb3e9068811fcea44b829268ab531a400e42c684068567d367922524a82b32289531cb11ae940aaca7cc2b5838d0ac5f4fafb6d15091d254118dd9af094f3be4752490b67ca15bc38fb1f203ca8eb065b4044fa2dee4d2674000d3c08a28a3b3ad33298cafa2bf1fefc5dc01062da0bad6944618b6b92781837cbcb8bb2c3ef5d8766d093bde6b0acf7af35a3ab33cdcddda7d0eba9cdaefd031d68d54daede29b267898267da06ca5cd6ff2ce24bb17483f15e2ced9035a2dfa3827727aca9f79a0d60aaca89ef3e1768f81eda7d18716ba036fe63358bd49678ce52500d2edfd5672c1fde68d5a59555aa363e649b1127d4f84511c7b5822e45325c3f87799fc7f87c8540b4505d16aa99b0aa511727477d3aba56462c45727b33e57d98b177db66420fd730b9ee24366aacc7008253bf7fb93a2a7def33b3f1d27c187e739b006d441ec275dda708ed5a8080130f5e7fb4d6fdd3e13a97abfa3a9dfd250bb5dc2f06941c74d8672fade19338af27813a288a1c02d7c5c4294b7d35d50643fd3f900395ae4802022f1fbc0d53c90fed9ac451f020fb64c9920f3084d6b5599dba70949b5d5d904cd6b3119a20e9d7618ada2a042d4e0957be51e5e5f4ef7835092d66d08d88d22ef58bc0a12b2455c1f4cc20196fae9396ddb0cb9349f758f542def18439c0efd27f3fbd72906719ff74d96072771797900fb0e9e7f4c69d6449c3a6cd9cc04036a95d999fe4bbfe634896355cb3b5a55fa52bc03b7925535eee6b8d559db9d860f492023de93a109cecb62efc7b832024055a9dd5b2ca3146a3a0e2d9997c24f229da9e6561091795381163413a07ab482ab132481adbd2c347863de8fabe25f3c0d185efcea226efe1446f6eea99ab528981f864475a397a9dec43745dada24286dece0a409afa3df8aca50db2d3891adfca0f510012106237a52c1c05dc345fe8b34cd86fdc109ae2b59d82e884d2915a13bbb3245c23aa9322a4252f1e4d06b57f6148c0009ce27a6ab8d26306a00af9c11773651b81dc28c460de00205b8a45125477c617c4369c13ca9a51e7bdf3efe8150b206e90cb67fe5cc74c7ee1f3670edccc32a53a2056a8ef945ed1621fda2bd5c14b8eb29871a841ffe6a3f3bdc79e499ab89196beff2469f18b288e6fd8c2e4534b181ae50319d50d645028b579af91dc3a4ddc591a9be5f4a14efe52375b36deecdaa9de8eb597a3f68a64c2f2c361dd9a320219408240932f2604976ef3b70388801a02562454469ea488cf89f42dbf64caadf8fa56266ef14ce05533595ae788b435fbaa3ccb6782907b92083a4a90640f7090170ea3fffd4074df5a22504afd7b91edc9e849baf6c1eb013e3ba7f4634cdd5ed31d3fa6fcf5e3765132b5364f03fddb727eff661a6508d02ab6ce6b3c74081ca079b580d964e9ed9a75972a2d20b57fa630ae27f7e23393a6018235f4f8cf1aa591038a1556d5a0444cf4d1bbabdb434ebc797d1c31ff58ab9acc01e5a050a66592c1b0ae7939d16e923193921186d99df0a9a2b17bfa0eaf963575ba64178fbf638b4d25fbe03766639685a2d8b1251cc16981b4e284a7afd1fa1b99eb3ef175c4124a599ce90aedb3ffdb03ed91f185ced7de4d0787f82a7131a13d981c07b88420cfc9bfc88d2a26c9df8a96105098dd30bfea153e0a30d2bebbf09f496e0d0d7e056e2dd9a5433b83656b37d3b81654f69dbd223334b1df121fec246a733238563454a2137583369fee4e9cc67a4a16919d539f386a54203df5d14941f688178bb23aa480e89a3a07ce7e4dd740c2cc96bb5d0ec4d1a0e74e07073eba983544b297acc9738ea762b5a79218a2623d4ab733a8635c8b1fa694b5d1588d56ad068fdc83bd3cf919c20e311c677d786bc570c2d109047fe4c20af8ab574822ec678afb896e6feaf6c4a155e34a307f8d1c2bd8cb06ef4746422fc92bdcf808ce0c55c75317015ed3859246a94b83b099b6c3f8ed4c59b0a8374db86c9aac9016eebf6306dc7760bb0ec47dba577e20208d928520f274413cbc03042d66ef2bec7ed1d10ee968766567b0ab96997ed823a4b0758fd3efcc7200010050133a56e826c4c1baa22869e39a9f0626c198867ef5d8dd729c69b1f604b8fc95c0d1708483e934f46cc3af08c6a90645eb33537e0d43b5368823e5ca6cdeefddee4e66cc93fbd2ee1ef4f1314b82992b84807effa95897cbb2c94e5619f36f76767f7df0b4288cd9aebed4dde300002800028008000180fffffffb0900020073797a310000000008000180fffffffe0800034000000004c10001000216ec78fa964db265d51191a6412fa1a734943b14eb74071f46c5478971f9536fadf99f8678e6f9f2e8425b677271271ec743dacbe0c9f2734981bf9170de01ea26f6f0837fe2d1e73e84acdbb781012adaa4d341a5dcdf8c0bec550086b39391184860824996d58af49c35ef091178dddd7f68801c0c2960d6e11234362e4cbae413590b2033bc0dde45b95648b4a06b9cc33291819ac94c2e9d01306f98283f253e816bf866f37453f9b258ed3b1c5b7ac4a64b36a3b1a7f44345040000000101010006101d70ed0d5dbdd7b2534b6b0c4ee8693ca5b6b9eac18c101a445361f62ecffbcaae2df9c6bc16605fa84ec27428a1b7b6ac987e6647ea88dba458eb8b98864383f475d4f80c3305323b4b514baa78a2208caef015a31fc8c44fa48c2cc6db29f0e544015dcc4d54240d2f354c896f08d1a3e064715daeb31d387c76a7038a4dd37637111560b10cba1bdf4dece1eb984667ca1251755aaf84a7be7149711dd39c6d82d4e75a18411d539db5f1649ddba62c951a8523ab602ddd566b298614cc20ecb6b8ba76c4a0763b12a5ac76f3d8d7c578b1dc2d6cd83e773b29e1a758c637bee789f439ac6fd33e59019fa48cee2d0192e4cb98f8aa28e7c02b0000000c00028008000180000000002800028008000180fffffffd0900020073797a300000000008000180fffffffb080003400000000434000280080003400000000408000180fffffffc0900020073797a32000000000900020073797a300000000008000180fffffffd0800024000000001140303806b0001002da0f9d20c05caa6f57f619a140654e5881502d36c3174f45e3a84822b9b5acba8916007beee7b17bd62812c2db86d0b3b49d0276629c6deac6883a9beb9ff0f3f59a1c747436aaffab140d1067ce6078599d4fff39afe15513e86fbf7e065ec7e357572cde6e6003400028008000180fffffffd0900020073797a3200000000080003400000000308000180fffffffe0900020073797a3100000000d30001001b346e2e7ddae9248cdc7b7a72dd852fd2072aca51943f752c81069d180311d16f6901c5aee24cf396d2f3d6c734f198e4b17b9c4b4e16ac78bdba3556e4fbf48bb448f171f1a22adeb73badde22cbe8d44b105eee4f32c1d8225a1708eee884cead22ac00923dc34fb6c2ac3bcddd5c4084c9fbc40aa589251d344d8db08bc67b8f476bbb7440c07d47be5fda7a85495fe1cd9db2c0ac0d43b391df4f4891b228288790a0da2dcc5df9f9694b620c32c2be88d55043d4a67d1eec043c46bc0c25b5db667a8c42d8abf0e82649f896004000028008000340000000020900020073797a31000000000900020073797a300000000008000180fffffffe08000180fffffffb0900020073797a3200000000440002800800034000000004080003400000000108000180fffffffc0800034000000004080003400000000108000180ffffffff080003400000000308000180fffffffd0a00010003389d6942f800000500010012000000400002800800034000000003080003400000000408000180fffffffb0900020073797a3200000000080003400000000208000180fffffffe08000180fffffffcc30001004efdf3ecbb2693b7d57c1772c547b36308322c227fe69b8fa63c0fb0e2dd0eaabfe5d6494c87b31b353d018f9297be3405eafab52a0b969d1dd6a1f55314cafef72cf3e8063a5f5e7b86656c878526c8d4b1cf3f47756722ae30a93a7bd082e54d4a9f0429cd13de0b63d9378c8441832d2770fb93992f9ae5ee19b03057d9b9b922aa5b54e9df682e6d7705ffbf84462da34fea49b22a95c2894c55578526a32fbc3245be46e0e8bc3ed012bdcdc62bfb9f3ae3fc0f30cbb573b1736e5fe30008000140000000150900020073797a32000000000900010073797a31"], 0x16c4}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$pptp(0x18, 0x1, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000400)={0x28, 0x0, 0x2711}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)

2.988892673s ago: executing program 2 (id=4034):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x100, 0xe}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r10, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0x5, 0x2ab9, 0x2, 0x4, 0x5, 0x2234, 0x83, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x800004, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0x1, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x3, 0x3, 0x5b1f, 0x7b0, 0x7, 0x100, 0x2, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x411ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffef9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x3, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x7, 0x80000000, 0x7f, 0x7, 0x9, 0xff, 0x24, 0x5, 0x7, 0x6, 0x10007a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x10009, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0x11, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x9, 0xfffffffd, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0x9, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0xf7800000, 0xac, 0x8, 0x3, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0xa, 0x300, 0x5, 0x3, 0x3, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xb, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x80001, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x0, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x3, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x107e, 0x4, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x5, 0xa99, 0xfffffeff, 0x5, 0x37f, 0xc, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x3, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xfffeffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x1000, 0x4, 0x0, 0x3, 0x0, 0x3, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94b, 0x9, 0x8, 0x6, 0x100, 0x2, 0xffff, 0x4, 0x2, 0x3ff, 0x2, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7fff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0xffffff37, 0x3, 0x9, 0xc, 0xff, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x40, 0x4, 0x0, 0x5, 0x4, 0x1, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x9, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x1, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x6, 0x0, 0x81, 0xfff80000, 0x0, 0x1, 0x6, 0x3, 0x7ef8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x0, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0x4000fff, 0x8, 0x7, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x400002, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0xc000, 0xffffff97, 0x2, 0x40, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0xfff, 0xe, 0x3, 0x9, 0xa, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x20000000, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0xb}, {0x6, 0x2, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmmsg$inet(r3, 0x0, 0x0, 0x240080e4)
r11 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000400)={0x1fd, 0x1, 0x0, 0x2000, &(0x7f0000b07000/0x2000)=nil})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r12, 0x4048aecb, &(0x7f0000000240))
r13 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
ptrace(0x10, r13)
write(r1, &(0x7f0000000000)="b8d2b3", 0x3)

2.941660378s ago: executing program 3 (id=4036):
syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x301880)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x22, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xfffffffffffffea1, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x9}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @broadcast}, 0xc)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000400)={0x0, 0x2000}, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @remote, @local, {[], {0x3, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}}}}}}}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x24000890}, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}, {&(0x7f00000003c0)="e8700e444d", 0x5}], 0x3, &(0x7f0000000380)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x4e20, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x80200}, 0x1c)
connect$inet(r5, &(0x7f00000000c0)={0x2, 0x1020, @remote}, 0x10)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/crypto\x00', 0x0, 0x0)
sendfile(r5, r8, 0x0, 0x4000000000010046)

2.746232141s ago: executing program 2 (id=4038):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000a00)={'syz0\x00', {}, 0x54, [0x80000000, 0x3, 0x4000401, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x800000, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x9, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xffff8800, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffa, 0xfffff986], [0x4, 0x7fff, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0xffffffff, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x2, 0x7fff, 0x0, 0x0, 0x0, 0x3, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x0, 0xfffffffe, 0x0, 0x0, 0x4, 0xfffffffc, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10, 0x5, 0xfffffffd, 0x0, 0x0, 0x8, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r3, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r3, 0x5501)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x8, 0x8, 0x1, 0x8, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0xa, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x6, 0x5, 0x4, 0x0, 0x7, 0x3c57, 0x0, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x5, 0x7, 0x83, 0x9, 0x4c74, 0x0, 0x242, 0x2, 0xe, 0x0, 0x400, 0x7, 0x1b, 0x22, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x81, 0x6, 0xffff8001, 0x3ff, 0x83, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0x88, 0xf9, 0x388000, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2b, 0xe, 0x312, 0x78, 0xfffffff7, 0x0, 0xfff, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0xfe, 0x0, 0xa, 0x5, 0x1000005, 0x5f31, 0xf, 0xd86, 0x2, 0x4, 0x8, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0xbc2, 0x1, 0xfe000000, 0x8, 0x2, 0x200004, 0x9, 0x3, 0x3, 0x9, 0x4, 0x3, 0x5, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x1, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0xac, 0x0, 0x5, 0xb, 0x4, 0x3, 0x5, 0x800000, 0x1ef, 0x8, 0x8, 0x86, 0x3, 0x3038, 0x101, 0xb, 0x2, 0x2, 0x2, 0x7, 0x20000008, 0x4, 0x16d01, 0x6, 0x38, 0x800003, 0x600, 0x80, 0xbf7, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x4a9, 0x5, 0x6, 0xac8, 0x5, 0x7, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x3, 0x5, 0x1b, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x80000000], [0x9, 0xbb33, 0xa, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x400002, 0x57, 0x4, 0x2, 0x3, 0x2010000, 0x11c, 0x7fff, 0xffff, 0xa620, 0x1, 0x7, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x10000016, 0xffffffff, 0x80000000, 0x5, 0xffffffff, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xae, 0x8, 0x6, 0x226, 0x3, 0x100, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x9, 0x1, 0x6c1b, 0x8, 0x4, 0x5, 0x40b1e, 0xd7, 0x200, 0xffff3441, 0x4]}, 0x45c)
getrlimit(0x1, &(0x7f0000000200))
ppoll(&(0x7f0000000300)=[{r2, 0x400}], 0x3a, 0x0, 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xb}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0xe15, 0x3, 0x0, 0x0, 0x8, 0x1}}, {0x6, 0x1b, [0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000280)=[@window={0x3, 0x6, 0x6}, @timestamp, @mss={0x2, 0x8}], 0x3)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x10000)
mount(&(0x7f00000000c0)=@filename='./bus\x00', &(0x7f0000000000)='./bus\x00', &(0x7f0000000140)='btrfs\x00', 0x2800080, &(0x7f00000001c0)='discard')
creat(&(0x7f0000000440)='./file0/file0\x00', 0x194)

2.423618927s ago: executing program 4 (id=4040):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x180)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="043ee61e"], 0x9)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020)
socket(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @loopback, 0xbf}, 0x1c)

2.422486079s ago: executing program 4 (id=4041):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_open_dev$vcsu(&(0x7f0000000040), 0x3, 0x200400)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200)=r1, 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), 0x4)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r2, 0x40045402, &(0x7f0000000140)=0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
socket(0x10, 0x3, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002640)=@newtaction={0xe68, 0x30, 0x3f, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0xfffffffc, 0x0, 0x0, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x5943, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x800000, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x10}, {}, {}, {0x0, 0xa2}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x1cbe}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {0x2}, {0x8}, {}, {0x0, 0xfffffffe, 0x400000}, {0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff6a}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x800000}, {0x0, 0x0, 0x0, 0xe54b}, {0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x7fffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x27a}, {0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x4}, {0x1, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0xc}, {}, {0x0, 0x0, 0x2b7f}, {0x3ff, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0xcfc, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x70}, {}, {0xfffffffd, 0x0, 0x0, 0x0, 0xa92}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {0x0, 0x40000000, 0x1, 0x0, 0x10001}, {0x0, 0x0, 0x20}, {}, {0x80000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {0xfffffffc}, {}, {}, {}, {0x0, 0xa, 0xfffffffc}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x3, 0x0, 0x3}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x40, 0xaf5, 0x0, 0x3}, {}, {0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x1, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x2}, {0x5}, {}, {}, {}, {}, {}, {0x7, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
syz_create_resource$binfmt(0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
socket$nl_route(0x10, 0x3, 0x0)

1.177720954s ago: executing program 3 (id=4042):
r0 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r0, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) (async)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x285c, 0x4)
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="0208000002"], 0x10}}, 0x0)
syz_clone3(&(0x7f0000000740)={0x0, &(0x7f0000000480), &(0x7f0000000580)=<r1=>0x0, &(0x7f00000005c0), {0x21}, &(0x7f0000000600)=""/81, 0x51, &(0x7f0000000680)=""/85, &(0x7f0000000700)=[0x0, 0x0], 0x2}, 0x58)
fcntl$setownex(r0, 0xf, &(0x7f00000007c0)={0x1, r1})
r2 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, 0x0, &(0x7f0000000040))
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r3, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, 0x0, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x2c800) (async)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x3c0, 0x274, 0xec, 0xfeffffff, 0xec, 0xec, 0x32c, 0x32c, 0xffffffff, 0x32c, 0x32c, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0xffffffff, 0x0, 'veth0_to_bridge\x00', 'caif0\x00', {}, {}, 0x6, 0x3}, 0x0, 0xb8, 0xec, 0x0, {}, [@common=@inet=@socket3={{0x24}, 0x7}, @common=@inet=@ecn={{0x24}, {0x20, 0x1, 0x1, 0x4}}]}, @SNAT0={0x34, 'SNAT\x00', 0x0, {0x1, {0x4, @private=0xa010100, @empty, @gre_key=0x6, @icmp_id=0x66}}}}, {{@uncond, 0x0, 0xb0, 0xe4, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x6]}}}]}, @MASQUERADE={0x34, 'MASQUERADE\x00', 0x0, {0x1, {0xc, @local, @multicast2, @gre_key, @gre_key=0x8001}}}}, {{@ip={@rand_addr=0x64010101, @rand_addr, 0x0, 0xffffffff, 'lo\x00', 'ip6tnl0\x00', {0xff}}, 0x0, 0x70, 0xa4}, @NETMAP={0x34, 'NETMAP\x00', 0x0, {0x1, {0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @port=0x4e21}}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, @ipv4=@dev, @port, @port=0x4e20}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x41c)

1.062702359s ago: executing program 3 (id=4043):
r0 = syz_open_dev$dri(&(0x7f0000000340), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f864ce, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r1, r1, 0x2)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x8, 0x3, 0xc94, 0x340, 0x25, 0x148, 0x340, 0x60, 0xc00, 0x2a8, 0x2a8, 0xc00, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x4, 0xd5, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00', {0xffff}}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0xa, 0x4, 0xec1, 'syz1\x00', {0xbdc}}}}, {{@ip={@broadcast, @multicast1, 0xffffffff, 0x0, 'veth1_to_bond\x00', 'gre0\x00'}, 0x0, 0x878, 0x8c0, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@u32={{0x7e0}, {[{[{0x3ff}, {0x59}, {0x4, 0x3}, {0x0, 0x2}, {0x2, 0x1}, {0x8}, {0xffffffff, 0x3}, {0x77, 0x1}, {0x9, 0x2}, {0x1b91, 0x1}, {0xd76, 0x3}], [{0xe670, 0x5}, {0x9, 0x6}, {0x6, 0xb792}, {0x1, 0x7}, {0xf912, 0x4}, {0x7, 0x1}, {0x8c2b, 0x3}, {0x3, 0xa}, {0x1, 0x6}, {0x4, 0x400}, {0xca, 0x9}], 0x2}, {[{0x4, 0x1}, {0x1}, {0x8, 0x2}, {0xa, 0x3}, {0x355, 0x3}, {0x3ff, 0x2}, {0x8}, {0xffffff34, 0x1}, {0x307d, 0x3}, {0x4}, {0x6b46, 0x3}], [{0x2, 0x5}, {0x2, 0x9}, {0xfffffffa, 0x88}, {0xfffff000, 0x175a}, {0x7, 0x200}, {0x8000}, {0x3ff}, {0x2, 0x6de89782}, {0x6, 0x519a}, {0x0, 0x8}, {0x7, 0x88}], 0x0, 0x7}, {[{0x0, 0x2}, {0x8f8}, {0x8, 0x3}, {0x2, 0x2}, {0x80000001, 0x1}, {0x2, 0x3}, {0x6}, {0x8001, 0x3}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x2}], [{0x3fbe27c4, 0x9}, {0xdf, 0x7fff}, {0x8, 0x5}, {0x8, 0x7}, {0x3, 0x3}, {0xffff, 0x8}, {0x7, 0x6}, {0xffff, 0x8}, {0x4e24, 0x81}, {0x1, 0x84}, {0x101, 0x8}], 0xb, 0x5}, {[{0x2, 0x3}, {0x401, 0x1}, {0x40, 0x2}, {0x2, 0x2}, {0x80000000}, {0x2, 0x1}, {0xb, 0x3}, {0x8, 0x1}, {0x80, 0x1}, {0x5}, {0x8}], [{0xb, 0x7ff}, {0x1000, 0x1}, {0x9, 0xf}, {0x2, 0x8}, {0x2, 0x101}, {0x5, 0x7fff}, {0x7, 0x4}, {0x9, 0x4}, {0xfffff800, 0xffffff80}, {0x0, 0xfffffffe}, {0x5, 0x7}], 0x3, 0xa}, {[{0x8, 0x2}, {0x5, 0x1}, {0x0, 0x3}, {0x0, 0x1}, {0x9, 0x3}, {0x17c087d, 0x2}, {0x7fff, 0x3}, {0x80, 0x3}, {0x0, 0x3}, {0x40, 0x1}, {0x9, 0x2}], [{0x80000000, 0xfffffffc}, {0xfffffd00, 0x7}, {0x3, 0xc10}, {0xeb1d, 0x10001}, {0x8, 0x2}, {0xaf9c, 0x283}, {0x4, 0x2}, {0x7f, 0x9}, {0x400, 0x38000000}, {0x2, 0xb}, {0x2, 0x2}], 0xa, 0x1}, {[{0x535}, {0xffff, 0x3}, {0x3, 0x1}, {0xe}, {0x1, 0x2}, {0x7}, {0x4, 0x3}, {0x5}, {0x8, 0x3}, {0x37, 0x1}, {0x8}], [{0x4, 0x200}, {0x0, 0x9}, {0x4, 0x81}, {0xfffffc00, 0xfff}, {0x2, 0x1}, {0x3ff, 0x8}, {0x9, 0x6}, {0x40, 0x101}, {0xfffffffe, 0x7e05d4a7}, {0x0, 0x866}, {0x5, 0x6}], 0x1, 0x6}, {[{0x6, 0x2}, {0x3}, {0x401, 0x1}, {0x7fffffff, 0x1}, {0xff, 0x2}, {0x99e0}, {0x4}, {0x6}, {0x6417, 0x1}, {0x8}, {0x0, 0x1}], [{0x2, 0x1}, {0x8104, 0x9}, {0x9, 0xe}, {0x100, 0x9}, {0x9, 0x75}, {0xede, 0xff}, {0x3, 0x9f}, {0xfffffffe, 0x1}, {0x94, 0x5}, {0x4, 0x9}, {0x2, 0x9}], 0x2, 0x7}, {[{0x6}, {0x5, 0x3}, {0x3ff, 0x3}, {0x80, 0x2}, {0x6, 0x2}, {}, {0x18000, 0x2}, {0x2, 0x2}, {0x8, 0x2}, {0x133, 0x3}, {0xd, 0x2}], [{0x80, 0xbca}, {0x1, 0xab9f}, {0x6, 0x1}, {0x0, 0x7}, {0x8, 0x1ff}, {0x49, 0x7}, {0x1, 0x63d14f22}, {0x2, 0x8}, {0x8727, 0x401}, {0x3, 0x1}, {0x8, 0xf}], 0x9, 0x8}, {[{0x7}, {0xc}, {0xfffffffb, 0x2}, {0x5, 0x2}, {0x7}, {0x1, 0x1}, {0x3}, {0x1, 0x1}, {0x40, 0x2}, {0x10, 0x2}, {0xfff, 0x1}], [{0x2, 0xfff}, {0x5, 0x1}, {0xc4, 0x9}, {0x8, 0x9}, {0x3, 0x9}, {0x5, 0x6}, {0x5, 0xa}, {0x200, 0x8}, {0x2, 0x6}, {0xfffffe1e}, {0x1ed, 0x6}], 0x5, 0x3}, {[{0xfffffff7, 0x2}, {0x5, 0x3}, {0x0, 0x3}, {0x80, 0x2}, {0x10001, 0x1}, {0xa, 0x2}, {0x4000000, 0x1}, {0x8}, {0x1, 0x1}, {0x0, 0x2}, {0x8, 0x1}], [{0x0, 0x77d}, {0x0, 0x3935}, {0x0, 0x4cf6}, {0x200, 0xfffffff3}, {0x10001, 0x401}, {0xffff, 0x7}, {0x4, 0x6}, {0x8001, 0x6}, {0x4, 0xffffffff}, {0x5}, {0x80, 0x3}], 0x5, 0xb}, {[{0x5791}, {0xfffffff8}, {0x2, 0x2}, {0x4, 0x1}, {0x6, 0x2}, {0xffffffff, 0x1}, {0x5, 0x3}, {0x2}, {0x8}, {0x3, 0x2}, {0x8}], [{0x6800000, 0x9}, {0x2, 0x9}, {0x5, 0x1000}, {0xfffffbff, 0x7}, {0x8001, 0x3}, {0x3, 0x7}, {0x3}, {0x3, 0xf73}, {0x6, 0x4}, {0x6, 0x2}, {0x4, 0x7}], 0x6, 0xa}], 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0xcf0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000100)={0x6c, @dev={0xac, 0x14, 0x14, 0x22}, 0x4e20, 0x3, 'sed\x00', 0x8, 0x10000, 0xd}, 0x2c)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x4, 0x1000)
fanotify_mark(r4, 0x1, 0x8000021, r3, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TCXONC(r6, 0x540a, 0x1)
close_range(r5, r5, 0x2)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r8 = fanotify_init(0x8, 0x0)
fanotify_mark(r8, 0x1, 0x8000020, r7, 0x0)
close_range(r3, r8, 0x0)
r9 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
ioctl$VIDIOC_S_SELECTION(r9, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0xfffffffd, 0x4, 0xb, 0x8001}})

1.00140942s ago: executing program 3 (id=4044):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc01055a1, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x957, 0x0, 0x5, 0x0})

1.00092521s ago: executing program 3 (id=4045):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="200000000c000000080001000000000000000000000000000000000000000000f1a9777ad6d6146b1ce71dc9595d0faa36643091d9e7539364cf35d180e44908400a5f9e3b55afd9799a60d6a7bc09c9d6188803982a1fb9ea87cb8d36e25cd6b1f63a94908562ab815c440ff5df27938bcceb795b990d46c8e0ccd690e191665b27f877b616f4c37ab75091fd5b311f8e1701e155d2209022d4d2575d28df350b5c1762379700485bad7d199c61c21138071e21186861"], 0x20}, 0x1, 0x0, 0x0, 0x8060}, 0x4000040)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000180)="5c00000013006bec9e3be35c6e17aa31076b876c1d0000007ea60864160af36507001ac00400020208000c00ffa1000000000000eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0000300000000000200ffffc6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x400c800)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa9525000)
mkdir(&(0x7f0000000080)='./file1\x00', 0x10)
r4 = openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x40100)
fdatasync(r4)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket(0x8, 0x80000, 0x0)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x3, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}}, 0x1c)
bind$inet6(r5, 0x0, 0x0)
r7 = openat$cachefiles(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
sendmmsg$inet6(r5, &(0x7f0000004780)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x1}, 0x1c, &(0x7f0000000580)}}], 0x800026a, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYRES8=0x0])
chdir(&(0x7f0000000300)='./file0\x00')
link(&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
ioctl$FIONREAD(r3, 0x541b, 0x0)
ioctl$BTRFS_IOC_GET_FEATURES(r3, 0x80189439, &(0x7f0000000100))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r9=>0x0})
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001100010026bd7000fbdbdf2500000000", @ANYRES32=r9, @ANYBLOB="0000000000000000cb12e7a95f541ef3c29fa26f305022aa302a2d6487648e88893ec003af9a1fbdd4aafcf02b399ce515f41814be103e4605509b533f6137989b7e05ef3dfc55a475dd4e4b821a0376f579b91370172b3a5a1b3077982ced5a5f5246e229b649033173eb1c66ba8ae3b796c74998a4fda555abd86423cdaf655092a9a25d9b2cbd31a5164ab64df4f33db8027dc6fe4a667319d568c50706"], 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x40)
socket(0x1f, 0x3, 0x4)
recvfrom(r8, &(0x7f0000000140)=""/101, 0x65, 0x10100, &(0x7f00000002c0)=@in6={0xa, 0x4e22, 0x3, @mcast1, 0x3653}, 0x80)

380.663902ms ago: executing program 4 (id=4046):
bind$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x2, 0xfffffffc, @empty, 0x80000001}, 0x1c)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f0000000200)=0x6, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x131100, 0x1)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
r0 = dup(0xffffffffffffffff)
sendto$packet(r0, &(0x7f0000000400), 0xfffffd23, 0x24005010, 0x0, 0x0)
connect$unix(r0, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

380.046139ms ago: executing program 2 (id=4047):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v'], 0x50)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0x1b, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, 0xffffffffffffffff, 0x400}}, 0x48)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x30, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}]}], {0x14, 0x10}}, 0x78}}, 0x0)

306.618708ms ago: executing program 2 (id=4048):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x4)
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$inet6(0xa, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$inet6_icmp(0xa, 0x2, 0x3a)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010100}, {0x2, 0x0, @local}, {0x2, 0x4e24, @broadcast}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
getpid()
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000001200)={'wlan1\x00', &(0x7f0000001100)=@ethtool_rxnfc={0x2a, 0x8, 0x7e1ab084, {0x3, @usr_ip4_spec={@multicast1, @private=0xa010101, 0x53, 0x7f, 0x1, 0x9}, {0x0, @random="7729ba522e59", 0xa, 0x0, [0x5, 0x80000003]}, @hdata="a86b57371eff451fd353517f755532b803741b5b2aade83e68f35d937d79d8993111b4ca75f0612da64df99e636e9cb7eb62b35f", {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 0x9, 0x6, [0x6]}, 0x3, 0x5}}})
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590241c90000002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada32bc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0xff4a}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cdaed167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb1905cfd622f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad71de09d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8f1e267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0)

306.443512ms ago: executing program 4 (id=4049):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x180)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="043ee61e"], 0x9)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020)
socket(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @loopback, 0xbf}, 0x1c)

230.569313ms ago: executing program 4 (id=4050):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x15, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendto$inet6(r0, &(0x7f00000000c0)="1012", 0xfdb9, 0x24000000, 0x0, 0x0)
mprotect(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x9)
recvmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)=""/243, 0xf3}], 0x1}, 0x142)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}}, 0x0, 0x0, 0xf, 0x0, "a1c1dd75a6803e10951cd4b347113e55eb289519becf7542da0bc21470e441225642855b5f2f4bb561dc9363aed4a18d67efd5f2fdf98328de9441031348589b763d46d14810acc5f700"}, 0xd8)
io_setup(0x8, &(0x7f0000004200)=<r4=>0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000580)={0x2020, 0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000029c0)={0x658, 0x0, r5, [{{0x0, 0x2, 0x8001, 0x46, 0xff, 0xfffffffe, {0x6, 0xfa9, 0xfffffffffffffff9, 0xfff, 0x2, 0x3, 0x4, 0x0, 0xed07, 0xa000, 0x8, r6, 0x0, 0x55fd, 0x80000001}}, {0x0, 0x3, 0x6, 0x5, 'vcan0\x00'}}, {{0x6, 0x0, 0x5, 0xffffffffffffffc0, 0x3, 0x200, {0x3, 0x2, 0x94, 0xffffffffffffff01, 0xf, 0x7, 0xffff, 0x2, 0xfffffe01, 0x3000, 0x2, r6, r7, 0x5, 0x4c18}}, {0x0, 0x10001, 0x8, 0xb, '%pB    \x00'}}, {{0x1, 0x0, 0xffffffff, 0x7, 0xf425, 0x2, {0x6, 0x7, 0x2, 0xf, 0xffffffffffffffff, 0x1, 0x2, 0x8, 0x9461, 0xe000, 0x7, r6, r7, 0x8000, 0x1ff8000}}, {0x1, 0xd0a9, 0xa, 0x9a5e, '/dev/cuse\x00'}}, {{0x6, 0x2, 0x5f, 0x4, 0x8, 0x1, {0x0, 0x7, 0x1000, 0xfffffffffffffff9, 0x8001, 0x0, 0x800, 0x80000000, 0xb83, 0xc000, 0x80000001, r6, r7, 0x28a, 0x7}}, {0x5, 0x4, 0x1, 0xa, '\x00'}}, {{0x5, 0x2, 0x8, 0x8001, 0xd, 0x6, {0x1, 0x184, 0x587, 0x8000, 0x8, 0x0, 0xffffffff, 0x6, 0x10, 0x2000, 0xb, r6, r7, 0x80000000, 0xb}}, {0x2, 0x8, 0x1, 0xa2, '('}}, {{0x2, 0x1, 0x9, 0x6, 0xfffffff8, 0x7fff, {0x5, 0x1, 0xc, 0xa, 0x6, 0x6, 0x3, 0x6, 0x7, 0x8000, 0x8, r6, r7, 0x5, 0x3}}, {0x3, 0x2, 0x1, 0x9, ','}}, {{0x6, 0x0, 0x5dd5, 0x3, 0x5, 0x81, {0x3, 0x100000001, 0x5, 0x2, 0x1, 0x2, 0x6, 0x69504f9e, 0x80000000, 0x2000, 0x6, r6, r7, 0x6, 0x5}}, {0x0, 0xfffffffffffffffc, 0x6, 0x4, '&\'.:&('}}, {{0x2, 0x1, 0x401, 0x5, 0x80, 0x4, {0x5, 0x404, 0x5, 0x4, 0x801, 0xff, 0x6, 0xd7a2, 0x7fff, 0x4000, 0x7f, 0x0, 0x0, 0x7fffffff, 0xc6}}, {0x4, 0x100000001, 0x4, 0xf4f, '\\--,'}}, {{0x5, 0x1, 0x7ff, 0x4, 0x3d, 0x7f, {0x6, 0x7, 0x5, 0x3, 0x59ec, 0x5, 0x4, 0xf6c, 0x80000000, 0x4000, 0x80, r6, r7, 0x6, 0x6a4a}}, {0x2, 0x54f, 0x8, 0x3ff, 'nl80211\x00'}}, {{0x5, 0x2, 0x2, 0xffffffffffffd684, 0x7fff, 0x81, {0x5, 0xbe4a, 0x707, 0x4b3, 0x0, 0x3, 0x10001, 0xfffff800, 0x6, 0x4000, 0x4b4cca3e, 0xee00, r7, 0x1, 0x62e2}}, {0x2, 0x101, 0x1, 0x40000003, '\xad'}}]}, 0x658)
r8 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff8)
add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @auto=[0x56, 0x61, 0x65, 0x31, 0xc7, 0x33, 0x39, 0x34, 0x65, 0xb, 0x30, 0x0, 0x31, 0x0, 0x3, 0x62]}, &(0x7f0000000200)={0x0, "9401adf8d49d64300a596667b68ec7805da23819e938ccf6867a42074bc19aee2decd123ca1f0e3637146a9363839bf42a814af72bc26e0d8bbb82388b0bb244", 0x14}, 0x48, r8)
stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
keyctl$chown(0x4, r8, 0x0, r9)
sendmmsg$unix(0xffffffffffffffff, &(0x7f000000cc80)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000540)="44fe5310e953ac1d6e209a9129b11f8ca26d538dcc6af43cefd97b90a0090023d23fcbfaa47b42a34182493723fa445250f4b55e64d09184c7848fcaf0fc0f950156b41f461ef6fd604c3675b0f5b9e15f413b369f2be0fbb468c2e61c76c94c3b40e76b64700f7e99de07389b19538064da87a18184c1ba548ea9a3defe05dd45007ecf31466ef9c380463d84372add57de746f3c5859ab94d9d6cd80364e22a8370ea493e731ea205ab537", 0xac}, {&(0x7f0000000600)="bf4273f5eddb2b46e82834dea0b4c5720b57", 0x12}, {&(0x7f0000000640)="6ebc25bb781e600dfec76dba136a38c0180eb9dd9d1ba4828425beb34d745fa9dd79355523c0f9ae60419fdcb8126c477401af9cc02d353eb52779ca7a8249338c5914ad9efc0e253c9495e9423f04a02c7c0c3dd9476d7d407b2d57ff0a57ebc7e4822775d6f3922a189a020e50dc69b7d7eef49c7c04", 0x77}, {&(0x7f00000006c0)="8e7d5b2b032c4e67bcc35dd9d0700ae4ace293bb52535d9c39e1c0aac80d76313f", 0x21}, {&(0x7f0000000880)="8b4b47d4fefb621abeb0d38434158b3fb5b28cfe7dc36cb20e853100743bedb46f228ba92605abc84966229c1230582ec0f82423ac854925f20e5341c52b0263cee97a5fb549dfaff1006c9c2ed862c2b1c63983b7eab40b6af8178176b8723897eebef03cafb4235765b84ea59a9475915a5524f8c09c3eda042e95d9d7105ea105fef463284900bf2c7865bdf3e99e54779c8146aeefb1673ca49af8f0d1ece116c287171db8776646f6eadea94c4300fcf3e186c2d34a073a0bcb", 0xbc}, {&(0x7f0000000700)="f02d7322929547d2872caf593d1c0f5aac3394cb818efb59cf5cf6b13968a885dfc04b632a2af8ee84c213b9", 0x2c}], 0x6, &(0x7f0000000d40)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r2]}}, @cred={{0x18}}, @rights={{0x34, 0x1, 0x1, [r2, r3, 0xffffffffffffffff, 0xffffffffffffffff, r0, r0, r2, 0xffffffffffffffff, 0xffffffffffffffff, r1]}}], 0x6c, 0x20008004}}, {{&(0x7f0000000dc0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000f80)=[{&(0x7f0000000e40)="1b06881cd6e556483f21be459668658b9e7f72842f0830736e5c21a01bca5903c972e2c467a04743d2e2a66a0d902163c49d622e197c2b9a9b11a06505a93336e9980471b0e489b63793c0c3c2e57a3d02a67d0bfa5fffdb4fd93d0b46", 0x5d}, {&(0x7f0000000ec0)="0589bb6c4c54d53d1d9a13600e90e1fb4a965b36ea845ef124b702762f119334804edfd32cd90abb03e86c934d1217bfca2c71cd38154d2c33c1aed4f068afc075a1ec5eae26b770120ee20b5f49b23375b92e61974befe8d7616a99732c946b40d331855caab24db105e5a119330de19dbe88734ac13e9a4e7d691b3507fa417dd64d76574d0c1833dc1482bd39afa118d9cb2c3c43e6968f6fc5d427b01d6281f9b2b9d1a8bd59cf1438dbc66d0aaf389d545a6700", 0xb6}], 0x2, &(0x7f0000001400)=[@rights={{0x28, 0x1, 0x1, [r2, r0, r3, 0xffffffffffffffff, r1, r0, 0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [r2]}}, @rights={{0x24, 0x1, 0x1, [r1, r3, r2, r2, r1, r2]}}, @rights={{0x14, 0x1, 0x1, [r0, r2]}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [r3, r1]}}, @cred={{0x18, 0x1, 0x2, {0xffffffffffffffff}}}], 0xb4, 0x40}}, {{&(0x7f00000014c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000001540)="eb45cd8e9a676b2740c0d5a9da2e63ec9d0e079186632c14e5d6cb765a7d91243b336d0674dfbf986fc615526756d88d32d253f29b96a37cc990e81deab9b1d25a6c7dca1a79a3330c7502eb8bf674a4ea2fe268998ce85c3136ef9a4fd03ede7885a43d80c3ccee1fc8f68fc758d9f423016bea86298f4bd1d85c2a6694a3ac553b6fa7b60cff73b4b99399909fc4a8c4c53a496bc5f78aa08d7de554a5d44c43e4466255c7aedcc2748877e5d4", 0xae}, {&(0x7f0000001600)="33ec38d551a010cec2157fdeafc951d12406649f6f87c3d5bd61a1669f2afe0921bc6bb979c0cd5b6679f5939ba8f80737e54aa89454406eff7357eb09ef1af9b2061f9157774e429901270a86", 0x4d}], 0x2, &(0x7f0000003880)=[@cred={{0x18}}, @cred={{0x18, 0x1, 0x2, {0x0, 0xee01}}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x1c, 0x1, 0x1, [r0, r3, r3, r0]}}], 0xa8, 0x20004010}}, {{0x0, 0x0, &(0x7f0000003940), 0x0, &(0x7f00000025c0)=ANY=[@ANYBLOB="180000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r2, @ANYBLOB="1c0000000100000001000000", @ANYRES32=r3, @ANYRES32, @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1c0000000100000001000000", @ANYRES32=r2, @ANYRES32, @ANYRES32=r3, @ANYRES32=r0, @ANYBLOB="1895ae2bd5bc75b14e28534fd750e796398c0271dff272ac1ca540a6d0ae5868868c4915554f0a0039b9b73aa334e0152b9fd4437b23ba1d42edd1f3f1bc835ca127779fc70fd334ff06f7fc61556414698dc4f890e9483d39f50cca7b4482237bd57b5065040004e831185d12cd7c0000bf1d9a68dc66916b6498ce539b7c9f871dd899b7b1aaec071285d45187c7d5c78b346e1188c8e5f00e3e57c1a867967bbe1f5322879f28c39214abacae2f1178b56f0f4ae6c688ca42c9ca8ba04af99a", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1c0000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0xb4, 0x80050}}, {{0x0, 0x0, &(0x7f0000003d40)=[{&(0x7f0000003cc0)="8e20a6ebf2cca1e62c8063675df472b0c6ff0a1e02f66ef0330e99890568581cd141392d87d9283ce9e2a04f0a6c3e6b1777a01564d06ec7b07745852524900a54a9d321aaea39733f9cc3a1733f8d1da69be3a44ef739ad67e1ba727bfd59dca72344e9743337dd0b75da9e826b", 0x6e}], 0x1, &(0x7f0000003e40)=[@cred={{0x18}}], 0x18, 0x40800}}, {{0x0, 0x0, &(0x7f00000041c0)=[{&(0x7f00000065c0)="17984da1338ea2efcc46b5fe60fd04df81ebb42df675852a43a15e50e00126dd7ff6223c31f671655d3fe3b2f757fcb607c950b2867a3ca33950f807f84ec94a08c1b7fe13ab3d006d9f9f23cf0d4f3175ad190725faba9a6903b4c1b7f9f86411ca57c6a296f36e06e4a432165928a3898a89a30af9e9882e7f26cc32066472c6c8615f3d5548787f5bf828bb454077356e9bad542693b1211a0ad099a01474377ecb4fa7e8b1f0fa4970b17f4e84c477abb3b83d7603d3c71b9db0314b41ecf841d13f22d015221821cc0f952938d54040cce0214f1f2db56308153788e06fbefbd98edac7448fcc5566065ac5499eb74cbed85a4fe26100ad1fd3e311da79f6121b32e1401eeb632493a5faf5a927017cad689e6715806e2c92c185d684a4953040db55c409cf5da8ea805dfce7d62481e9952c211b0feda1f9c0b6ac738f01a8d9c07ef92531d0eabaadaeaa15006d7f2544ae9afe06c95a4049d1b1580ff4acb202217190e552d999d59ee637f4ca02d23d2ea4fd8859e284aa5f4be5f8fdfff916bba83304f668c78421c6cfbd3c07c9771460b2897a05404de203a5e270c31d6729c65fb152a533f47776b62410b4a0154435620c99d2318d9e1c46808d537318d950b5406e41390f591756880e9ceb5badaec04be66e4a08c8da9e9808dbe63aaf4f2bd4a583a6ce26ff2beba1156fb96bafe4a7055b66c67557fb4c69599a36333be9319156f1cd7d4a0a50af5b431224c7c1d93188288ca29bfe2906974ed4bd74408a1ad9c761b73d138fb94d2a0a948ebb5cc662d70ca3c6588fb8180ced2114ceea9cbad5d9df459f790668afd8d4826834944707c69d615e2d98ba2159d25189ca4c7e58a146d690d9faa9d9a877a79cd387b0297ad7c5c3b6ebec3f04339f095bc73d947b015c02ecc24db18091f84c6c55ef6fbfd3eb10d87ef406dc2352601f281a29105b31351b8f8aca4361e460c9b40766eaee70dbc7ef677a42ac38a368f03d0548e6c7c0cf0a17f67e12c3d8e4c0940e6c15be8a1c5170fc29b1f62740a7de97064d0851d307a3883b6143004cefb054406e3b7362696c6417a21c9fdff0750de615f91b73f71d11d8ac360eb04c2e062219bf370392809b66e239e9d9fafe98bdb6da703f6ad2787024dda2f5ed23efffe998acd28b93dc05d1d81d87b12c6931d1ec640fdc76f0663d0476ce97bb8db9ebb9be958b229b9119f26ecc5827ec02bc468860a94523c0c0e8d2f8f6de3fdd77cb7b260a3b852f6d8076f97c71318777be9be838d4816c254eaef7fcc0fd4b2875eb03959b0e2f7ab7291d570f9c1d69e8eb7e58a439b4762258297a6963fac2b4402ac7418cecb5f1c9b3a34edd05d12665a5cac2a4a9e6a9c0fd4b74e86493ccc0bdcf042eb22745c8cf4c87182f32e57bc6241ae81089637fa146e82c7909f3ebc296240bb201c0f552f222a5ccb6255f83160a82a94c042939b22202ab035c79a9c66b36eb2962777cf2863e603a6f4746a07edb4914a385cf48450660975472791a500d27bf4fb1487994f115fe15844de8fb4c48b4b68022e318f3de89cc38ce6977ad24a12635072589890a04f60a6df1ce34bf58dacba05580b48e9dba708ff7f81ae1350172ecd2be40f71a8b5b3474344519bd28dc3d5c537dd44dcf4e530045c2a380f4394ab1d29adc91c7eef26b4574e2b2e2ebbe645ed5397fc716833979fe0b0600eda4a7d20baad0538d3bd4a1ea049451c45064ccc9b4cb95dd50920ac6d848f004873ae0f0eac095b9820b8084c0aa73b21dbebb47eb1a42bdfabb2af60b63ea83a8bc6ff887ab3f0f7a4d61686c96628aa95a590c933c92ec4fea914c2ee1f06d1a77b76ae973c42b84c1bde948ae0146381000f2531ec48c98b69ca78c403be32caedf4b5469e9277a1ca28b6e6bc09ca0f8ced460507177eeba4d12ee6554967197f0fe08d7a54030eb7b4f5a5bb0d782362baba2c93bf99cee8c3417f941b4c59eed3d6a690df9da626f683ebed7f7600fc1be298fc75de6c7503a17f2dab08e69c5854fc1b2de2acaf1abffa7f6c2d0063f8c85964f5c7a1407d68dd521af43e5516091800727bfc95d3abef4d8f8e483e6b083754b79987659d157850b4b41c295544072667e15251476ec27f7e80148372c185fac994e1d1ab0ff77d490092c5bd9b1d406c0159ff4df6d2ebb13fd12206aba3bec6ad7bcd94e1d5d60152df8375fdebaa137b7118f3a33d7a2edb98e5f1cfeb63482fa88ef6f118e76d192c0293024389a8bb0b29ead31f0bfdd2a14da58544854abbe9e27548d2f60138ec39d9a8b85b0f48ef83df75ff38e8e48939a9c0264514e069c216678bcd32cc909758ce61111829a1bc9d649ba7e11fc0aa54ed5bfdb86132b6f97288e701f71f501d6bc3f141445e21498efce73fd94a65ca30e1bf98047a278164d26ddfee8598f4a907ba0bd4d4849c62f67a0c104c49ae0fe4bf0961fb8e43e6fc067c4caa2c3decb0ed080edccbc738e806248a7943f69a20fc1ba7e5be7b7f7e060419ad4e214bde04e9f059391fc63e26292f56802945879ea89fa8f9d00e56d1b60bbd01dca3a0dc9273e79a7dee26f22b17af9c1eb2a7497f2c9c2d8678224dc2928997e49dd946fb68e7b0daf1a844194904e07154b67f59447daa8aa101b73689a990d62049458cff81f0694ebefb90a6de8d031d71e7200df1f456bd94f61a805fffd8410c690d50fc3866a147a020c3dcafbc8aaab9da93837c25616859eabbfdb55fab8bee756a3b6b7de03e82a11183fca61272db602cf93f403fe4464e49484a5657bb35c2a6cc2f1d372fdfd5f3514053214cc753dacda7d60bf711c6660f20204490c44caf98f2123fd47b7c8d48c61ed6e926cb7483e06d4666930f0b26d1a8e2a54eeec857006e75feea33148d96068ab0d3cc8b40c6a1fd28491a67846c9931460a1aa5357c95cf5bd66ffe3a280a0408687619d974afe63edba63730f4e025e90f2ad17de38c48f790ddd7160c697a9892dbdd4a82b0c27ee154bc1eb27b8e951280b333bb916d8cb2f717aba04c89ef0fe2f8cd26d24f14b05e602a447aeeb79552a116e5a79437b3d1a37651bfc3a44488a5eff3397f88b4c95cc66fb200144374e5bd7e4f346d563c8bf9a34aa430c6aa5f4cb0b440e64fbb8d4b5da56e7d72245fa0c8a53f68dd2ad772f21a7c9cc0262c78d296a8f4529c668aaa0ec44254e105976b0c61a3e8218710641d7c3259358f5682749b16e6629bed5621d2c82a7b2995dd6f5a2d966c4960f1028aa24d5368efd86540d3ced8b8bd824f0e44ccb8a10fdd399877246966b1226c8df04f7c0633895381c5c8230a2a7804baf1007742e5a0bd87ec53662f8b378f0121f4b7108ff9530a4f0bba7b154748377f829325166a58fef89810ab4c37f8031d4db229ad13c9f84f32cea4197853ed668173ca833b1509314fd7fe0c4907123826b1fecead6dd9e1fa565b4b6aff990a9fad6066bae4d1c391fdce3d37b4688f7d97e280481f40fba3efd62cdfd383f9bdc63c5fb60f634c86e68a1a4e7b17459d80264407863a35835d7ad75b3326e59a212264ef73de49251679164734b97e2ce86471bccc74cb8e942f4c700f996aa7b360ead472a31db7f7f6888378a4be38477458e60d53907bdfb493c748cdc064f41f97fd0f8520b9c239f900a38bc5a8977658e5e930aa3d9a7896d176fd423cff050845b937fd42556bd0394efdd1bc750b2352e7141afb6e8cf1242a345010bd0e10fe6f51e4721048111bc1f91b4c0dd3fbb8577138030f9517d5694e1d27f2f7a632d315ceaf20f8dc238c5c55dcab5d4f332143e4e77708f2fc7ee02163082fe25ae6656abfd17c57a4e5882bd67cf7f3278d63c3184e0c80a8c6597b0020dbae21a5ac03e2cb8b766959c293dcb6835332051423aae710de853d22aca83ea71beb9bbdee0726d3dc971ed76b6e400115ae6f0c930271ecd8c857490ce302a5d2b0f139daf81a9dc287243060050700219f1558e2d94543442df1e626e287f83cfe157620cb5352a6be33d59df6917cf22ea603e7cd105cd407c4e5d0a6ae3ed165478d18dbb4aadca45db94677bc55978cd0c01e6fde32c1f20c17185ce61ae892bd04ba8744cf7e03becc71a3799cd6863f4310cd2acdca602a16b5c3fd1da12540cea5a179b0c77463698d993e2670f9b4a8ede1b95b70e0de7d6cdd2f80fe0cbb0da74b17024071fd90d4d873882935552561253ae6b3afec550acf0b83524c1675fbd3c39a3478bbd3a73d39cdef6829e4eed296e503da56c04407a739ce783b3653fba8f369d59775596ea6fd4479b57db83452723ecc20197718deb6cc0a7022ae80d0af149d20d6b694d592edf201ecedbace376da61b1dfe364156b620f261dfd9635f91cf454783a708dbffc3285af97e462aadd9d5197fbf19065c760cef290e36369418c14312c91b1ffbadda031bacfaf11aec4db86109e8a72a1a2ffe88165666c64aa6ca4f5fc14ef0e5f65d809a3be896b6c18f3175b30199e60b5ffce2f723de7debefbf5d4a45f38a55fb0c301a00924e71a5967c9e467c2a31b1fb335d8984bfdeb039e1e852e3d520d60905d818266aa64da181e6948698974997716d5c02859907a11893073ba9bd5e790b68db7fadc6d90b9a24d000c27de8941fcb63089026bcacef64f67cefbc202ddb049befd8b5c8d8619e89582aef203d89a0ba1714545bffe400d1de496e334afc9d5157daf6abe6e77073b4939e15cfb9364490c768aefaa4c99498bb45260cc6fa41e4dee1f1efc24e14c79b811652205212b1ccb14087cfc03ea4bb729ff1aaeb0efefb61ce26156eedd0ece7a4fb264acd884f2cbdcd680a1a364f7312d7cd69aa94b830cdacd7580e3d166c1718d3ecd2a6ca9c6f75d2e2a5303fe9f31d1d3fdb3ba363cc965d8c2bab4b177ed6b0daf6b4eff7c81d52d235c34cfa4011c9662f8b90c6e70d2ffcc0f5a0e9db6d5dd5461be53727e12b1ecd1ab5dba806c24f37bc2c9c5edb9e26343c8c7852fff2cc305fd307446239c095d9b57b5bda4d6b3c43d71d9389dc7052f327fd636b34ed450ded799aa14be9b7cead4040557870645a03796f1b0b67631df4bf6a070e86d1da13beadd920a56fdbde788ce8569e4a1ee787acb6a1ee881cd3f1a911a5ca54178c444b5096cf829e7d19394ab49290dee1d6286966769c4924de1110d259ffac2fc228630ba84cefd2d9d55fc96da873a35d1ae40ecec03b38a152fc3b2cfb69da0fb474a5a347c1656165955f0e9abc8bd41c2e9ee93f2b3d2f12f14343d3e3fce67685a16d87d9854e332bd1b1f5d2f2a858c20609fc4fe34b726678203c6a225b1646de6eedb6ebfe7a6599366c0ced64789da43ca8a32615d88afdf62da5a81c4bbc25d429ce9287749319f35e7ed178adc100703cc00b77669f37c6effc22974775723f6438140df679334d03afb42b2b1c87e0604055e6e7c1c2d482e9f31b1a77ae12a31cdb4338757fe9f67f90ecba480e00a63259c71c9cb3c996da4594349c1b985b67d8f41f841641ba3cdd451cacff1017ad7dad46c2fb7eb9b5333dd60c6a3854d5a768291dae23b1da92cbb90fd37f6ce08de8a98e960dfe7fdc4257bfada3577b805eae19e67d01ca5bdbef76b2ca6ad3427bc395e771b0577dcc6bdbeedd9dea9dcd20cddc5232cf45bb1c8be49f3e64b12a496966af4a350fa065b0cc10303bb306133fc012c4f4aaf007ed9edcac0422f3174e527bdd36a95cea5b70596ce", 0x1000}, {&(0x7f0000003e80)="2e5cac921c10964b29948418f64e6016e356e00a84e6699960093363389ba5b993005574270b31994776233250521ff7b444e8968f8d6ec1c462b44fb262c0dfdba010a90bf8641e6a8ade24f2f853e332b31a039c986e54ee408a3da6badb5a159f7f01d7de7d92e011c7e9b83653c6f54616b4f97a667e66896a6eeb4fdbe02cf436fc8cd2e9248e173dd464995117f27947", 0x93}, {&(0x7f0000003f40)="930a4d9b5435b3b690ad1002ce02ce6078908f9ae35b03b7d297053e43a948e1e973c86463558e7fc8bc678387850a23d9625c2528b16b2c8beedf317dc0e62916e2e1824317f114e968a02c71f12ed921a94748f8c5b78d", 0x58}, {&(0x7f0000003fc0)="e5ccb8c9ef45f64ad80e69e01659898765ced38691ab57b8934bf749a07a00a76399ead2eb", 0x25}, {&(0x7f0000004000)="406c02b04b3192d3ff763d3aae6cf5b9c0a8f8626d52cb2016031c174dbc95072d65ffa10f39c65048aba96466d4f89c072d3e8114bf498eba02ea038dbd1fe0c8cc7a0d1b709c14d2e902f0b3234a64f644563e5e30444d920e7ec30053f4e903080b6bf916ba5a291750b03c2d1747e4906f734abe58fc593c649bbd84909f6f416ea218ccd86ef118affaeb23378b2da5b75b502759784c9b3ba628a3c251481f9ad892", 0xa5}, {&(0x7f00000040c0)="6959e7771c32b442b965de2c685334ec1f6e22d83d013a29ffaa750ce2ae1cc9c26d9a6a12e4a7df19781220d09e8152010b58eff3fe9da3217e707dbd78b2fe8db5e95d86ae3d61767ebc9e08d292e7fe81d34a62576916a56c2aa1257386de6d87c5df2e9d40beef34534ec2efc7293ef41a8e34b5c8027ac4acb493cf86c722425366c64d3b6ff4f72541d141aeab78067e13f9347ab0a19dfcc753a7eea53b4d1ffb99d8e7b365e0c3c86e3154f3f4dd6de85a4d845498597df2e417c345a306358af49a9a6b0d35585d8af0caff43bfa6de1ffdf27afb", 0xd9}], 0x6, &(0x7f00000075c0)=ANY=[@ANYBLOB="100000000100000001000000", @ANYRES32=r1, @ANYBLOB="1c0000000100000001000000", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32, @ANYBLOB="100000000100000001000000", @ANYRES32=r1, @ANYBLOB='\x00'/12, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="1c0000000100000001000000", @ANYRES32=r0, @ANYRES32=r3, @ANYRES32, @ANYRES32=r3, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="1c0000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES32=r0, @ANYBLOB="100000000100000001000000", @ANYRES32=r3, @ANYBLOB="2c0000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r1], 0x104, 0x4}}, {{&(0x7f0000007700)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000008940)=[{&(0x7f0000007780)="87a11de1ab242ef360b37e1f086e68385d9785fc249ae01f969af2e60b4a9af353f9147caa8bada56148", 0x2a}, {&(0x7f00000077c0)="f1f307c866c8dedfe74c83e332c2f1a089b661c0cd03c1d3fcebacb3530fdded6f673a3a3102130ecc34a69fa69a6be54661937a8a86bc83a71edf140611a719243c8ec917f94fbd3e9fee0f70943726e4c4f8f4bad37b2aa9734e7753d9149585e899d7e70371eeb954822097", 0x6d}, {&(0x7f0000007840)="3baee7b87f0fcfa548669617a5c33ec319063260f6c39586077ff6575434a0f88a7db582a33ce907cb627b9a1fb24f221c389788cc2bb86a15ea0b063c73e2d4662501ac6708999db5b625ad6c9ae0b34948a2317283410fa2ce4c0fe2c7f569db50e6367f9f52ae6e8628fd874dbf60d041f4b22179ef5b06f4730d9fbba3907975c21f0dc375472b43e401bd9bc15246335d98bfed8cfccb4dfc3b8ce050b7643b510f6429a46d39a472a6f26b2ec8e5ff1abb2ff26d7d2a8f160508abaf7e6cacf70d222bf615891ff8906d978e7da4bbde2060f0f36b6bc949bc08d9b0c4be0dd8c37e293a873b967af04d84ab111396db3043410fd7df63b835afe1eefd5023495a870b0c8d6e6cc7f072008c4e76121e1eb65a591ec2cbe75d747b3bab880ebd65348199b9f00b411ee8883c1d057b257dfc5e7b1de16f687aca0a8a4a86a562b7a2ed7087406042a308b71df924da2d413315dc41b86361150726491534f98f73e4f1287c81b03302087d052f01e0603a6176bdd2d4cba827a72bef1894645c18bd6230c8e5cc8fc9de874bbe1497c765f3b048404720fe09e19881f4c6ad996cbe77fc7b9c35dcec82e69cf7760a2bcaeb8d3827c3a72aacf9815c5b340f86bcd8119e91ac1df0c98328b41ee6a4098f931e4f91f5a9b5938254a2d818970ed735dd9a7f19112a91c93947a1b7c5d53e8b5c0821d4bf79acb23f2434c77457a93405140cc38b160c458ccf5d648b5e7b5c9b19d9c2140b6d8adde6d2af0a8da9a473de013ca2e0ee6e1b9560e816d7d45f833fd858df1ab2b320af21e1fd70e050788925902fe7bb53dea00f331f7d49ba13dc2adbc281d98a1d8058a70b93ad5103ba24a74e7a06d845e9631b665a853679782ffb77088836a8758fadb76203774a7d89344f65c8d9f64d0b502bed294476cc46b3f1d2cc3cc15bb2e316432e6e8c4dfef66dce6aa4c14bcb3c69df0cefff879e49e844beb4785077475c41ab693d3ca6adeba4b1f9b8e22c9d29c2a836c86da4861f2b8f8427b82e94a8c3175208667bd4daab732e44a6e80c7530cec5c2d965cd154cb77219f0acdc09d439682fc942c647666c17e0070a34e22f869ca1823f9bd9911fb8f50b3b095c9980a653b0a2f9baa57905185a8a8e8e2bed9998df49ca865ee8c81edf536dc0d955fe990b7b6ed2cf68365e31c2b7bd2db4215f4f68884965969d42dbf1337d7a0454c7a14a96a3b3f3da166cf66ac5294a07ab217df08facee8214f07171d8cc8e07d033683b3d96f11173c67a0bd2345f62f2685ff99cc930d36441d4b1b2e38f16b4fd0da7f594da8359ba7f8d115876434ace06615782d590edd67fc4cbdcc3fd187c084f7dea4c3cb9a75158a897a3212710107256124cdde9d07691fa427f0a6791527116e90a16cfe5cdc55b0eb7c79a48ae9cd3e48c0caf386c96a5e1ee46c13d759aa902cf9d0e1166b607d3c0c7a0578ce9f1f45fed733c3c1abb9e08983a332f5d8ca214476c14f1e013eb2c9ff5e4a54caf4e28cda7f173229d6660cb3318f85bf51727210fc0971843fe65b106bbdf3be87f81a75b93f9370e6662b9356c12f49f56aa236c9f407d91f8d79f6ea0635ea2113dd1c0e81c01f76ecebde6ac5e1fd07d1a091774d88848ad2b1146a98c4756ef4911c194a8787bb284d7ec18f88ee0581d0e747474f42efb9ea3f2dfd9d029cf1ff803b2628b20bea97afe6f7654db5e5b1b7a50f1e51e51133d75487880570521f5b1485509baab0eed9fb14560d81fec432af520a27e2386f5d7ae444443e226cb7282c9e408897c4315983f1b6a3d884e577b75d576b1d1eecd60865edf68b647ee8559c3f7b33dfe044705778ea2ee18cfa0d965dc63d4d105dfb94e881c273b009aa899a32a3d350670b980f7227c6c7390fde8526b2b22a499e50da7ac894112bb9ca0ed7d67957b498226a1549762af65c7db679502033c7507ec85be0ea02ea8a99c16129e2a4f10991e031b16562c4b77aa2ce508669c3077e47eb94539e96ae299619dabc41dc2185f16bf26a842834c65a52fd4e42754a142f477f55fea65a7f16f325065443d757c831caa3564fa1c28b56ac6559b7b5f0500cae0700cebc1cab1ad58e471de84b516481795bb2c53273d1a0d0156feaae22a08f25184ffa6d3860e3a3bf3e4553ad91e667f86f20fdb3c7fcdc7121bfa979e40ce7524d73f41b239afea6ad6af04482ca46fef3fdd015a9ad5640e15ba5b8adb7fd7e84631d3a75b6e3b625850d0379233f721ce5f03a85bf1d87eb40c8c64832e2ca4e027a3ca40b1ed601a348e10774a98537871a474ad4508ec0833731b01410a9eeb7f827a702e3d366bd2938e9a057ab42088bc8843b2930ff55d486c2ce8be489f6d14108db03c7e948b6cfca5db54fa81832598c74fb280fcfd00de9766813b3bbb5bcc08e909503a4940989f9b62ff2ae239e946d1be06a89b178ec1ed6a1e80fb14978327ac02fa9b30831bd4f7e4e5740a78dcbf9f8dfd25dba56059d82964a4cfdac2f2fa1a4e8d8b3a471766c5f9f4d4cf25b12c1accb57e0af8166932e87d2f99e6f9cb368870d6f5fa5b48c616bc5e92c6772532e256070a6a2155b8454898ac698874165375927a761eaacc09e9aff72e5146eaa79c94b35d5ea579ebb2688d259e0771bdd077caedd286a719b69d549c2f7f4de77813f6c6bf381eac3b6958b1ab494ff180c216091911ab78515be64e41331cf0b95ab0b5d606145dba2ce6c578b804c975546be9985c4f4588c07f3cb055d563a2331985e7ed0f962270a2ff5ccbfb03239f5475f916e7031722f1cf0b257f5826cffea63fca0aa8c7f94c877120cfa0c79f32a41819b6952b27fa9fe9c4dc79df19e9c855bd62c67ed6a824a1dc61a65c3c9acb099c5c76c94afeaea7194ebb90820230a701cc6deb63061f8bf66a8f49389bb42d7a634e113299603b9547958e71a0d56a673487e16e0bebabe903b6986d4f21ffdd820b6c86b3ba6bde73c035a09b6dc8a3aa73dc6fbe3169442b3fe275b219dde49888c6eee75becb1226b556eb79862f65de65a69d704869955fdebc13f9a36ae78fcad96042d16ba5f0a4d0a9d96e00157dc4cf9b7558aa38c6dc0f1ede3acf7d474606287d89df66c1156dad89a153c3c76e852013129106f09f2b2aa631d3a66813b971ee80748d32f773fa096809801668591931f0d419051ecb5690320f4ea9364503dfe1b81162ce933cb1b6360b924a93cb5aadb685968e6dbbfc51d503fe5ec169df8d622d95fa63ad4014d45d817d19652e8b8f75498fb29219d92a72cafa7d4a9d8de919f05a7d7f9891f4bfb5f63a8b6c10d3d8fe3c5118d74cd4e4da8925a4bca8a38e629923dcea9f9294126db4749a5b5862d014c70e7b2d48d9d9e47ac956f5e8311e0beec6dc8820fcd16b860d4e027233993414a6812e0290d1a45ed304e29b97cac04f52c61f0eef3c1945a008da22c0dd59cc881bc41ad0b418c4327099b744b2801734f4b8826e286dcee8726e00fb43c8820c7aa21bc56f3133def30b177f7e81ce879699c3be7a2eb9348ca31573a53f18d48b9a82b1153c26ce0d4522a324aab9c6b3f093551a5bf4b15b5b6204a8b80551c6377b2a541e429786500b0ccfb9bff61a7b22de662568e15f9c3d225fdfefbb0cd173448ef3ac2665d0d37507a67f9cf61679d4ff4a8f35c1bf9ad3266a5da7c11a3d5e026875d479f86eab76ffcafdae2323015cb7e3a7eeda6ecdf43652c09d746569f0b71daf6f0bf0341be834ea18fb3a0fb88014ecc2066c8135a185aa19a43e65ede4851c010756fb9c804e120d27a14b1ef8950d8db382c70141954162b3f72fa604748156c6c15ed437537354960eb20e8b14a74914ec6b42d9eb38d2c3021aea874c44a74d7037a09ab40b82aa17ea3b15ceb4175ca0674e3aa5c83af1814379438efc15f849161875e8e2429bb00075d4d7ac16b78de97f23c987f1837deaab2074724b3ac2331a06659ef32a0b3288e94e65aa17570babeae46637ee219ae22f975761d4297019d3c9e923066199ace81cde1739f9e883c30d1fdf0555230b444e6f1789c0fda1b9971f5df715cf98a633c082308df539d4abc74f832721601e11b32550f7f4c857e392d561c1e6d71a2c3c2aee8139c3ce7a5ec3437df4fa25dab27aab105ceba3112e3c1e63f45c287ff13ce4d05527eda9156ee21c7bc4349d41a63141e550252e8fe10558199d5a890edcaf2991639b45de90ad6fd8a689446bad3145fa6731a0b7c0f3cfe37660949a471971196bc5413529853ae99e89e8d3a6a2e46b279d8d6be749e0cd5ccef397d638b9266fe4fdf4b65d6c64194a174835ce0c30799668be4083e1a6487a18f6d04c36060bac12e0311eef7a73ccb83160c186d58d7a727b0ffbac9bb9ab6413fa8757cebf32b84583a5c776d5d3a62a1349dd2e834d99b110725a7f7f0005a9ba898e69b5b70b6d56c91179ddeb3dba108d4d4dbef9cab63272519d46d90f715f527357c4a812e07458a650ea8330821cfe6388e0336b70654d186d4f895bac62058e46b7394ad248696c766cc1fce9e99b904744f2eb574881e36933b7dc7c2c150f361ba2e5bbf4466f58c0aaf9e81acce33589a8855ed9daad1868bb66066219b27b9bfcebba6c0f69bdd80b8c9591ae050d99b9e74e6cdad049d2238776872979e5bccceef02fde7986d1d1505a5e97879d5db368528ab51f7aff2de1505d12395f0a54cf3b81529ecc3d94beb0344073d6a0bfa7958a49092a804270df9e1128d5002332bd7c814f25ef48a77a1c33ad70449814fad133a63d4bad7fbcd1a1335c424cd59b348e5d05aff37240e48ccca8701b460e87620baa632c40e7d16788e928935002a4540d43ccde20715578d29d3b9e9135f6d5e25339076157cc16d6f75bed433a75ca7023b18de8732622f33ff05e48a8d95e39051c90828f2a7790ca2be0ba2ada7fb34387556af1cd2409c78e0f45cb1dc63d4662fce714d69bf6b70403f7489247dfa74e336dd0b182769e2ebd1b17c8dff3b5d647fcc98a71f32cfb42cf46208946a47e6f753db7c90eca0aeb4cc00577e816e15ae02cf97838fb28939208fffa8db5f433999e81a30ca090ab1c903f5136153cc22ef5d9b569df9be1f4d12ac53297b479161782728c50629d8f19f75d5eabf4d2e07da2c55a0d55429cdb584da7cf8752e5b57aedd1ace2bb0b261f1634957fb8fa428d1a92c84482fb872d76dc7f772b6db1a9684d1653ab1e5ffe50ffc6ef20f22b08ad3781dfe3d414ebbe5cb826df217491a9356a44f59e53bcd049ef23b737a30cb49cb8e70bcbaf61fad806f04a4aa30c67b54fb3f6a6fcad2c1cfa1c86c6ba54408bde7fa0efba13b42727d9a38f04134a24d6ea7f746c85aab51f3099dfdfe64fc92dc7699f538135465087d331e6551ac9382fd69a17d813f28a5c5aeba142b6ff2a7ce097411674c0b8b1eb42fae9ecbdb2a3ade26bd3ad12e6716a49fba8441ea89d7c65889f990f0e10b967c093deb2f389732061abfb1f14cb4bef9d40fc68392d418dbee870d4207d452d3f053a62b7c0cd95178067b896fd78b342c7b43cdc01b1f68c78bde2623a2e793e9300e13377ec2885d026916cb1f7fafbc2d23d4d3996588ae13d76df1f96ab0e5ea61d8c19f4deb55891fb9855a68bf325c4f587b71a80d2e209d5e9e296081c2fc95d1cc43d1a43017da53b3331322c1a9550edd303f94b50ba7fe9d84d082c3326edb76d00d6d6900617502f3af", 0x1000}, {&(0x7f0000008840)="a3180b43da9ea26f5de66ad290d05f2e97fc98c101278b1ba4a52e10a525c5df5d4e528da0164978b5779dfc74cb8c55c8e8d29b2bba51743cb33a5a8f02986e093b1b69af674a3a3445129ef4b0b8e1ed23d65b8942e68835ee5560d72e242970bbe3658c950eaf2af9d84307997664fc663246a118326d087c57b5d7226b74e358b5b52c695121e2dbcda870744e5d454cd872e4235ddbed31f34691442e3fce08d157ccd434b12be45d5d81f7d6", 0xaf}, {&(0x7f0000008900)="fdac8a04fd83fd97ba1f0045dd3b8a372cea6c02703005172fb4b5c06d0f771d832b230afe926af4592d", 0x2a}], 0x5, &(0x7f000000cc00)=[@cred={{0x18}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @cred={{0x18, 0x1, 0x2, {0x0, r6, r9}}}], 0x48, 0x10}}], 0x7, 0x1)
r10 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r11 = socket$netlink(0x10, 0x3, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
sendmsg$nl_route_sched(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x70, 0x30, 0xffffffffffffffff, 0x70bd2b, 0x0, {}, [{0x5c, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8, 0x5, r12}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendmsg$nl_route_sched(r13, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_submit(r4, 0x1, &(0x7f0000004540)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x0, r10, 0x0}])
mq_open(&(0x7f00000002c0)='-.{\x00', 0x40, 0x80, &(0x7f0000000440)={0x9, 0xd78e, 0x5, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x14, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x40000000}, 0x50)

230.378742ms ago: executing program 2 (id=4051):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000000280)=""/186, 0xba)
file_getattr(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x18, 0x100)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x500000c, 0x40010, r1, 0xcbb30000)
r2 = syz_open_dev$vbi(&(0x7f00000001c0), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_ENUMINPUT(r2, 0xc04c561a, &(0x7f0000000040)={0x5, "096ceba8fd427bc6f3b1869649d6b2199f38beca3dc5a18f782758dc75c8d582", 0x2, 0x7, 0x3, 0x20000, 0x2000100, 0x8})
getxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00', &(0x7f0000000200)=""/14, 0xe)

230.247199ms ago: executing program 2 (id=4052):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
getrandom(0x0, 0x0, 0x3)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000680)=""/235, 0xeb, 0x10002)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r4, 0xc00464c9, &(0x7f0000000040))
sched_setaffinity(r0, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0)
mremap(&(0x7f00007ca000/0x800000)=nil, 0x800000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)

0s ago: executing program 4 (id=4053):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000040)={'filter\x00', 0x7, 0x4, 0x3f8, 0x210, 0x100, 0x100, 0x310, 0x310, 0x310, 0x4, 0x0, {[{{@arp={@dev, @multicast1, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_hsr\x00', 'syz_tun\x00', {}, {}, 0x2}, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "e22a239a6bb651a9837df08bc7f880efe7126f5d56b33dd54f5db150ee26"}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @mac=@broadcast, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@arp={@local, @local, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'batadv_slave_1\x00', 'erspan0\x00'}, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "9695d92849c79fac2d070731112f73924a493f1567e5d8b4cd2c5f35f67b"}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x448)
r1 = openat$sysfs(0xffffff9c, 0x0, 0x0, 0x0)
finit_module(r1, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x35}}, 0x6}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c)
r3 = fcntl$dupfd(r2, 0x0, r2)
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e40)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x20004880}, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg(r3, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000040)='&', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000016c0)='\x00', 0x1}], 0x1}}], 0x2, 0x4000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffd000/0x3000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/227, 0xe7, 0x1, 0x0}, &(0x7f00000001c0)=0x40)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x10f, 0x4})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
dup3(r5, r4, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xffffffffffffff67, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000001c0)={0x70, 0x0, &(0x7f0000000480)=[@exit_looper, @decrefs={0x40046307, 0x2}, @acquire_done={0x40106309, 0x3}, @exit_looper, @decrefs={0x40046307, 0x2}, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x14917b7a30e022c0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000240)={@flat=@weak_binder={0x77622a85, 0x0, 0x2}, @flat=@handle={0x73682a85, 0x1000, 0x2}, @flat=@weak_handle={0x77682a85, 0x100, 0x1}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

  559.043821][ T7798] usb 7-1: SerialNumber: syz
[  559.047013][ T7798] usb 7-1: config 0 descriptor??
[  559.056157][ T7798] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  559.130686][T14820] usb 6-1: Using ep0 maxpacket: 32
[  559.133681][T14820] usb 6-1: no configurations
[  559.135229][T14820] usb 6-1: can't read configurations, error -22
[  559.270082][T14820] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  560.887868][T16991] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  561.031439][T14820] usb 6-1: Using ep0 maxpacket: 32
[  561.034929][T14820] usb 6-1: no configurations
[  561.036550][T14820] usb 6-1: can't read configurations, error -22
[  561.038838][T14820] usb usb6-port1: attempt power cycle
[  561.397102][T14820] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  561.419081][T14820] usb 6-1: Using ep0 maxpacket: 32
[  561.421497][T14820] usb 6-1: no configurations
[  561.423134][T14820] usb 6-1: can't read configurations, error -22
[  561.557458][T14820] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  561.579398][T14820] usb 6-1: Using ep0 maxpacket: 32
[  561.581539][T14820] usb 6-1: no configurations
[  561.583328][T14820] usb 6-1: can't read configurations, error -22
[  561.585748][T14820] usb usb6-port1: unable to enumerate USB device
[  562.569274][ T1021] usb 7-1: USB disconnect, device number 19
[  562.585358][ T1021] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  562.634285][T17014] program syz.2.3302 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  563.273995][T17021] netlink: 830 bytes leftover after parsing attributes in process `syz.4.3305'.
[  563.529799][T17034] FAULT_INJECTION: forcing a failure.
[  563.529799][T17034] name failslab, interval 1, probability 0, space 0, times 0
[  563.534508][T17034] CPU: 1 UID: 0 PID: 17034 Comm: syz.1.3308 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  563.534527][T17034] Tainted: [L]=SOFTLOCKUP
[  563.534531][T17034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  563.534538][T17034] Call Trace:
[  563.534543][T17034]  <TASK>
[  563.534547][T17034]  dump_stack_lvl+0x100/0x190
[  563.534571][T17034]  should_fail_ex.cold+0x5/0xa
[  563.534583][T17034]  should_failslab+0xc2/0x120
[  563.534598][T17034]  __kmalloc_cache_noprof+0x80/0x810
[  563.534614][T17034]  ? kasan_quarantine_put+0x104/0x240
[  563.534624][T17034]  ? alloc_fs_context+0x57/0xf40
[  563.534640][T17034]  ? alloc_fs_context+0x57/0xf40
[  563.534653][T17034]  alloc_fs_context+0x57/0xf40
[  563.534669][T17034]  __ia32_sys_fsopen+0xef/0x230
[  563.534685][T17034]  __do_fast_syscall_32+0xe3/0x8c0
[  563.534704][T17034]  do_fast_syscall_32+0x32/0x70
[  563.534715][T17034]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  563.534729][T17034] RIP: 0023:0xf7f74579
[  563.534738][T17034] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  563.534749][T17034] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 00000000000001ae
[  563.534761][T17034] RAX: ffffffffffffffda RBX: 0000000080000140 RCX: 0000000000000001
[  563.534768][T17034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  563.534774][T17034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  563.534781][T17034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  563.534787][T17034] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  563.534801][T17034]  </TASK>
[  563.595388][T17039] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3309'.
[  563.625897][T17039] bond0: left promiscuous mode
[  563.627493][T17039] bond_slave_0: left promiscuous mode
[  563.629398][T17039] bond_slave_1: left promiscuous mode
[  563.737232][T17054] fuse: Bad value for 'fd'
[  563.748326][T17054] dlm: no local IP address has been set
[  563.751937][T17054] dlm: cannot start dlm midcomms -107
[  564.391140][T17062] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3315'.
[  564.659320][T17068] netlink: 'syz.1.3317': attribute type 1 has an invalid length.
[  564.935322][T17075] overlay: Unknown parameter '/'
[  566.603423][ T7620] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  566.730147][T17106] bridge0: port 3(erspan0) entered blocking state
[  566.738124][T17106] bridge0: port 3(erspan0) entered disabled state
[  566.740737][T17106] erspan0: entered allmulticast mode
[  566.744516][T17106] erspan0: entered promiscuous mode
[  566.746631][T17106] bridge0: port 3(erspan0) entered blocking state
[  566.748541][T17106] bridge0: port 3(erspan0) entered forwarding state
[  566.753679][T17106] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3329'.
[  566.767490][ T7620] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  566.771066][ T7620] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  566.774102][ T7620] usb 9-1: Product: syz
[  566.776100][ T7620] usb 9-1: Manufacturer: syz
[  566.778009][ T7620] usb 9-1: SerialNumber: syz
[  566.793888][ T7620] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  566.824727][ T7620] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  566.986860][T17110] loop5: detected capacity change from 0 to 7
[  566.990288][T17110] buffer_io_error: 25 callbacks suppressed
[  566.990304][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  566.996500][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.000038][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.003345][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.006571][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.011000][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.014192][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.017307][T17110] ldm_validate_partition_table(): Disk read failed.
[  567.020092][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.023499][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.026318][T17110] Buffer I/O error on dev loop5, logical block 0, async page read
[  567.028947][T17110] Dev loop5: unable to read RDB block 0
[  567.030919][T17110]  loop5: unable to read partition table
[  567.033108][T17110] loop5: partition table beyond EOD, truncated
[  567.035530][T17110] loop_reread_partitions: partition scan of loop5 (úùƒå¡™‰ü�¾SêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[  567.720267][T17124] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3336'.
[  568.185646][ T7620] usb 9-1: Service connection timeout for: 256
[  568.187639][ T7620] ath9k_htc 9-1:1.0: ath9k_htc: Unable to initialize HTC services
[  568.233857][ T7620] ath9k_htc: Failed to initialize the device
[  568.271758][ T7620] usb 9-1: ath9k_htc: USB layer deinitialized
[  568.494561][T17130] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  568.509325][ T7620] usb 9-1: USB disconnect, device number 5
[  568.597937][T17133] sctp: [Deprecated]: syz.2.3339 (pid 17133) Use of struct sctp_assoc_value in delayed_ack socket option.
[  568.597937][T17133] Use struct sctp_sack_info instead
[  569.008877][ T7798] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  569.179859][ T7798] usb 7-1: Using ep0 maxpacket: 16
[  569.234330][T17151] bridge0: port 1(erspan0) entered blocking state
[  569.265476][T17151] bridge0: port 1(erspan0) entered disabled state
[  569.276298][T17151] erspan0: entered allmulticast mode
[  569.299210][ T7798] usb 7-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  569.302202][T17151] erspan0: entered promiscuous mode
[  569.303937][ T7798] usb 7-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  569.306426][ T7798] usb 7-1: Product: syz
[  569.307735][ T7798] usb 7-1: Manufacturer: syz
[  569.313290][T17151] bridge0: port 1(erspan0) entered blocking state
[  569.313312][ T7798] usb 7-1: SerialNumber: syz
[  569.315300][T17151] bridge0: port 1(erspan0) entered forwarding state
[  569.329853][T17152] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3344'.
[  569.338775][ T7798] usb 7-1: config 0 descriptor??
[  569.428608][T17151] FAULT_INJECTION: forcing a failure.
[  569.428608][T17151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  569.432586][T17151] CPU: 1 UID: 0 PID: 17151 Comm: syz.4.3344 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  569.432605][T17151] Tainted: [L]=SOFTLOCKUP
[  569.432609][T17151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  569.432617][T17151] Call Trace:
[  569.432621][T17151]  <TASK>
[  569.432627][T17151]  dump_stack_lvl+0x100/0x190
[  569.432646][T17151]  should_fail_ex.cold+0x5/0xa
[  569.432659][T17151]  _copy_from_user+0x2e/0xd0
[  569.432672][T17151]  get_compat_msghdr+0xb3/0x4b0
[  569.432685][T17151]  ? __pfx_get_compat_msghdr+0x10/0x10
[  569.432696][T17151]  ? rcu_is_watching+0x12/0xc0
[  569.432711][T17151]  ? __lock_acquire+0x4a5/0x2630
[  569.432724][T17151]  ___sys_recvmsg+0x193/0x1a0
[  569.432741][T17151]  ? __pfx____sys_recvmsg+0x10/0x10
[  569.432759][T17151]  ? find_held_lock+0x2b/0x80
[  569.432779][T17151]  ? __pfx___might_resched+0x10/0x10
[  569.432795][T17151]  do_recvmmsg+0x563/0x760
[  569.432813][T17151]  ? __pfx_do_recvmmsg+0x10/0x10
[  569.432829][T17151]  ? finish_task_switch.isra.0+0x20e/0xb80
[  569.432846][T17151]  ? finish_task_switch.isra.0+0x205/0xb80
[  569.432862][T17151]  ? rcu_is_watching+0x12/0xc0
[  569.432876][T17151]  ? trace_sched_exit_tp+0xcd/0x100
[  569.432897][T17151]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  569.432918][T17151]  __sys_recvmmsg+0x21f/0x270
[  569.432932][T17151]  ? __pfx___sys_recvmmsg+0x10/0x10
[  569.432948][T17151]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  569.432962][T17151]  ? __do_fast_syscall_32+0x94/0x8c0
[  569.432980][T17151]  ? lockdep_hardirqs_on+0x78/0x100
[  569.432996][T17151]  __do_fast_syscall_32+0xe3/0x8c0
[  569.433015][T17151]  do_fast_syscall_32+0x32/0x70
[  569.433025][T17151]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  569.433039][T17151] RIP: 0023:0xf70cd579
[  569.433048][T17151] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  569.433059][T17151] RSP: 002b:00000000f549c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  569.433070][T17151] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080001140
[  569.433077][T17151] RDX: 0000000000000700 RSI: 0000000000000002 RDI: 0000000000000000
[  569.433084][T17151] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  569.433090][T17151] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  569.433096][T17151] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  569.433109][T17151]  </TASK>
[  569.596162][ T1021] usb 7-1: USB disconnect, device number 20
[  569.994186][T17174] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3350'.
[  570.526901][ T1021] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  570.708636][ T1021] usb 7-1: Using ep0 maxpacket: 8
[  570.718447][ T1021] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  570.722097][ T1021] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  570.725583][ T1021] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  570.738165][ T1021] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  570.742210][ T1021] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  570.746203][ T1021] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  570.749055][ T1021] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.954123][T17192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  571.020605][T17200] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 786440, id = 0
[  571.601376][T17209] veth0_to_bridge: entered promiscuous mode
[  572.136816][T17177] veth0_to_bridge: left promiscuous mode
[  572.948256][ T7620] usb 7-1: USB disconnect, device number 21
[  573.125879][T17211] block nbd3: shutting down sockets
[  573.841044][ T1021] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  573.908395][T17222] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3366'.
[  574.969637][ T1021] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  574.972523][ T1021] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.975922][ T1021] usb 6-1: Product: syz
[  574.977258][ T1021] usb 6-1: Manufacturer: syz
[  574.978762][ T1021] usb 6-1: SerialNumber: syz
[  574.983245][ T1021] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  574.994053][T13580] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  575.967253][T17249] bridge0: port 2(ipvlan0) entered blocking state
[  575.970446][T17249] bridge0: port 2(ipvlan0) entered disabled state
[  575.972998][T17249] ipvlan0: entered allmulticast mode
[  575.974857][T17249] bridge0: entered allmulticast mode
[  575.979815][T17249] ipvlan0: left allmulticast mode
[  575.982340][T17249] bridge0: left allmulticast mode
[  576.024932][T17248] bridge0: port 2(ipvlan0) entered blocking state
[  576.027826][T17248] bridge0: port 2(ipvlan0) entered disabled state
[  576.030842][T17248] ipvlan0: entered allmulticast mode
[  576.034053][T17248] bridge0: entered allmulticast mode
[  576.037927][T17248] ipvlan0: left allmulticast mode
[  576.039996][T17248] bridge0: left allmulticast mode
[  576.070677][T17245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  576.075148][T17245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  576.150320][T13580] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  576.154297][T13580] ath9k_htc: Failed to initialize the device
[  576.190172][T13580] usb 6-1: ath9k_htc: USB layer deinitialized
[  576.196710][ T1021] usb 6-1: USB disconnect, device number 18
[  577.896313][T17282] kvm: pic: non byte write
[  579.305380][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  579.307417][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  580.544388][T17326] kvm: pic: non byte write
[  582.926826][T17359] kvm: pic: non byte write
[  582.962514][T17363] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 786440, id = 0
[  582.967157][T17362] IPVS: stopping backup sync thread 17363 ...
[  583.200357][T17370] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3411'.
[  583.235713][T17374] syzkaller1: entered promiscuous mode
[  583.237656][T17374] syzkaller1: entered allmulticast mode
[  583.751224][T13580] page_pool_release_retry() stalled pool shutdown: id 58, 9 inflight 120 sec
[  584.160878][T17389] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3415'.
[  584.164173][T17389] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3415'.
[  584.346653][T17392] mkiss: ax0: crc mode is auto.
[  585.902355][   T40] kauditd_printk_skb: 231 callbacks suppressed
[  585.902366][   T40] audit: type=1326 audit(1770801340.718:3877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  585.918282][   T40] audit: type=1326 audit(1770801340.727:3878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  585.958466][T17424] binder: 17423:17424 ioctl 4020aed2 80000280 returned -22
[  586.493548][   T40] audit: type=1326 audit(1770801340.727:3879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  586.878162][   T40] audit: type=1326 audit(1770801340.727:3880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  586.905881][   T40] audit: type=1326 audit(1770801340.727:3881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  586.912655][   T40] audit: type=1326 audit(1770801340.727:3882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  586.919901][   T40] audit: type=1326 audit(1770801340.727:3883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  586.927192][   T40] audit: type=1326 audit(1770801340.727:3884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  586.934061][   T40] audit: type=1326 audit(1770801340.727:3885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  586.940912][   T40] audit: type=1326 audit(1770801340.727:3886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17423 comm="syz.3.3426" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  587.146129][T17453] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  587.148321][T17453] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  587.154414][T17453] vhci_hcd vhci_hcd.0: Device attached
[  587.179692][T11843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.182514][T11843] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.252133][T17453] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  587.443092][ T7798] usb 40-1: SetAddress Request (18) to port 0
[  587.445780][ T7798] usb 40-1: new SuperSpeed USB device number 18 using vhci_hcd
[  588.271884][T17453] Invalid argument reading file caps for ./file0
[  588.388690][T17465] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3438'.
[  588.548259][T17454] vhci_hcd: connection reset by peer
[  588.550267][T11847] vhci_hcd vhci_hcd.1: stop threads
[  588.552497][T11847] vhci_hcd vhci_hcd.1: release socket
[  588.554793][T11847] vhci_hcd vhci_hcd.1: disconnect device
[  589.457823][ T6027] usb 6-1: new full-speed USB device number 19 using dummy_hcd
[  590.944543][ T6027] usb 6-1: unable to read config index 0 descriptor/start: -71
[  590.960031][ T6027] usb 6-1: can't read configurations, error -71
[  592.907401][ T7798] usb 40-1: device descriptor read/8, error -110
[  593.341545][ T7798] usb usb40-port1: attempt power cycle
[  593.608816][T17559] FAULT_INJECTION: forcing a failure.
[  593.608816][T17559] name failslab, interval 1, probability 0, space 0, times 0
[  593.612786][T17559] CPU: 3 UID: 0 PID: 17559 Comm: syz.4.3468 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  593.612806][T17559] Tainted: [L]=SOFTLOCKUP
[  593.612810][T17559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  593.612818][T17559] Call Trace:
[  593.612833][T17559]  <TASK>
[  593.612838][T17559]  dump_stack_lvl+0x100/0x190
[  593.612869][T17559]  should_fail_ex.cold+0x5/0xa
[  593.612882][T17559]  should_failslab+0xc2/0x120
[  593.612896][T17559]  kmem_cache_alloc_noprof+0x83/0x780
[  593.612907][T17559]  ? stack_trace_save+0x8e/0xc0
[  593.612923][T17559]  ? alloc_empty_file+0x55/0x1c0
[  593.612940][T17559]  ? alloc_empty_file+0x55/0x1c0
[  593.612953][T17559]  alloc_empty_file+0x55/0x1c0
[  593.612967][T17559]  path_openat+0xe8/0x31a0
[  593.612978][T17559]  ? kasan_save_track+0x14/0x30
[  593.612989][T17559]  ? __kasan_slab_alloc+0x89/0x90
[  593.613000][T17559]  ? kmem_cache_alloc_noprof+0x2ad/0x780
[  593.613011][T17559]  ? do_getname+0x35/0x390
[  593.613025][T17559]  ? do_sys_openat2+0xc5/0x1e0
[  593.613039][T17559]  ? __ia32_compat_sys_openat+0x12d/0x210
[  593.613054][T17559]  ? do_int80_emulation+0x141/0x6b0
[  593.613075][T17559]  ? __pfx_path_openat+0x10/0x10
[  593.613103][T17559]  do_file_open+0x20e/0x430
[  593.613118][T17559]  ? __pfx_do_file_open+0x10/0x10
[  593.613139][T17559]  ? _raw_spin_unlock+0x28/0x50
[  593.613154][T17559]  ? alloc_fd+0x476/0x790
[  593.613169][T17559]  do_sys_openat2+0x10d/0x1e0
[  593.613185][T17559]  ? __pfx_do_sys_openat2+0x10/0x10
[  593.613199][T17559]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  593.613219][T17559]  ? __fget_files+0x21f/0x3d0
[  593.613232][T17559]  __ia32_compat_sys_openat+0x12d/0x210
[  593.613249][T17559]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  593.613265][T17559]  ? ksys_write+0x1ac/0x250
[  593.613296][T17559]  ? rcu_is_watching+0x12/0xc0
[  593.613313][T17559]  do_int80_emulation+0x141/0x6b0
[  593.613334][T17559]  asm_int80_emulation+0x1a/0x20
[  593.613348][T17559] RIP: 0023:0xf720572b
[  593.613358][T17559] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  593.613369][T17559] RSP: 002b:00000000f54bd3cc EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  593.613381][T17559] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f54bd490
[  593.613388][T17559] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  593.613394][T17559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  593.613401][T17559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  593.613418][T17559] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  593.613433][T17559]  </TASK>
[  593.705482][T17570] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  593.719680][T17570] block device autoloading is deprecated and will be removed.
[  594.012637][ T7798] usb usb40-port1: unable to enumerate USB device
[  594.301438][T17592] syzkaller0: entered allmulticast mode
[  594.303949][T17592] syzkaller0: entered promiscuous mode
[  594.478465][T17596] binder: BINDER_SET_CONTEXT_MGR already set
[  594.480526][T17596] binder: 17595:17596 ioctl 4018620d 80000040 returned -16
[  594.484066][T17596] binder: 17595:17596 ioctl c0303e03 80000280 returned -22
[  595.098336][T17589] syzkaller0: left promiscuous mode
[  595.125208][T17589] syzkaller0: left allmulticast mode
[  595.350860][T17638] tap0: tun_chr_ioctl cmd 1074025673
[  596.364927][T17650] overlayfs: invalid origin (0000)
[  596.434891][   T40] kauditd_printk_skb: 50 callbacks suppressed
[  596.434907][   T40] audit: type=1326 audit(1770801350.558:3937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.454431][T17658] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3498'.
[  596.462328][   T40] audit: type=1326 audit(1770801350.558:3938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.470997][   T40] audit: type=1326 audit(1770801350.558:3939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.492747][   T40] audit: type=1326 audit(1770801350.558:3940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.510403][   T40] audit: type=1326 audit(1770801350.558:3941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.523474][   T40] audit: type=1326 audit(1770801350.558:3942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.537212][   T40] audit: type=1326 audit(1770801350.558:3943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.543939][   T40] audit: type=1326 audit(1770801350.567:3944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.550750][   T40] audit: type=1326 audit(1770801350.567:3945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.557954][   T40] audit: type=1326 audit(1770801350.567:3946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17653 comm="syz.3.3496" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fed598 code=0x7ffc0000
[  596.686549][T17667] kvm: pic: non byte write
[  596.694866][T17667] kvm: pic: non byte write
[  596.700673][T17667] kvm: pic: level sensitive irq not supported
[  596.700960][T17667] kvm: pic: non byte write
[  596.708765][T17667] kvm: pic: non byte write
[  596.715973][T17667] kvm: pic: non byte write
[  596.722026][T17667] kvm: pic: non byte write
[  596.731711][T17667] kvm: pic: non byte write
[  596.734039][T17667] kvm: pic: non byte write
[  596.749108][T17667] kvm: pic: non byte write
[  596.758837][T17667] kvm: pic: non byte write
[  596.767341][T17667] kvm: pic: level sensitive irq not supported
[  596.772854][T17667] kvm: pic: single mode not supported
[  596.775321][T17667] kvm: pic: level sensitive irq not supported
[  596.784152][T17654] ip6erspan0: entered allmulticast mode
[  596.942293][T17672] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3502'.
[  596.945549][T17672] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3502'.
[  597.320455][T17679] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  597.322581][T17679] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  597.329336][T17679] vhci_hcd vhci_hcd.0: Device attached
[  597.371955][T11843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  597.374615][T11843] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  597.455544][T17679] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  597.495186][T17679] Invalid argument reading file caps for ./file0
[  597.619374][ T5977] usb 46-1: SetAddress Request (2) to port 0
[  597.621405][ T5977] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  598.027119][T17680] vhci_hcd: connection reset by peer
[  598.036068][T11843] vhci_hcd vhci_hcd.4: stop threads
[  598.037822][T11843] vhci_hcd vhci_hcd.4: release socket
[  598.039841][T11843] vhci_hcd vhci_hcd.4: disconnect device
[  598.162601][T17689] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  598.482827][ T1021] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  598.558584][T17705] syzkaller0: entered promiscuous mode
[  598.560384][T17705] syzkaller0: entered allmulticast mode
[  598.599885][T17707] netlink: 'syz.1.3514': attribute type 1 has an invalid length.
[  598.674383][ T1021] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  598.678300][ T1021] usb 7-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  598.682317][ T1021] usb 7-1: config 0 interface 0 has no altsetting 0
[  598.684447][ T1021] usb 7-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00
[  598.687879][ T1021] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.691780][ T1021] usb 7-1: config 0 descriptor??
[  598.911260][ T1021] usbhid 7-1:0.0: can't add hid device: -71
[  598.913252][ T1021] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  598.920126][ T1021] usb 7-1: USB disconnect, device number 22
[  598.996083][ T7798] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  599.134960][ T7798] usb 9-1: device descriptor read/64, error -71
[  599.402611][ T7798] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  599.541190][ T7798] usb 9-1: device descriptor read/64, error -71
[  599.659126][ T7798] usb usb9-port1: attempt power cycle
[  599.788240][T17731] binder: 17730:17731 ioctl 8030942b 80000180 returned -22
[  599.853171][T17732] binder: 17730:17732 ioctl 5000 0 returned -22
[  600.033001][ T7798] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  600.055057][ T7798] usb 9-1: device descriptor read/8, error -71
[  600.321656][ T7798] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  600.343604][ T7798] usb 9-1: device descriptor read/8, error -71
[  600.460735][ T7798] usb usb9-port1: unable to enumerate USB device
[  600.738651][   T34] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  600.755170][T17739] usb usb8: usbfs: process 17739 (syz.2.3526) did not claim interface 0 before use
[  600.900055][   T34] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  600.903444][   T34] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  600.907402][   T34] usb 6-1: config 0 interface 0 has no altsetting 0
[  600.909700][   T34] usb 6-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00
[  600.912510][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.916886][   T34] usb 6-1: config 0 descriptor??
[  601.139777][   T34] usbhid 6-1:0.0: can't add hid device: -71
[  601.141876][   T34] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  601.145900][   T34] usb 6-1: USB disconnect, device number 21
[  602.257762][T17770] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  602.259889][T17770] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  602.293571][T17770] vhci_hcd vhci_hcd.0: Device attached
[  602.323030][T17781] netlink: 'syz.4.3538': attribute type 1 has an invalid length.
[  602.325877][T17781] netlink: 'syz.4.3538': attribute type 2 has an invalid length.
[  602.328831][T17781] netlink: 'syz.4.3538': attribute type 1 has an invalid length.
[  602.342179][T17781] netlink: 'syz.4.3538': attribute type 3 has an invalid length.
[  602.344573][T17781] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3538'.
[  602.439259][T17785] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3540'.
[  602.471933][T17789] netlink: 'syz.3.3541': attribute type 10 has an invalid length.
[  602.493341][T17789] team_slave_1: left allmulticast mode
[  602.496547][T17789] team0 (unregistering): Port device team_slave_1 removed
[  602.577547][ T6299] usb 40-1: SetAddress Request (22) to port 0
[  602.580062][ T6299] usb 40-1: new SuperSpeed USB device number 22 using vhci_hcd
[  602.711051][T17778] vhci_hcd: connection reset by peer
[  602.713141][T11891] vhci_hcd vhci_hcd.1: stop threads
[  602.714843][T11891] vhci_hcd vhci_hcd.1: release socket
[  602.719396][ T1021] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  602.721953][T11891] vhci_hcd vhci_hcd.1: disconnect device
[  602.888765][ T1021] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  602.892315][ T1021] usb 9-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  602.896292][ T1021] usb 9-1: config 0 interface 0 has no altsetting 0
[  602.898598][ T1021] usb 9-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00
[  602.901380][ T1021] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.905752][ T1021] usb 9-1: config 0 descriptor??
[  603.001975][T17797] tun1: tun_chr_ioctl cmd 1074025675
[  603.004247][T17797] tun1: persist disabled
[  603.134022][ T1021] usbhid 9-1:0.0: can't add hid device: -71
[  603.136608][ T1021] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  603.145475][ T1021] usb 9-1: USB disconnect, device number 10
[  603.421988][ T5977] usb 46-1: device descriptor read/8, error -110
[  603.839329][ T5977] usb usb46-port1: attempt power cycle
[  604.440382][ T5977] usb usb46-port1: unable to enumerate USB device
[  604.452148][T17821] picdev_write: 3 callbacks suppressed
[  604.452159][T17821] kvm: pic: non byte write
[  604.558303][T17824] trusted_key: encrypted_key: master key parameter 'trustedOÛŠsted:' is invalid
[  604.685791][   T40] kauditd_printk_skb: 618 callbacks suppressed
[  604.685805][   T40] audit: type=1326 audit(1770801358.284:4565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.706126][   T40] audit: type=1326 audit(1770801358.284:4566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.718133][   T40] audit: type=1326 audit(1770801358.284:4567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.736243][   T40] audit: type=1326 audit(1770801358.284:4568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.750788][   T40] audit: type=1326 audit(1770801358.284:4569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.771920][   T40] audit: type=1326 audit(1770801358.284:4570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.795876][   T40] audit: type=1326 audit(1770801358.284:4571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.803057][   T40] audit: type=1326 audit(1770801358.284:4572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.811228][   T40] audit: type=1326 audit(1770801358.284:4573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  604.828318][   T40] audit: type=1326 audit(1770801358.284:4574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17826 comm="syz.3.3552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fed579 code=0x7ffc0000
[  607.954760][ T6299] usb 40-1: device descriptor read/8, error -110
[  608.189419][T17886] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  608.371814][T17891] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  608.374390][T17891] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  608.377914][T17891] vhci_hcd vhci_hcd.0: Device attached
[  608.405120][ T6299] usb usb40-port1: attempt power cycle
[  608.660346][    T9] usb 42-1: SetAddress Request (23) to port 0
[  608.662460][    T9] usb 42-1: new SuperSpeed USB device number 23 using vhci_hcd
[  608.680868][T17896] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  608.782129][T17896] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  608.875434][T17896] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  608.931579][T17896] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  609.023572][T11847] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  609.024455][T17892] vhci_hcd: connection reset by peer
[  609.029455][ T6299] usb usb40-port1: unable to enumerate USB device
[  609.032792][T11895] vhci_hcd vhci_hcd.2: stop threads
[  609.033617][T11847] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  609.035149][T11895] vhci_hcd vhci_hcd.2: release socket
[  609.040013][T11895] vhci_hcd vhci_hcd.2: disconnect device
[  609.045665][T11895] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  609.054901][T11895] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  609.519663][T17911] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3578'.
[  610.938390][T17937] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3586'.
[  612.574945][   T40] kauditd_printk_skb: 27 callbacks suppressed
[  612.574956][   T40] audit: type=1326 audit(1770801365.665:4602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.585123][   T40] audit: type=1326 audit(1770801365.674:4603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.592223][   T40] audit: type=1326 audit(1770801365.674:4604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.599468][   T40] audit: type=1326 audit(1770801365.674:4605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.607123][   T40] audit: type=1326 audit(1770801365.674:4606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.614556][   T40] audit: type=1326 audit(1770801365.674:4607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.621908][   T40] audit: type=1326 audit(1770801365.674:4608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.629490][   T40] audit: type=1326 audit(1770801365.674:4609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.636477][   T40] audit: type=1326 audit(1770801365.683:4610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  612.643957][   T40] audit: type=1326 audit(1770801365.683:4611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17969 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  613.762520][ T5299] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  613.766540][ T5299] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  613.769413][ T5299] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  613.772012][ T5299] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  613.774598][ T5299] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  613.991008][T17995] orangefs_devreq_write_iter: failed to copy head.
[  614.027630][T14820] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  614.040187][T17996] chnl_net:caif_netlink_parms(): no params data found
[  614.123192][    T9] usb 42-1: device descriptor read/8, error -110
[  614.176203][T17996] bridge0: port 1(bridge_slave_0) entered blocking state
[  614.178855][T17996] bridge0: port 1(bridge_slave_0) entered disabled state
[  614.181415][T17996] bridge_slave_0: entered allmulticast mode
[  614.184249][T17996] bridge_slave_0: entered promiscuous mode
[  614.188156][T17996] bridge0: port 2(bridge_slave_1) entered blocking state
[  614.190578][T17996] bridge0: port 2(bridge_slave_1) entered disabled state
[  614.192965][T17996] bridge_slave_1: entered allmulticast mode
[  614.195767][T17996] bridge_slave_1: entered promiscuous mode
[  614.215336][T17996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  614.219831][T14820] usb 7-1: Using ep0 maxpacket: 32
[  614.220311][T17996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  614.238438][T17996] team0: Port device team_slave_0 added
[  614.241362][T14820] usb 7-1: config 1 interface 0 altsetting 197 bulk endpoint 0x1 has invalid maxpacket 1024
[  614.242059][T17996] team0: Port device team_slave_1 added
[  614.247512][T14820] usb 7-1: config 1 interface 0 altsetting 197 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  614.254312][T14820] usb 7-1: config 1 interface 0 has no altsetting 0
[  614.259912][T17996] batman_adv: batadv0: Adding interface: batadv_slave_0
[  614.263209][T17996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  614.271841][T14820] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  614.272748][T17996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  614.276750][T14820] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  614.282850][T17996] batman_adv: batadv0: Adding interface: batadv_slave_1
[  614.288256][T17996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  614.299319][T17996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  614.303176][T14820] usb 7-1: Product: 㽃炭ꓞ鸵굲⪎輬䀥僶敟�맦�ݺ첼穑ओ鈓멖㼗緲䷃
[  614.308676][T14820] usb 7-1: Manufacturer: 糖ᄴ㴋얾ⱕ徚갲�
[  614.310855][T14820] usb 7-1: SerialNumber: Ђ
[  614.330229][T17993] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  614.346996][T17996] hsr_slave_0: entered promiscuous mode
[  614.350290][T17996] hsr_slave_1: entered promiscuous mode
[  614.352513][T17996] debugfs: 'hsr0' already exists in 'hsr'
[  614.354475][T17996] Cannot create hsr debugfs directory
[  614.422142][T17996] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  614.530841][T17996] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  614.620120][T17996] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  614.704461][T17996] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  614.854062][T17996] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  614.858793][T17996] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  614.865992][T17996] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  614.870811][T17996] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  614.887297][T17996] bridge0: port 2(bridge_slave_1) entered blocking state
[  614.889637][T17996] bridge0: port 2(bridge_slave_1) entered forwarding state
[  614.892041][T17996] bridge0: port 1(bridge_slave_0) entered blocking state
[  614.894350][T17996] bridge0: port 1(bridge_slave_0) entered forwarding state
[  614.943934][T17996] 8021q: adding VLAN 0 to HW filter on device bond0
[  614.958575][T11847] bridge0: port 1(bridge_slave_0) entered disabled state
[  614.962831][T11847] bridge0: port 2(bridge_slave_1) entered disabled state
[  614.977602][T17996] 8021q: adding VLAN 0 to HW filter on device team0
[  614.984835][T11843] bridge0: port 1(bridge_slave_0) entered blocking state
[  614.987225][T11843] bridge0: port 1(bridge_slave_0) entered forwarding state
[  614.993965][T11847] bridge0: port 2(bridge_slave_1) entered blocking state
[  614.996266][T11847] bridge0: port 2(bridge_slave_1) entered forwarding state
[  615.020665][T17996] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  615.021209][    T9] usb usb42-port1: attempt power cycle
[  615.024230][T17996] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  615.109677][T18036] FAULT_INJECTION: forcing a failure.
[  615.109677][T18036] name failslab, interval 1, probability 0, space 0, times 0
[  615.113677][T18036] CPU: 2 UID: 0 PID: 18036 Comm: syz.1.3611 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  615.113696][T18036] Tainted: [L]=SOFTLOCKUP
[  615.113700][T18036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  615.113707][T18036] Call Trace:
[  615.113711][T18036]  <TASK>
[  615.113716][T18036]  dump_stack_lvl+0x100/0x190
[  615.113735][T18036]  should_fail_ex.cold+0x5/0xa
[  615.113747][T18036]  should_failslab+0xc2/0x120
[  615.113761][T18036]  __kmalloc_cache_noprof+0x80/0x810
[  615.113777][T18036]  ? kasan_quarantine_put+0x104/0x240
[  615.113787][T18036]  ? alloc_fs_context+0x57/0xf40
[  615.113803][T18036]  ? alloc_fs_context+0x57/0xf40
[  615.113815][T18036]  alloc_fs_context+0x57/0xf40
[  615.113831][T18036]  __ia32_sys_fsopen+0xef/0x230
[  615.113847][T18036]  __do_fast_syscall_32+0xe3/0x8c0
[  615.113867][T18036]  do_fast_syscall_32+0x32/0x70
[  615.113877][T18036]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  615.113891][T18036] RIP: 0023:0xf7f74579
[  615.113900][T18036] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  615.113912][T18036] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 00000000000001ae
[  615.113923][T18036] RAX: ffffffffffffffda RBX: 00000000800005c0 RCX: 0000000000000000
[  615.113930][T18036] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  615.113936][T18036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  615.113942][T18036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  615.113949][T18036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  615.113962][T18036]  </TASK>
[  615.179380][T18028] kvm: pic: non byte read
[  615.181182][T18028] kvm: pic: non byte read
[  615.183114][T18028] kvm: pic: non byte read
[  615.184785][T18028] kvm: pic: non byte read
[  615.186463][T18028] kvm: pic: non byte read
[  615.188303][T18028] kvm: pic: non byte read
[  615.190022][T18028] kvm: pic: non byte read
[  615.191734][T18028] kvm: pic: non byte read
[  615.221311][T17996] 8021q: adding VLAN 0 to HW filter on device batadv0
[  615.231173][T18028] kvm: pic: non byte read
[  615.233324][T18028] kvm: pic: non byte read
[  615.276430][T17996] veth0_vlan: entered promiscuous mode
[  615.287537][T17996] veth1_vlan: entered promiscuous mode
[  615.299706][T18038] kvm: pic: non byte write
[  615.314472][T17996] veth0_macvtap: entered promiscuous mode
[  615.318708][T17996] veth1_macvtap: entered promiscuous mode
[  615.328605][T17996] batman_adv: batadv0: Interface activated: batadv_slave_0
[  615.335721][T17996] batman_adv: batadv0: Interface activated: batadv_slave_1
[  615.345000][T11873] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  615.347789][T11873] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  615.351067][T11873] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  615.355364][T11873] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  615.428570][T11895] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  615.431092][T11895] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  615.447990][T11895] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  615.451239][T11895] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  615.687283][    T9] usb usb42-port1: unable to enumerate USB device
[  615.994280][ T5946] Bluetooth: hci2: command tx timeout
[  616.084812][T18053] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3615'.
[  616.253547][T18056] FAULT_INJECTION: forcing a failure.
[  616.253547][T18056] name failslab, interval 1, probability 0, space 0, times 0
[  616.276853][T18056] CPU: 1 UID: 0 PID: 18056 Comm: syz.1.3623 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  616.276873][T18056] Tainted: [L]=SOFTLOCKUP
[  616.276878][T18056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  616.276885][T18056] Call Trace:
[  616.276890][T18056]  <TASK>
[  616.276896][T18056]  dump_stack_lvl+0x100/0x190
[  616.276916][T18056]  should_fail_ex.cold+0x5/0xa
[  616.276930][T18056]  should_failslab+0xc2/0x120
[  616.276955][T18056]  ? fib6_info_alloc+0x40/0x160
[  616.276969][T18056]  __kmalloc_noprof+0xf6/0x9c0
[  616.276990][T18056]  ? fib6_info_alloc+0x40/0x160
[  616.277001][T18056]  ? fib6_get_table+0xe1/0x130
[  616.277010][T18056]  fib6_info_alloc+0x40/0x160
[  616.277022][T18056]  ip6_route_info_create+0x14c/0xad0
[  616.277039][T18056]  ip6_route_add+0x4b/0x1d0
[  616.277062][T18056]  inet6_rtm_newroute+0x157/0x160
[  616.277099][T18056]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  616.277117][T18056]  ? __lock_acquire+0x4a5/0x2630
[  616.277135][T18056]  ? find_held_lock+0x2b/0x80
[  616.277149][T18056]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  616.277164][T18056]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  616.277177][T18056]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  616.277195][T18056]  rtnetlink_rcv_msg+0x95e/0xe90
[  616.277210][T18056]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  616.277227][T18056]  ? ref_tracker_free+0x37e/0x6c0
[  616.277254][T18056]  netlink_rcv_skb+0x159/0x420
[  616.277268][T18056]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  616.277282][T18056]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  616.277300][T18056]  ? netlink_deliver_tap+0x1ae/0xcc0
[  616.277315][T18056]  netlink_unicast+0x5aa/0x870
[  616.277331][T18056]  ? __pfx_netlink_unicast+0x10/0x10
[  616.277349][T18056]  netlink_sendmsg+0x8b0/0xda0
[  616.277365][T18056]  ? __pfx_netlink_sendmsg+0x10/0x10
[  616.277380][T18056]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  616.277400][T18056]  ____sys_sendmsg+0xa54/0xc30
[  616.277417][T18056]  ? __pfx_____sys_sendmsg+0x10/0x10
[  616.277439][T18056]  ___sys_sendmsg+0x190/0x1e0
[  616.277456][T18056]  ? __pfx____sys_sendmsg+0x10/0x10
[  616.277489][T18056]  __sys_sendmsg+0x170/0x220
[  616.277502][T18056]  ? __pfx___sys_sendmsg+0x10/0x10
[  616.277519][T18056]  ? __pfx_ksys_write+0x10/0x10
[  616.277533][T18056]  __do_fast_syscall_32+0xe3/0x8c0
[  616.277553][T18056]  do_fast_syscall_32+0x32/0x70
[  616.277563][T18056]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  616.277577][T18056] RIP: 0023:0xf7f74579
[  616.277587][T18056] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  616.277598][T18056] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  616.277611][T18056] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  616.277618][T18056] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  616.277625][T18056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  616.277631][T18056] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  616.277638][T18056] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  616.277652][T18056]  </TASK>
[  617.384039][T14820] usb 7-1: USB disconnect, device number 23
[  617.469318][T18070] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  617.471441][T18070] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  617.479168][T18070] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  617.998660][T18094] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  618.000951][T18094] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  618.020546][T18094] vhci_hcd vhci_hcd.0: Device attached
[  618.372142][ T5977] usb 40-1: SetAddress Request (26) to port 0
[  618.397535][ T5977] usb 40-1: new SuperSpeed USB device number 26 using vhci_hcd
[  618.521429][T18095] vhci_hcd: connection reset by peer
[  618.523368][T11895] vhci_hcd vhci_hcd.1: stop threads
[  618.525125][T11895] vhci_hcd vhci_hcd.1: release socket
[  618.527049][T11895] vhci_hcd vhci_hcd.1: disconnect device
[  619.671632][ T5946] Bluetooth: hci2: command 0x040f tx timeout
[  619.726091][T11873] bond0 (unregistering): Released all slaves
[  619.732759][T11873] bond1 (unregistering): Released all slaves
[  619.742485][T11873] bond2 (unregistering): Released all slaves
[  619.899261][T11873] bond3 (unregistering): Released all slaves
[  621.793950][T18169] kvm: pic: non byte write
[  621.905994][ T5946] Bluetooth: hci2: command 0x040f tx timeout
[  622.180597][T18186] kvm: pic: non byte write
[  622.239792][T11873] hsr_slave_0: left promiscuous mode
[  622.243191][T11873] hsr_slave_1: left promiscuous mode
[  623.864131][ T5977] usb 40-1: device descriptor read/8, error -110
[  624.119159][ T5946] Bluetooth: hci2: command 0x040f tx timeout
[  624.292109][ T5977] usb usb40-port1: attempt power cycle
[  624.900576][ T5977] usb usb40-port1: unable to enumerate USB device
[  625.648012][T18238] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  625.650299][T18238] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  625.653181][T18238] vhci_hcd vhci_hcd.0: Device attached
[  625.711766][T18238] JFS: charset not found
[  625.739158][T18244] 9pnet_fd: Insufficient options for proto=fd
[  625.747325][T18244] netlink: 'syz.4.3660': attribute type 28 has an invalid length.
[  625.947110][ T5977] usb 40-1: SetAddress Request (30) to port 0
[  625.952796][ T5977] usb 40-1: new SuperSpeed USB device number 30 using vhci_hcd
[  626.238122][T18240] vhci_hcd: connection reset by peer
[  626.241308][T11860] vhci_hcd vhci_hcd.1: stop threads
[  626.243061][T11860] vhci_hcd vhci_hcd.1: release socket
[  626.245015][T11860] vhci_hcd vhci_hcd.1: disconnect device
[  626.345478][ T5946] Bluetooth: hci2: command 0x040f tx timeout
[  628.341542][T18267] wireguard: wg1: Could not create IPv4 socket
[  628.446896][T18263] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  628.567649][ T5946] Bluetooth: hci2: command 0x040f tx timeout
[  629.436746][T18279] kvm: pic: non byte write
[  629.951350][T18295] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  629.953481][T18295] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  629.957257][T18295] vhci_hcd vhci_hcd.0: Device attached
[  630.244790][   T34] usb 42-1: SetAddress Request (27) to port 0
[  630.247045][   T34] usb 42-1: new SuperSpeed USB device number 27 using vhci_hcd
[  630.498481][T18299] netlink: 'syz.1.3673': attribute type 1 has an invalid length.
[  630.514087][T18296] vhci_hcd: connection reset by peer
[  630.517258][T11843] vhci_hcd vhci_hcd.2: stop threads
[  630.518944][T11843] vhci_hcd vhci_hcd.2: release socket
[  630.521030][T11843] vhci_hcd vhci_hcd.2: disconnect device
[  631.389290][ T5977] usb 40-1: device descriptor read/8, error -110
[  631.423555][T18321] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  631.809511][ T5977] usb usb40-port1: attempt power cycle
[  631.887094][T18333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3681'.
[  631.892536][T18333] netlink: 'syz.1.3681': attribute type 10 has an invalid length.
[  631.895660][T18333] syz_tun: entered promiscuous mode
[  631.903249][T18333] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  632.249700][T18338] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  632.308655][T18338] 9p: Bad value for 'wfdno'
[  632.416743][ T5977] usb usb40-port1: unable to enumerate USB device
[  632.608076][T18344] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3685'.
[  633.049526][T18350] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  633.051632][T18350] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  633.054340][T18350] vhci_hcd vhci_hcd.0: Device attached
[  633.225139][T18355] kvm: pic: non byte write
[  633.345022][T13580] usb 46-1: SetAddress Request (6) to port 0
[  633.346980][T13580] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd
[  633.788647][T18352] vhci_hcd: connection reset by peer
[  633.790578][T11891] vhci_hcd vhci_hcd.4: stop threads
[  633.792295][T11891] vhci_hcd vhci_hcd.4: release socket
[  633.794885][T11891] vhci_hcd vhci_hcd.4: disconnect device
[  634.407899][T18376] siw: device registration error -23
[  635.955004][   T34] usb 42-1: device descriptor read/8, error -110
[  635.964654][ T6020] usb 7-1: new full-speed USB device number 24 using dummy_hcd
[  636.057879][T18407] kvm: pic: non byte write
[  636.136841][ T6020] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[  636.140737][ T6020] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[  636.144321][ T6020] usb 7-1: config 0 interface 0 has no altsetting 0
[  636.148460][ T6020] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  636.151367][ T6020] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  636.154075][ T6020] usb 7-1: Product: syz
[  636.155409][ T6020] usb 7-1: Manufacturer: syz
[  636.157748][ T6020] usb 7-1: SerialNumber: syz
[  636.161470][ T6020] usb 7-1: config 0 descriptor??
[  636.166086][ T6020] usb 7-1: selecting invalid altsetting 0
[  636.231110][T18410] syz_tun: entered allmulticast mode
[  636.371681][   T34] usb usb42-port1: attempt power cycle
[  636.383180][ T7620] usb 7-1: USB disconnect, device number 24
[  636.992827][   T34] usb usb42-port1: unable to enumerate USB device
[  637.119723][T18409] syz_tun: left allmulticast mode
[  637.273747][T18433] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  637.275961][T18433] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  637.279121][T18433] vhci_hcd vhci_hcd.0: Device attached
[  637.603528][T14820] usb 40-1: SetAddress Request (34) to port 0
[  637.611042][T14820] usb 40-1: new SuperSpeed USB device number 34 using vhci_hcd
[  637.855894][T18439] vhci_hcd: connection reset by peer
[  637.859945][T11860] vhci_hcd vhci_hcd.1: stop threads
[  637.862077][T11860] vhci_hcd vhci_hcd.1: release socket
[  637.864523][T11860] vhci_hcd vhci_hcd.1: disconnect device
[  638.744803][T13580] usb 46-1: device descriptor read/8, error -110
[  639.085989][T18464] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3708'.
[  639.214086][T13580] usb usb46-port1: attempt power cycle
[  639.547815][T18488] netlink: 'syz.4.3715': attribute type 9 has an invalid length.
[  639.550352][T18488] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.3715'.
[  639.812751][ T6020] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  639.834573][T13580] usb usb46-port1: unable to enumerate USB device
[  639.979256][ T6020] usb 9-1: Using ep0 maxpacket: 16
[  640.456992][ T6020] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  640.460483][ T6020] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  640.463900][ T6020] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  640.739974][T18511] siw: device registration error -23
[  640.876893][ T6020] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  640.881894][ T6020] usb 9-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  640.887743][ T6020] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.893458][ T6020] usb 9-1: config 0 descriptor??
[  642.154254][   T24] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  642.294152][   T24] usb 6-1: device descriptor read/64, error -71
[  642.581570][   T24] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  642.729513][ T6020] usbhid 9-1:0.0: can't add hid device: -71
[  642.736564][   T24] usb 6-1: device descriptor read/64, error -71
[  642.746604][ T6020] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  642.768125][T18528] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3728'.
[  642.784969][T18528] gretap0: refused to change device tx_queue_len
[  642.788097][T18528] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  642.797651][ T6020] usb 9-1: USB disconnect, device number 11
[  642.861778][   T24] usb usb6-port1: attempt power cycle
[  643.020004][T14820] usb 40-1: device descriptor read/8, error -110
[  643.266328][   T24] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  643.287662][   T24] usb 6-1: device descriptor read/8, error -71
[  643.554437][   T24] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  643.587380][   T24] usb 6-1: device descriptor read/8, error -71
[  643.717718][   T24] usb usb6-port1: unable to enumerate USB device
[  644.396797][T18570] netlink: 'syz.4.3742': attribute type 33 has an invalid length.
[  644.399988][T18570] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3742'.
[  644.406691][T18570] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3742'.
[  644.564102][T18574] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3744'.
[  644.571188][T14820] usb usb40-port1: attempt power cycle
[  644.616564][T18574] FAULT_INJECTION: forcing a failure.
[  644.616564][T18574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  644.621906][T18574] CPU: 1 UID: 0 PID: 18574 Comm: syz.4.3744 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  644.621925][T18574] Tainted: [L]=SOFTLOCKUP
[  644.621929][T18574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  644.621936][T18574] Call Trace:
[  644.621941][T18574]  <TASK>
[  644.621947][T18574]  dump_stack_lvl+0x100/0x190
[  644.621966][T18574]  should_fail_ex.cold+0x5/0xa
[  644.621979][T18574]  _copy_from_user+0x2e/0xd0
[  644.621992][T18574]  kstrtouint_from_user+0xd6/0x1d0
[  644.622007][T18574]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  644.622022][T18574]  ? __lock_acquire+0x4a5/0x2630
[  644.622035][T18574]  ? lock_acquire+0x17c/0x330
[  644.622048][T18574]  proc_fail_nth_write+0x83/0x220
[  644.622061][T18574]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  644.622077][T18574]  vfs_write+0x2aa/0x1070
[  644.622091][T18574]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  644.622104][T18574]  ? __pfx_vfs_write+0x10/0x10
[  644.622114][T18574]  ? find_held_lock+0x2b/0x80
[  644.622129][T18574]  ? __fget_files+0x215/0x3d0
[  644.622142][T18574]  ? __fget_files+0x21f/0x3d0
[  644.622157][T18574]  ksys_write+0x12a/0x250
[  644.622167][T18574]  ? __pfx_ksys_write+0x10/0x10
[  644.622182][T18574]  do_int80_emulation+0x141/0x6b0
[  644.622195][T18574]  asm_int80_emulation+0x1a/0x20
[  644.622206][T18574] RIP: 0023:0xf720572b
[  644.622215][T18574] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  644.622226][T18574] RSP: 002b:00000000f54bd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  644.622238][T18574] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54bd5d0
[  644.622246][T18574] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  644.622252][T18574] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  644.622259][T18574] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  644.622265][T18574] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  644.622280][T18574]  </TASK>
[  644.747366][T18576] netlink: 'syz.4.3745': attribute type 33 has an invalid length.
[  644.750700][T18576] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3745'.
[  644.993119][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  644.995181][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  645.244686][T14820] usb usb40-port1: unable to enumerate USB device
[  645.864848][T18599] overlayfs: failed to get inode (-116)
[  645.867677][T18599] overlayfs: failed to get inode (-116)
[  646.035526][T18607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3755'.
[  646.073574][T18608] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3754'.
[  646.138266][T18609] syzkaller0: entered promiscuous mode
[  646.140515][T18609] syzkaller0: entered allmulticast mode
[  647.316021][T18632] could not allocate digest TFM handle rmd320-generic
[  647.523551][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880248e1800: rx timeout, send abort
[  648.059588][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880248e3800: rx timeout, send abort
[  648.063208][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880248e1800: abort rx timeout. Force session deactivation
[  648.548861][T18651] IPv6: NLM_F_CREATE should be specified when creating new route
[  648.552184][T18651] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  648.555437][T18651] IPv6: NLM_F_CREATE should be set when creating new route
[  648.558440][T18651] IPv6: NLM_F_CREATE should be set when creating new route
[  648.597618][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880248e3800: abort rx timeout. Force session deactivation
[  648.660503][T18655] FAULT_INJECTION: forcing a failure.
[  648.660503][T18655] name failslab, interval 1, probability 0, space 0, times 0
[  648.665042][T18655] CPU: 0 UID: 0 PID: 18655 Comm: syz.1.3767 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  648.665070][T18655] Tainted: [L]=SOFTLOCKUP
[  648.665075][T18655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  648.665082][T18655] Call Trace:
[  648.665086][T18655]  <TASK>
[  648.665091][T18655]  dump_stack_lvl+0x100/0x190
[  648.665110][T18655]  should_fail_ex.cold+0x5/0xa
[  648.665123][T18655]  should_failslab+0xc2/0x120
[  648.665137][T18655]  ? tomoyo_encode2+0xfb/0x3c0
[  648.665150][T18655]  __kmalloc_noprof+0xf6/0x9c0
[  648.665170][T18655]  ? tomoyo_encode2+0xfb/0x3c0
[  648.665182][T18655]  tomoyo_encode2+0xfb/0x3c0
[  648.665197][T18655]  tomoyo_encode+0x29/0x50
[  648.665209][T18655]  tomoyo_realpath_from_path+0x18c/0x690
[  648.665226][T18655]  tomoyo_path_number_perm+0x23c/0x580
[  648.665237][T18655]  ? tomoyo_path_number_perm+0x22e/0x580
[  648.665249][T18655]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  648.665272][T18655]  ? irqentry_exit+0x180/0x670
[  648.665291][T18655]  ? hook_file_ioctl_common+0x146/0x410
[  648.665305][T18655]  ? __ia32_compat_sys_ioctl+0x9d/0x360
[  648.665325][T18655]  security_file_ioctl_compat+0xd3/0x230
[  648.665337][T18655]  __ia32_compat_sys_ioctl+0xc2/0x360
[  648.665356][T18655]  __do_fast_syscall_32+0xe3/0x8c0
[  648.665375][T18655]  do_fast_syscall_32+0x32/0x70
[  648.665385][T18655]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  648.665400][T18655] RIP: 0023:0xf7f74579
[  648.665409][T18655] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  648.665420][T18655] RSP: 002b:00000000f541550c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  648.665431][T18655] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000400448de
[  648.665439][T18655] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  648.665445][T18655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  648.665452][T18655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  648.665458][T18655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  648.665472][T18655]  </TASK>
[  648.665743][T18655] ERROR: Out of memory at tomoyo_realpath_from_path.
[  649.722963][   T34] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  649.883296][   T34] usb 7-1: Using ep0 maxpacket: 32
[  649.885507][   T34] usb 7-1: no configurations
[  649.887009][   T34] usb 7-1: can't read configurations, error -22
[  650.022285][   T34] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  650.077606][T18684] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3777'.
[  650.183928][   T34] usb 7-1: Using ep0 maxpacket: 32
[  650.192510][   T34] usb 7-1: no configurations
[  650.213851][   T34] usb 7-1: can't read configurations, error -22
[  650.258857][   T34] usb usb7-port1: attempt power cycle
[  650.551740][T18689] FAULT_INJECTION: forcing a failure.
[  650.551740][T18689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  650.555844][T18689] CPU: 1 UID: 0 PID: 18689 Comm: syz.1.3779 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  650.555862][T18689] Tainted: [L]=SOFTLOCKUP
[  650.555866][T18689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  650.555873][T18689] Call Trace:
[  650.555878][T18689]  <TASK>
[  650.555882][T18689]  dump_stack_lvl+0x100/0x190
[  650.555902][T18689]  should_fail_ex.cold+0x5/0xa
[  650.555914][T18689]  _copy_to_user+0x32/0xd0
[  650.555927][T18689]  simple_read_from_buffer+0xcb/0x170
[  650.555946][T18689]  proc_fail_nth_read+0x1af/0x230
[  650.555959][T18689]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  650.555971][T18689]  ? rw_verify_area+0xce/0x6d0
[  650.555987][T18689]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  650.555999][T18689]  vfs_read+0x1e4/0xb30
[  650.556011][T18689]  ? __pfx_vfs_read+0x10/0x10
[  650.556033][T18689]  ? find_held_lock+0x2b/0x80
[  650.556049][T18689]  ? __fget_files+0x215/0x3d0
[  650.556062][T18689]  ? __fget_files+0x21f/0x3d0
[  650.556076][T18689]  ksys_read+0x12a/0x250
[  650.556086][T18689]  ? __pfx_ksys_read+0x10/0x10
[  650.556095][T18689]  ? fput+0x79/0x100
[  650.556112][T18689]  do_int80_emulation+0x141/0x6b0
[  650.556124][T18689]  asm_int80_emulation+0x1a/0x20
[  650.556135][T18689] RIP: 0023:0xf717572b
[  650.556144][T18689] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  650.556155][T18689] RSP: 002b:00000000f54364bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  650.556166][T18689] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54365d0
[  650.556173][T18689] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  650.556179][T18689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  650.556186][T18689] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  650.556192][T18689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  650.556206][T18689]  </TASK>
[  650.631809][   T34] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  650.681607][   T34] usb 7-1: Using ep0 maxpacket: 32
[  650.692170][   T34] usb 7-1: no configurations
[  650.696674][   T34] usb 7-1: can't read configurations, error -22
[  650.847676][   T34] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  650.886055][   T34] usb 7-1: Using ep0 maxpacket: 32
[  650.903886][   T34] usb 7-1: no configurations
[  650.907416][   T34] usb 7-1: can't read configurations, error -22
[  650.920997][   T34] usb usb7-port1: unable to enumerate USB device
[  651.351915][T18702] FAULT_INJECTION: forcing a failure.
[  651.351915][T18702] name failslab, interval 1, probability 0, space 0, times 0
[  651.355966][T18702] CPU: 2 UID: 0 PID: 18702 Comm: syz.4.3783 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  651.355985][T18702] Tainted: [L]=SOFTLOCKUP
[  651.355989][T18702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  651.355997][T18702] Call Trace:
[  651.356002][T18702]  <TASK>
[  651.356007][T18702]  dump_stack_lvl+0x100/0x190
[  651.356027][T18702]  should_fail_ex.cold+0x5/0xa
[  651.356041][T18702]  should_failslab+0xc2/0x120
[  651.356055][T18702]  __kvmalloc_node_noprof+0x101/0xac0
[  651.356067][T18702]  ? nf_tables_commit+0xa50/0x8ac0
[  651.356084][T18702]  ? nf_tables_commit+0xa50/0x8ac0
[  651.356097][T18702]  nf_tables_commit+0xa50/0x8ac0
[  651.356115][T18702]  ? nf_tables_newrule+0x10ed/0x2be0
[  651.356126][T18702]  ? __pfx_nft_bitwise_init+0x10/0x10
[  651.356146][T18702]  ? __pfx_nf_tables_commit+0x10/0x10
[  651.356160][T18702]  ? __pfx_nf_tables_newrule+0x10/0x10
[  651.356175][T18702]  ? __nla_parse+0x40/0x60
[  651.356192][T18702]  nfnetlink_rcv_batch+0x1a57/0x2880
[  651.356216][T18702]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  651.356234][T18702]  ? find_held_lock+0x2b/0x80
[  651.356250][T18702]  ? __local_bh_enable_ip+0x9e/0x120
[  651.356267][T18702]  ? lockdep_hardirqs_on+0x78/0x100
[  651.356284][T18702]  ? __dev_queue_xmit+0x7dc/0x46f0
[  651.356319][T18702]  ? __nla_parse+0x40/0x60
[  651.356335][T18702]  nfnetlink_rcv+0x3bd/0x440
[  651.356352][T18702]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  651.356372][T18702]  netlink_unicast+0x5aa/0x870
[  651.356388][T18702]  ? __pfx_netlink_unicast+0x10/0x10
[  651.356407][T18702]  netlink_sendmsg+0x8b0/0xda0
[  651.356422][T18702]  ? __pfx_netlink_sendmsg+0x10/0x10
[  651.356438][T18702]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  651.356457][T18702]  ____sys_sendmsg+0xa54/0xc30
[  651.356475][T18702]  ? __pfx_____sys_sendmsg+0x10/0x10
[  651.356497][T18702]  ___sys_sendmsg+0x190/0x1e0
[  651.356514][T18702]  ? __pfx____sys_sendmsg+0x10/0x10
[  651.356546][T18702]  __sys_sendmsg+0x170/0x220
[  651.356559][T18702]  ? __pfx___sys_sendmsg+0x10/0x10
[  651.356576][T18702]  ? __pfx_ksys_write+0x10/0x10
[  651.356590][T18702]  __do_fast_syscall_32+0xe3/0x8c0
[  651.356609][T18702]  do_fast_syscall_32+0x32/0x70
[  651.356620][T18702]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  651.356635][T18702] RIP: 0023:0xf70cd579
[  651.356644][T18702] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  651.356655][T18702] RSP: 002b:00000000f54bd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  651.356666][T18702] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  651.356674][T18702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  651.356680][T18702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  651.356687][T18702] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  651.356693][T18702] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  651.356707][T18702]  </TASK>
[  651.575734][T18708] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3785'.
[  651.578708][T18706] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3785'.
[  653.001396][T18731] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  653.003655][T18731] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  653.009334][T18731] vhci_hcd vhci_hcd.0: Device attached
[  653.027641][T18731] random: crng reseeded on system resumption
[  653.291921][T18729] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  653.312376][T18730] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  653.314493][T18730] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  653.315235][   T24] usb 42-1: SetAddress Request (31) to port 0
[  653.317214][T18730] vhci_hcd vhci_hcd.0: Device attached
[  653.320511][   T24] usb 42-1: new SuperSpeed USB device number 31 using vhci_hcd
[  653.458221][T18738] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  653.598769][T18732] vhci_hcd: connection reset by peer
[  653.600596][T11860] vhci_hcd vhci_hcd.2: stop threads
[  653.602440][T11860] vhci_hcd vhci_hcd.2: release socket
[  653.604509][T11860] vhci_hcd vhci_hcd.2: disconnect device
[  653.614347][ T6020] usb 40-1: SetAddress Request (38) to port 0
[  653.616438][ T6020] usb 40-1: new SuperSpeed USB device number 38 using vhci_hcd
[  653.729047][T18740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3792'.
[  653.770494][T18740] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  653.800274][T18735] vhci_hcd: connection reset by peer
[  653.802888][T11873] vhci_hcd vhci_hcd.1: stop threads
[  653.805137][T11873] vhci_hcd vhci_hcd.1: release socket
[  653.807686][T11873] vhci_hcd vhci_hcd.1: disconnect device
[  654.569588][T18746] netlink: 'syz.1.3795': attribute type 10 has an invalid length.
[  655.021239][T18760] libceph: resolve '400' (ret=-3): failed
[  655.029236][T18760] kvm: kvm [18759]: vcpu6, guest rIP: 0xfff0 Unhandled RDMSR(0x4000006f)
[  655.219793][T18774] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3802'.
[  655.232526][T18774] binder: 18773:18774 ioctl c0306201 800003c0 returned -14
[  656.564923][T13580] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  656.569865][T18802] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  656.572018][T18802] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  656.574969][T18802] vhci_hcd vhci_hcd.0: Device attached
[  656.613195][T18806] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  656.615300][T18806] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  656.618095][T18806] vhci_hcd vhci_hcd.0: Device attached
[  656.746665][T13580] usb 6-1: Using ep0 maxpacket: 8
[  656.750484][T13580] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  656.753319][T13580] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  656.756464][T13580] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  656.760301][T13580] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  656.763537][T13580] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  656.768082][T13580] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  656.771063][T13580] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.853587][T18104] usb 44-1: SetAddress Request (22) to port 0
[  656.855694][T18104] usb 44-1: new SuperSpeed USB device number 22 using vhci_hcd
[  656.917742][ T1021] usb 46-1: SetAddress Request (10) to port 0
[  656.919853][ T1021] usb 46-1: new SuperSpeed USB device number 10 using vhci_hcd
[  657.004919][T13580] usb 6-1: GET_CAPABILITIES returned 0
[  657.006697][T13580] usbtmc 6-1:16.0: can't read capabilities
[  657.091258][T18815] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3809'.
[  657.100166][T18815] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3809'.
[  657.115128][T18807] vhci_hcd: connection reset by peer
[  657.116950][T11895] vhci_hcd vhci_hcd.4: stop threads
[  657.118669][T11895] vhci_hcd vhci_hcd.4: release socket
[  657.120523][T11895] vhci_hcd vhci_hcd.4: disconnect device
[  657.262305][T18804] vhci_hcd: connection reset by peer
[  657.269759][T11895] vhci_hcd vhci_hcd.3: stop threads
[  657.274749][T11895] vhci_hcd vhci_hcd.3: release socket
[  657.277432][T11895] vhci_hcd vhci_hcd.3: disconnect device
[  657.303985][T13580] usb 6-1: USB disconnect, device number 26
[  658.051808][ T7620] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  658.270718][ T7620] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  658.275053][ T7620] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  658.276394][T18830] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  658.279610][ T7620] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  658.290509][ T7620] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.345815][T18824] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  658.415004][ T7620] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  658.605570][T18833] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  658.758149][   T24] usb 42-1: device descriptor read/8, error -110
[  658.904137][T18849] block device autoloading is deprecated and will be removed.
[  659.013235][ T6020] usb 40-1: device descriptor read/8, error -110
[  659.174204][   T24] usb usb42-port1: attempt power cycle
[  659.434778][ T6020] usb usb40-port1: attempt power cycle
[  659.611805][ T7620] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  659.761536][ T7620] usb 7-1: device descriptor read/64, error -71
[  659.783418][   T24] usb usb42-port1: unable to enumerate USB device
[  659.809685][   T24] tipc: Node number set to 268071677
[  660.039758][ T7620] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  660.040927][ T6020] usb usb40-port1: unable to enumerate USB device
[  660.200164][ T7620] usb 7-1: device descriptor read/64, error -71
[  660.320492][ T7620] usb usb7-port1: attempt power cycle
[  660.681011][ T7620] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  660.714455][ T7620] usb 7-1: device descriptor read/8, error -71
[  660.980311][ T7620] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  661.010023][ T7620] usb 7-1: device descriptor read/8, error -71
[  661.107715][   T34] usb 9-1: USB disconnect, device number 12
[  661.187497][T18882] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3828'.
[  661.192841][T18882] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3828'.
[  661.197650][T18882] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3828'.
[  661.202504][T18882] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3828'.
[  661.205953][T18882] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3828'.
[  661.248929][ T7620] usb usb7-port1: unable to enumerate USB device
[  662.232695][T18895] ubi31: attaching mtd0
[  662.236819][T18895] ubi31: scanning is finished
[  662.252394][T18895] ubi31: empty MTD device detected
[  662.263087][T18104] usb 44-1: device descriptor read/8, error -110
[  662.359576][ T1021] usb 46-1: device descriptor read/8, error -110
[  662.397219][T18895] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  662.399663][T18895] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  662.424223][T18895] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  662.426513][T18895] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  662.428939][T18895] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  662.431109][T18895] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  662.433681][T18895] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2619715280
[  662.438894][T18895] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  662.447820][T18907] ubi31: background thread "ubi_bgt31d" started, PID 18907
[  662.529824][T18909] syzkaller0: entered promiscuous mode
[  662.533516][T18909] syzkaller0: entered allmulticast mode
[  662.565826][T18909] 0: reclassify loop, rule prio 0, protocol 800
[  662.797737][ T1021] usb usb46-port1: attempt power cycle
[  662.917518][T18104] usb usb44-port1: attempt power cycle
[  663.365318][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  663.365363][   T40] audit: type=1326 audit(1770801413.155:4647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18916 comm="syz.1.3838" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f74579 code=0x0
[  663.369882][T18924] syzkaller0: left promiscuous mode
[  663.375875][T18924] syzkaller0: left allmulticast mode
[  663.504985][ T1021] usb usb46-port1: unable to enumerate USB device
[  663.899445][T18104] usb usb44-port1: unable to enumerate USB device
[  665.813330][T18950] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3847'.
[  666.059279][T18960] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3851'.
[  667.162529][T18975] Context (ID=0x1) not attached to queue pair (handle=0x0:0x5)
[  667.847581][T18984] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3856'.
[  668.229322][T18993] syzkaller0: entered promiscuous mode
[  668.231164][T18993] syzkaller0: entered allmulticast mode
[  669.217283][T19011] FAULT_INJECTION: forcing a failure.
[  669.217283][T19011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  669.221484][T19011] CPU: 1 UID: 0 PID: 19011 Comm: syz.2.3864 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  669.221502][T19011] Tainted: [L]=SOFTLOCKUP
[  669.221507][T19011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  669.221514][T19011] Call Trace:
[  669.221519][T19011]  <TASK>
[  669.221523][T19011]  dump_stack_lvl+0x100/0x190
[  669.221559][T19011]  should_fail_ex.cold+0x5/0xa
[  669.221571][T19011]  _copy_from_user+0x2e/0xd0
[  669.221596][T19011]  get_user_ifreq+0x116/0x1c0
[  669.221618][T19011]  sock_do_ioctl+0x16e/0x280
[  669.221633][T19011]  ? __pfx_sock_do_ioctl+0x10/0x10
[  669.221648][T19011]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  669.221664][T19011]  ? do_vfs_ioctl+0x226/0x13e0
[  669.221681][T19011]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  669.221699][T19011]  compat_sock_ioctl+0x568/0x760
[  669.221719][T19011]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  669.221741][T19011]  ? __fget_files+0x21f/0x3d0
[  669.221754][T19011]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  669.221771][T19011]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  669.221789][T19011]  __do_fast_syscall_32+0xe3/0x8c0
[  669.221809][T19011]  do_fast_syscall_32+0x32/0x70
[  669.221819][T19011]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  669.221834][T19011] RIP: 0023:0xf7f24579
[  669.221843][T19011] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  669.221854][T19011] RSP: 002b:00000000f53e650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  669.221865][T19011] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000008914
[  669.221872][T19011] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  669.221879][T19011] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  669.221885][T19011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  669.221891][T19011] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  669.221905][T19011]  </TASK>
[  669.457971][ T6027] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  669.639648][ T6027] usb 6-1: Using ep0 maxpacket: 8
[  669.644864][ T6027] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  669.648288][ T6027] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  669.660956][ T6027] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  669.664113][ T6027] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  669.667536][ T6027] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  669.670633][ T6027] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  669.678252][ T6027] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  669.686593][ T6027] usb 6-1: config 0 descriptor??
[  669.688915][T19009] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  670.127316][ T5946] Bluetooth: hci0: Opcode 0x0c03 failed: -71
[  670.133447][ T6027] usb 6-1: USB disconnect, device number 27
[  670.324677][T19033] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3870'.
[  670.979260][T19049] netlink: 'syz.1.3878': attribute type 13 has an invalid length.
[  670.983175][T19049] veth0_macvtap: left promiscuous mode
[  670.984970][T19049] macvtap0: entered promiscuous mode
[  670.987059][T19049] macvtap0: entered allmulticast mode
[  670.994100][T19049] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3878'.
[  671.012295][T19051] tipc: Started in network mode
[  671.015543][T19051] tipc: Node identity c6e78e0afdba, cluster identity 4711
[  671.019660][T19051] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  671.023636][T19052] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  671.038772][T19049] ip6gre1: entered promiscuous mode
[  671.041089][T19049] ip6gre1: entered allmulticast mode
[  671.043965][T11860] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  671.047116][T11860] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  671.082915][ T1456] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  671.120241][   T40] audit: type=1326 audit(1770801420.423:4648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19048 comm="syz.1.3878" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  671.129422][   T40] audit: type=1326 audit(1770801420.423:4649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19048 comm="syz.1.3878" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  671.147451][   T40] audit: type=1326 audit(1770801420.432:4650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19048 comm="syz.1.3878" exe="/syz-executor" sig=0 arch=40000003 syscall=182 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  671.156071][   T40] audit: type=1326 audit(1770801420.432:4651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19048 comm="syz.1.3878" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  671.169876][ T1456] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  671.343586][T19070] : entered promiscuous mode
[  671.576470][ T1456] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  671.617281][   T24] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  671.716148][T19083] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  671.777723][   T24] usb 9-1: Using ep0 maxpacket: 16
[  671.782781][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  671.786514][   T24] usb 9-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  671.789732][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.794918][   T24] usb 9-1: config 0 descriptor??
[  672.087736][ T6027] tipc: Node number set to 995986954
[  672.144131][   T24] usbhid 9-1:0.0: can't add hid device: -71
[  672.146173][   T24] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  672.152368][   T24] usb 9-1: USB disconnect, device number 13
[  673.513534][T19109] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3896'.
[  673.543849][T19114] syzkaller0: entered promiscuous mode
[  673.546114][T19114] syzkaller0: entered allmulticast mode
[  673.554670][T19114] netlink: 'syz.4.3897': attribute type 1 has an invalid length.
[  673.557158][T19114] netlink: 2108 bytes leftover after parsing attributes in process `syz.4.3897'.
[  674.984861][ T7620] usb 6-1: new full-speed USB device number 28 using dummy_hcd
[  675.123921][ T7620] usb 6-1: device descriptor read/64, error -71
[  675.348413][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  675.391767][ T7620] usb 6-1: new full-speed USB device number 29 using dummy_hcd
[  675.540832][ T7620] usb 6-1: device descriptor read/64, error -71
[  675.658612][ T7620] usb usb6-port1: attempt power cycle
[  675.675752][T19158] netlink: 'syz.3.3913': attribute type 1 has an invalid length.
[  675.763726][T19163] 9p: Bad value for 'rfdno'
[  675.783760][T19163] bridge_slave_0: default FDB implementation only supports local addresses
[  675.997121][T19167] netlink: 120 bytes leftover after parsing attributes in process `syz.4.3916'.
[  676.000306][T19167] netlink: 'syz.4.3916': attribute type 1 has an invalid length.
[  676.002897][T19167] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3916'.
[  676.006256][T19167] sctp: [Deprecated]: syz.4.3916 (pid 19167) Use of struct sctp_assoc_value in delayed_ack socket option.
[  676.006256][T19167] Use struct sctp_sack_info instead
[  676.043337][ T7620] usb 6-1: new full-speed USB device number 30 using dummy_hcd
[  676.065329][ T7620] usb 6-1: device descriptor read/8, error -71
[  676.088611][T19169] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3917'.
[  676.332583][ T7620] usb 6-1: new full-speed USB device number 31 using dummy_hcd
[  676.371084][ T7620] usb 6-1: device descriptor read/8, error -71
[  676.498592][ T7620] usb usb6-port1: unable to enumerate USB device
[  678.179264][T19194] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3926'.
[  678.182869][T19194] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3926'.
[  679.540391][    T9] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  679.565454][T19220] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3933'.
[  679.711339][    T9] usb 7-1: config 128 has an invalid interface number: 148 but max is 0
[  679.714012][    T9] usb 7-1: config 128 has no interface number 0
[  679.716017][    T9] usb 7-1: config 128 interface 148 altsetting 9 endpoint 0x7 has invalid wMaxPacketSize 0
[  679.720048][    T9] usb 7-1: config 128 interface 148 altsetting 9 endpoint 0x5 has an invalid bInterval 129, changing to 11
[  679.742151][    T9] usb 7-1: config 128 interface 148 has no altsetting 0
[  679.746942][    T9] usb 7-1: New USB device found, idVendor=0cf3, idProduct=e019, bcdDevice=fb.4f
[  679.749801][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  679.752351][    T9] usb 7-1: Product: syz
[  679.753760][    T9] usb 7-1: Manufacturer: syz
[  679.755236][    T9] usb 7-1: SerialNumber: syz
[  679.985558][    T9] usb 7-1: USB disconnect, device number 33
[  680.135335][T19228] FAULT_INJECTION: forcing a failure.
[  680.135335][T19228] name failslab, interval 1, probability 0, space 0, times 0
[  680.139533][T19228] CPU: 3 UID: 0 PID: 19228 Comm: syz.4.3935 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  680.139551][T19228] Tainted: [L]=SOFTLOCKUP
[  680.139556][T19228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  680.139563][T19228] Call Trace:
[  680.139567][T19228]  <TASK>
[  680.139572][T19228]  dump_stack_lvl+0x100/0x190
[  680.139591][T19228]  should_fail_ex.cold+0x5/0xa
[  680.139604][T19228]  should_failslab+0xc2/0x120
[  680.139617][T19228]  ? tomoyo_encode2+0xfb/0x3c0
[  680.139629][T19228]  __kmalloc_noprof+0xf6/0x9c0
[  680.139650][T19228]  ? tomoyo_encode2+0xfb/0x3c0
[  680.139662][T19228]  tomoyo_encode2+0xfb/0x3c0
[  680.139677][T19228]  tomoyo_encode+0x29/0x50
[  680.139689][T19228]  tomoyo_realpath_from_path+0x18c/0x690
[  680.139706][T19228]  tomoyo_path_number_perm+0x23c/0x580
[  680.139717][T19228]  ? tomoyo_path_number_perm+0x22e/0x580
[  680.139729][T19228]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  680.139753][T19228]  ? find_held_lock+0x2b/0x80
[  680.139768][T19228]  ? hook_file_ioctl_common+0x146/0x410
[  680.139779][T19228]  ? __fget_files+0x215/0x3d0
[  680.139793][T19228]  ? __fget_files+0x21f/0x3d0
[  680.139810][T19228]  security_file_ioctl_compat+0xd3/0x230
[  680.139823][T19228]  __ia32_compat_sys_ioctl+0xc2/0x360
[  680.139841][T19228]  __do_fast_syscall_32+0xe3/0x8c0
[  680.139861][T19228]  do_fast_syscall_32+0x32/0x70
[  680.139871][T19228]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  680.139885][T19228] RIP: 0023:0xf70cd579
[  680.139894][T19228] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  680.139906][T19228] RSP: 002b:00000000f54bd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  680.139917][T19228] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000000000541b
[  680.139924][T19228] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  680.139930][T19228] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  680.139937][T19228] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  680.139943][T19228] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  680.139956][T19228]  </TASK>
[  680.139966][T19228] ERROR: Out of memory at tomoyo_realpath_from_path.
[  680.469257][ T6027] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  680.640152][ T6027] usb 7-1: Using ep0 maxpacket: 8
[  680.643216][ T6027] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  680.645793][ T6027] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  680.648910][ T6027] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  680.652961][ T6027] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 16
[  680.656109][ T6027] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  680.660221][ T6027] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  680.663320][ T6027] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  680.843347][   T34] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  680.882586][ T6027] usb 7-1: usb_control_msg returned -32
[  680.884391][ T6027] usbtmc 7-1:16.0: can't read capabilities
[  681.014765][   T34] usb 6-1: Using ep0 maxpacket: 16
[  681.018174][   T34] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  681.022318][   T34] usb 6-1: config 0 has no interfaces?
[  681.026716][   T34] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  681.029983][   T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.032924][   T34] usb 6-1: Product: syz
[  681.034591][   T34] usb 6-1: Manufacturer: syz
[  681.036453][   T34] usb 6-1: SerialNumber: syz
[  681.041056][   T34] usb 6-1: config 0 descriptor??
[  681.266296][   T34] usb 7-1: USB disconnect, device number 34
[  681.390319][T19248] FAULT_INJECTION: forcing a failure.
[  681.390319][T19248] name failslab, interval 1, probability 0, space 0, times 0
[  681.395362][T19248] CPU: 3 UID: 0 PID: 19248 Comm: syz.3.3942 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  681.395395][T19248] Tainted: [L]=SOFTLOCKUP
[  681.395404][T19248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  681.395415][T19248] Call Trace:
[  681.395420][T19248]  <TASK>
[  681.395425][T19248]  dump_stack_lvl+0x100/0x190
[  681.395457][T19248]  should_fail_ex.cold+0x5/0xa
[  681.395477][T19248]  should_failslab+0xc2/0x120
[  681.395495][T19248]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  681.395516][T19248]  ? __alloc_skb+0x156/0x410
[  681.395531][T19248]  ? __alloc_skb+0x35d/0x410
[  681.395549][T19248]  ? __alloc_skb+0x156/0x410
[  681.395564][T19248]  __alloc_skb+0x156/0x410
[  681.395578][T19248]  ? __alloc_skb+0x35d/0x410
[  681.395592][T19248]  ? __pfx___alloc_skb+0x10/0x10
[  681.395608][T19248]  ? netlink_autobind.isra.0+0x90/0x370
[  681.395634][T19248]  netlink_alloc_large_skb+0x69/0x150
[  681.395654][T19248]  netlink_sendmsg+0x680/0xda0
[  681.395677][T19248]  ? __pfx_netlink_sendmsg+0x10/0x10
[  681.395698][T19248]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  681.395726][T19248]  ____sys_sendmsg+0xa54/0xc30
[  681.395751][T19248]  ? __pfx_____sys_sendmsg+0x10/0x10
[  681.395783][T19248]  ___sys_sendmsg+0x190/0x1e0
[  681.395806][T19248]  ? __pfx____sys_sendmsg+0x10/0x10
[  681.395856][T19248]  __sys_sendmsg+0x170/0x220
[  681.395874][T19248]  ? __pfx___sys_sendmsg+0x10/0x10
[  681.395899][T19248]  ? __pfx_ksys_write+0x10/0x10
[  681.395920][T19248]  __do_fast_syscall_32+0xe3/0x8c0
[  681.395948][T19248]  do_fast_syscall_32+0x32/0x70
[  681.395963][T19248]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  681.395982][T19248] RIP: 0023:0xf7fd1579
[  681.395996][T19248] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  681.396011][T19248] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  681.396027][T19248] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800004c0
[  681.396037][T19248] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  681.396047][T19248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  681.396056][T19248] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  681.396066][T19248] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  681.396087][T19248]  </TASK>
[  681.505489][T19252] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3943'.
[  681.695327][T19261] FAULT_INJECTION: forcing a failure.
[  681.695327][T19261] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  681.701991][T19261] CPU: 2 UID: 0 PID: 19261 Comm: syz.3.3946 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  681.702035][T19261] Tainted: [L]=SOFTLOCKUP
[  681.702043][T19261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  681.702054][T19261] Call Trace:
[  681.702060][T19261]  <TASK>
[  681.702068][T19261]  dump_stack_lvl+0x100/0x190
[  681.702097][T19261]  should_fail_ex.cold+0x5/0xa
[  681.702118][T19261]  _copy_to_user+0x32/0xd0
[  681.702139][T19261]  simple_read_from_buffer+0xcb/0x170
[  681.702168][T19261]  proc_fail_nth_read+0x1af/0x230
[  681.702188][T19261]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  681.702209][T19261]  ? rw_verify_area+0xce/0x6d0
[  681.702233][T19261]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  681.702251][T19261]  vfs_read+0x1e4/0xb30
[  681.702271][T19261]  ? __pfx_vfs_read+0x10/0x10
[  681.702285][T19261]  ? find_held_lock+0x2b/0x80
[  681.702309][T19261]  ? __fget_files+0x215/0x3d0
[  681.702330][T19261]  ? __fget_files+0x21f/0x3d0
[  681.702354][T19261]  ksys_read+0x12a/0x250
[  681.702371][T19261]  ? __pfx_ksys_read+0x10/0x10
[  681.702394][T19261]  do_int80_emulation+0x141/0x6b0
[  681.702414][T19261]  asm_int80_emulation+0x1a/0x20
[  681.702431][T19261] RIP: 0023:0xf71d572b
[  681.702445][T19261] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  681.702461][T19261] RSP: 002b:00000000f54964bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  681.702479][T19261] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54965d0
[  681.702491][T19261] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  681.702501][T19261] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  681.702511][T19261] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  681.702521][T19261] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  681.702544][T19261]  </TASK>
[  681.705691][T19263] dummy0: Caught tx_queue_len zero misconfig
[  681.830099][T19265] syzkaller0: entered promiscuous mode
[  681.831906][T19265] syzkaller0: entered allmulticast mode
[  682.474814][T19275] FAULT_INJECTION: forcing a failure.
[  682.474814][T19275] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.478997][T19275] CPU: 3 UID: 0 PID: 19275 Comm: syz.4.3951 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  682.479015][T19275] Tainted: [L]=SOFTLOCKUP
[  682.479019][T19275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  682.479026][T19275] Call Trace:
[  682.479030][T19275]  <TASK>
[  682.479035][T19275]  dump_stack_lvl+0x100/0x190
[  682.479054][T19275]  should_fail_ex.cold+0x5/0xa
[  682.479067][T19275]  _copy_from_user+0x2e/0xd0
[  682.479080][T19275]  ucma_listen+0x81/0x220
[  682.479095][T19275]  ? __pfx_ucma_listen+0x10/0x10
[  682.479111][T19275]  ? __pfx_ucma_listen+0x10/0x10
[  682.479125][T19275]  ucma_write+0x1fb/0x330
[  682.479139][T19275]  ? __pfx_ucma_write+0x10/0x10
[  682.479152][T19275]  ? bpf_lsm_file_permission+0x9/0x10
[  682.479165][T19275]  ? security_file_permission+0x76/0x210
[  682.479178][T19275]  ? rw_verify_area+0xce/0x6d0
[  682.479197][T19275]  vfs_write+0x2aa/0x1070
[  682.479208][T19275]  ? __pfx_ucma_write+0x10/0x10
[  682.479224][T19275]  ? __pfx_vfs_write+0x10/0x10
[  682.479237][T19275]  ? find_held_lock+0x2b/0x80
[  682.479256][T19275]  ? __fget_files+0x215/0x3d0
[  682.479271][T19275]  ? __fget_files+0x215/0x3d0
[  682.479287][T19275]  ? __fget_files+0x21f/0x3d0
[  682.479306][T19275]  ksys_write+0x1f8/0x250
[  682.479320][T19275]  ? __pfx_ksys_write+0x10/0x10
[  682.479335][T19275]  ? __pfx_ksys_write+0x10/0x10
[  682.479352][T19275]  __do_fast_syscall_32+0xe3/0x8c0
[  682.479372][T19275]  do_fast_syscall_32+0x32/0x70
[  682.479382][T19275]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  682.479397][T19275] RIP: 0023:0xf70cd579
[  682.479407][T19275] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  682.479418][T19275] RSP: 002b:00000000f549c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  682.479429][T19275] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[  682.479436][T19275] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  682.479443][T19275] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  682.479449][T19275] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  682.479455][T19275] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  682.479475][T19275]  </TASK>
[  683.986395][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  684.003334][    T9] usb 6-1: USB disconnect, device number 32
[  684.638515][T14820] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  684.780178][T19288] syzkaller0: entered promiscuous mode
[  684.782113][T19288] syzkaller0: entered allmulticast mode
[  684.810277][T14820] usb 7-1: Using ep0 maxpacket: 16
[  684.813286][T14820] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  684.819137][T14820] usb 7-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  684.824242][T14820] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  684.826795][T14820] usb 7-1: Product: syz
[  684.828247][T14820] usb 7-1: Manufacturer: syz
[  684.829892][T14820] usb 7-1: SerialNumber: syz
[  684.833310][T14820] usb 7-1: config 0 descriptor??
[  684.836602][T14820] asix 7-1:0.0: probe with driver asix failed with error -22
[  685.156507][T19293] FAULT_INJECTION: forcing a failure.
[  685.156507][T19293] name failslab, interval 1, probability 0, space 0, times 0
[  685.168540][T19293] CPU: 0 UID: 0 PID: 19293 Comm: syz.3.3957 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  685.168560][T19293] Tainted: [L]=SOFTLOCKUP
[  685.168565][T19293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  685.168571][T19293] Call Trace:
[  685.168576][T19293]  <TASK>
[  685.168580][T19293]  dump_stack_lvl+0x100/0x190
[  685.168599][T19293]  should_fail_ex.cold+0x5/0xa
[  685.168612][T19293]  should_failslab+0xc2/0x120
[  685.168626][T19293]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  685.168639][T19293]  ? __alloc_skb+0x156/0x410
[  685.168650][T19293]  ? __alloc_skb+0x35d/0x410
[  685.168667][T19293]  ? __alloc_skb+0x156/0x410
[  685.168677][T19293]  __alloc_skb+0x156/0x410
[  685.168687][T19293]  ? __alloc_skb+0x35d/0x410
[  685.168697][T19293]  ? __pfx___alloc_skb+0x10/0x10
[  685.168708][T19293]  ? netlink_autobind.isra.0+0x90/0x370
[  685.168726][T19293]  netlink_alloc_large_skb+0x69/0x150
[  685.168740][T19293]  netlink_sendmsg+0x680/0xda0
[  685.168756][T19293]  ? __pfx_netlink_sendmsg+0x10/0x10
[  685.168771][T19293]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  685.168791][T19293]  ____sys_sendmsg+0xa54/0xc30
[  685.168808][T19293]  ? __pfx_____sys_sendmsg+0x10/0x10
[  685.168829][T19293]  ___sys_sendmsg+0x190/0x1e0
[  685.168847][T19293]  ? __pfx____sys_sendmsg+0x10/0x10
[  685.168878][T19293]  __sys_sendmsg+0x170/0x220
[  685.168891][T19293]  ? __pfx___sys_sendmsg+0x10/0x10
[  685.168908][T19293]  ? __pfx_ksys_write+0x10/0x10
[  685.168921][T19293]  __do_fast_syscall_32+0xe3/0x8c0
[  685.168941][T19293]  do_fast_syscall_32+0x32/0x70
[  685.168951][T19293]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  685.168966][T19293] RIP: 0023:0xf7fd1579
[  685.168975][T19293] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  685.168986][T19293] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  685.168998][T19293] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  685.169005][T19293] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  685.169011][T19293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  685.169018][T19293] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  685.169025][T19293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  685.169038][T19293]  </TASK>
[  685.387739][T19300] openvswitch: netlink: Unexpected mask (mask=200440, allowed=10048)
[  686.660354][T19319] FAULT_INJECTION: forcing a failure.
[  686.660354][T19319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  686.665983][T19319] CPU: 3 UID: 0 PID: 19319 Comm: syz.3.3966 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  686.666011][T19319] Tainted: [L]=SOFTLOCKUP
[  686.666018][T19319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  686.666029][T19319] Call Trace:
[  686.666036][T19319]  <TASK>
[  686.666044][T19319]  dump_stack_lvl+0x100/0x190
[  686.666087][T19319]  should_fail_ex.cold+0x5/0xa
[  686.666111][T19319]  _copy_from_user+0x2e/0xd0
[  686.666130][T19319]  btf_new_fd+0x756/0x5670
[  686.666158][T19319]  ? __lock_acquire+0x4a5/0x2630
[  686.666185][T19319]  ? __pfx_btf_new_fd+0x10/0x10
[  686.666212][T19319]  ? apparmor_capable+0x1d7/0x4e0
[  686.666241][T19319]  ? bpf_lsm_capable+0x9/0x10
[  686.666262][T19319]  ? security_capable+0x80/0x260
[  686.666289][T19319]  ? ns_capable+0xd2/0xf0
[  686.666316][T19319]  __sys_bpf+0x1b63/0x4b90
[  686.666343][T19319]  ? __pfx___sys_bpf+0x10/0x10
[  686.666368][T19319]  ? proc_fail_nth_write+0x9f/0x220
[  686.666387][T19319]  ? find_held_lock+0x2b/0x80
[  686.666415][T19319]  ? find_held_lock+0x2b/0x80
[  686.666437][T19319]  ? ksys_write+0x190/0x250
[  686.666458][T19319]  ? __mutex_unlock_slowpath+0x15c/0x790
[  686.666507][T19319]  ? fput+0x79/0x100
[  686.666527][T19319]  ? ksys_write+0x1ac/0x250
[  686.666547][T19319]  __ia32_sys_bpf+0x79/0xf0
[  686.666586][T19319]  ? lockdep_hardirqs_on+0x78/0x100
[  686.666613][T19319]  __do_fast_syscall_32+0xe3/0x8c0
[  686.666642][T19319]  do_fast_syscall_32+0x32/0x70
[  686.666659][T19319]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  686.666682][T19319] RIP: 0023:0xf7fd1579
[  686.666696][T19319] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  686.666713][T19319] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  686.666744][T19319] RAX: ffffffffffffffda RBX: 0000000000000012 RCX: 0000000080001a40
[  686.666755][T19319] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  686.666766][T19319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  686.666776][T19319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  686.666787][T19319] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  686.666811][T19319]  </TASK>
[  686.792733][T19321] FAULT_INJECTION: forcing a failure.
[  686.792733][T19321] name failslab, interval 1, probability 0, space 0, times 0
[  686.796793][T19321] CPU: 3 UID: 0 PID: 19321 Comm: syz.3.3967 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  686.796812][T19321] Tainted: [L]=SOFTLOCKUP
[  686.796816][T19321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  686.796823][T19321] Call Trace:
[  686.796828][T19321]  <TASK>
[  686.796834][T19321]  dump_stack_lvl+0x100/0x190
[  686.796853][T19321]  should_fail_ex.cold+0x5/0xa
[  686.796866][T19321]  should_failslab+0xc2/0x120
[  686.796880][T19321]  ? rds_info_getsockopt+0x31d/0x4f0
[  686.796891][T19321]  __kmalloc_noprof+0xf6/0x9c0
[  686.796906][T19321]  ? __might_fault+0xc5/0x140
[  686.796928][T19321]  ? rds_info_getsockopt+0x31d/0x4f0
[  686.796938][T19321]  rds_info_getsockopt+0x31d/0x4f0
[  686.796950][T19321]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  686.796962][T19321]  ? find_held_lock+0x2b/0x80
[  686.796982][T19321]  rds_getsockopt+0x177/0x2e0
[  686.796998][T19321]  ? __pfx_rds_getsockopt+0x10/0x10
[  686.797012][T19321]  do_sock_getsockopt+0x259/0x3d0
[  686.797029][T19321]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  686.797051][T19321]  __sys_getsockopt+0x133/0x1d0
[  686.797064][T19321]  ? ksys_write+0x1ac/0x250
[  686.797077][T19321]  ? __ia32_sys_getsockopt+0xbc/0x160
[  686.797088][T19321]  __ia32_sys_getsockopt+0xbc/0x160
[  686.797099][T19321]  ? __do_fast_syscall_32+0x94/0x8c0
[  686.797118][T19321]  ? lockdep_hardirqs_on+0x78/0x100
[  686.797134][T19321]  __do_fast_syscall_32+0xe3/0x8c0
[  686.797153][T19321]  do_fast_syscall_32+0x32/0x70
[  686.797164][T19321]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  686.797178][T19321] RIP: 0023:0xf7fd1579
[  686.797188][T19321] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  686.797199][T19321] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 000000000000016d
[  686.797211][T19321] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000114
[  686.797218][T19321] RDX: 0000000000002713 RSI: 00000000800002c0 RDI: 0000000080000280
[  686.797225][T19321] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  686.797231][T19321] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  686.797238][T19321] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  686.797251][T19321]  </TASK>
[  687.150822][T19335] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3972'.
[  688.136788][   T24] usb 7-1: USB disconnect, device number 35
[  688.158629][T19340] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  688.161335][T19340] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  688.173594][T19340] vhci_hcd vhci_hcd.0: Device attached
[  688.297046][T19343] vhci_hcd: connection closed
[  688.297716][T11861] vhci_hcd vhci_hcd.3: stop threads
[  688.300972][T11861] vhci_hcd vhci_hcd.3: release socket
[  688.302673][T11861] vhci_hcd vhci_hcd.3: disconnect device
[  688.887903][T19364] overlayfs: missing 'lowerdir'
[  689.017114][T19369] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.104873][T19369] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.236223][T19369] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.397446][T19369] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.161219][T11843] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  690.164643][T19375] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3983'.
[  690.286008][T11843] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  690.338334][T11859] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  690.341526][T11859] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  690.695472][T19409] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  690.748855][T19409] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  690.753849][T19409] overlayfs: failed to look up (tracing) for ino (-66)
[  693.223937][T19445] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4002'.
[  693.519198][T19455] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4005'.
[  693.716211][T19461] uprobe: syz.2.4007:19461 failed to unregister, leaking uprobe
[  693.720739][T19461] uprobe: syz.2.4007:19461 failed to unregister, leaking uprobe
[  693.792064][T19471] syz_tun: entered allmulticast mode
[  694.713578][T19481] binder: 19480:19481 ioctl c0306201 800003c0 returned -14
[  694.797377][T19485] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4014'.
[  694.800122][T19485] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4014'.
[  695.953585][T19496] FAULT_INJECTION: forcing a failure.
[  695.953585][T19496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  695.957742][T19496] CPU: 2 UID: 0 PID: 19496 Comm: syz.1.4017 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  695.957762][T19496] Tainted: [L]=SOFTLOCKUP
[  695.957766][T19496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  695.957773][T19496] Call Trace:
[  695.957778][T19496]  <TASK>
[  695.957783][T19496]  dump_stack_lvl+0x100/0x190
[  695.957803][T19496]  should_fail_ex.cold+0x5/0xa
[  695.957816][T19496]  _copy_to_user+0x32/0xd0
[  695.957829][T19496]  simple_read_from_buffer+0xcb/0x170
[  695.957848][T19496]  proc_fail_nth_read+0x1af/0x230
[  695.957861][T19496]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  695.957873][T19496]  ? rw_verify_area+0xce/0x6d0
[  695.957890][T19496]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  695.957902][T19496]  vfs_read+0x1e4/0xb30
[  695.957914][T19496]  ? __pfx_vfs_read+0x10/0x10
[  695.957923][T19496]  ? find_held_lock+0x2b/0x80
[  695.957939][T19496]  ? __fget_files+0x215/0x3d0
[  695.957952][T19496]  ? __fget_files+0x21f/0x3d0
[  695.957966][T19496]  ksys_read+0x12a/0x250
[  695.957976][T19496]  ? __pfx_ksys_read+0x10/0x10
[  695.957986][T19496]  ? arch_syscall_is_vdso_sigreturn+0x19b/0x200
[  695.957999][T19496]  ? syscall_user_dispatch+0x76/0x130
[  695.958014][T19496]  do_int80_emulation+0x141/0x6b0
[  695.958026][T19496]  asm_int80_emulation+0x1a/0x20
[  695.958038][T19496] RIP: 0023:0xf717572b
[  695.958047][T19496] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  695.958059][T19496] RSP: 002b:00000000f54364bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  695.958070][T19496] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f54365d0
[  695.958077][T19496] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  695.958083][T19496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  695.958090][T19496] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  695.958096][T19496] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  695.958110][T19496]  </TASK>
[  696.582478][T19512] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4021'.
[  696.591862][T19512] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4021'.
[  696.915041][T19518] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4024'.
[  697.502989][   T40] audit: type=1804 audit(1770801445.108:4652): pid=19535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4029" name="/newroot/468/file1" dev="tmpfs" ino=2469 res=1 errno=0
[  697.629266][T19539] FAULT_INJECTION: forcing a failure.
[  697.629266][T19539] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  697.633675][T19539] CPU: 2 UID: 0 PID: 19539 Comm: syz.2.4031 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  697.633694][T19539] Tainted: [L]=SOFTLOCKUP
[  697.633698][T19539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  697.633705][T19539] Call Trace:
[  697.633711][T19539]  <TASK>
[  697.633716][T19539]  dump_stack_lvl+0x100/0x190
[  697.633735][T19539]  should_fail_ex.cold+0x5/0xa
[  697.633745][T19539]  ? prepare_alloc_pages+0x16d/0x5f0
[  697.633761][T19539]  should_fail_alloc_page+0xeb/0x140
[  697.633776][T19539]  prepare_alloc_pages+0x1f0/0x5f0
[  697.633790][T19539]  ? kernel_text_address+0x8d/0x100
[  697.633806][T19539]  __alloc_frozen_pages_noprof+0x193/0x2410
[  697.633830][T19539]  ? stack_trace_save+0x8e/0xc0
[  697.633845][T19539]  ? __pfx_stack_trace_save+0x10/0x10
[  697.633860][T19539]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  697.633880][T19539]  ? __lock_acquire+0x4a5/0x2630
[  697.633892][T19539]  ? kfree+0x1c7/0x690
[  697.633907][T19539]  ? tomoyo_path_number_perm+0x46d/0x580
[  697.633918][T19539]  ? security_file_ioctl_compat+0xd3/0x230
[  697.633933][T19539]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  697.633948][T19539]  ? policy_nodemask+0xed/0x4f0
[  697.633963][T19539]  alloc_pages_mpol+0x1fb/0x550
[  697.633976][T19539]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  697.633989][T19539]  ? do_raw_spin_lock+0x128/0x260
[  697.634002][T19539]  ? find_held_lock+0x2b/0x80
[  697.634016][T19539]  ? do_proc_control+0x204/0xe50
[  697.634033][T19539]  alloc_pages_noprof+0x131/0x390
[  697.634048][T19539]  get_free_pages_noprof+0x10/0xb0
[  697.634061][T19539]  do_proc_control+0x210/0xe50
[  697.634076][T19539]  ? perf_trace_lock+0x490/0x5b0
[  697.634088][T19539]  ? __pfx_do_proc_control+0x10/0x10
[  697.634107][T19539]  usbdev_ioctl+0x1474/0x3aa0
[  697.634124][T19539]  ? __pfx_usbdev_ioctl+0x10/0x10
[  697.634143][T19539]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  697.634160][T19539]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  697.634180][T19539]  ? find_held_lock+0x2b/0x80
[  697.634194][T19539]  ? hook_file_ioctl_common+0x146/0x410
[  697.634209][T19539]  ? __fget_files+0x21f/0x3d0
[  697.634221][T19539]  ? __pfx_usbdev_ioctl+0x10/0x10
[  697.634236][T19539]  compat_ptr_ioctl+0x6e/0xa0
[  697.634252][T19539]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  697.634267][T19539]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  697.634286][T19539]  __do_fast_syscall_32+0xe3/0x8c0
[  697.634307][T19539]  do_fast_syscall_32+0x32/0x70
[  697.634317][T19539]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  697.634331][T19539] RIP: 0023:0xf7f24579
[  697.634341][T19539] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  697.634352][T19539] RSP: 002b:00000000f53e650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  697.634367][T19539] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0105500
[  697.634387][T19539] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  697.634394][T19539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  697.634400][T19539] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  697.634406][T19539] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  697.634421][T19539]  </TASK>
[  698.134116][T19560] input: syz0 as /devices/virtual/input/input21
[  698.273600][T19565] netlink: 'syz.2.4038': attribute type 27 has an invalid length.
[  698.278934][T19565] loop6: detected capacity change from 0 to 524288000
[  698.338262][T12861] buffer_io_error: 14 callbacks suppressed
[  698.338276][T12861] Buffer I/O error on dev loop6, logical block 65535992, async page read
[  699.224896][T19558] bridge_slave_0: left allmulticast mode
[  699.227411][T19558] bridge_slave_0: left promiscuous mode
[  699.229654][T19558] bridge0: port 1(bridge_slave_0) entered disabled state
[  699.242937][T19558] bridge_slave_1: left allmulticast mode
[  699.244936][T19558] bridge_slave_1: left promiscuous mode
[  699.247614][T19558] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.275572][T19558] bond0: (slave bond_slave_0): Releasing backup interface
[  699.358232][T19558] bond0: (slave bond_slave_1): Releasing backup interface
[  699.432578][T19558] team0: Port device team_slave_0 removed
[  699.469720][T19558] team0: Port device team_slave_1 removed
[  699.491913][T19558] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  699.495190][T19558] batman_adv: batadv0: Removing interface: batadv_slave_0
[  699.502903][T19558] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  699.506164][T19558] batman_adv: batadv0: Removing interface: batadv_slave_1
[  699.516285][T19558] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  699.821023][T19581] IPVS: set_ctl: invalid protocol: 108 172.20.20.34:20000
[  699.980371][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  699.982964][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  699.985531][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  699.988120][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  699.991372][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  699.994024][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  699.996589][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  699.999089][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  700.001669][ T5347] ldm_validate_partition_table(): Disk read failed.
[  700.003968][ T5347] Buffer I/O error on dev loop6, logical block 0, async page read
[  700.006265][ T5347] Dev loop6: unable to read RDB block 0
[  700.008244][ T5347]  loop6: unable to read partition table
[  700.407189][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  700.920389][   T10] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  700.923106][   T10] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  700.930971][    C2] ------------[ cut here ]------------
[  700.934531][    C2] workqueue: cannot queue hci_cmd_timeout on wq hci2
[  700.937044][    C2] WARNING: kernel/workqueue.c:2251 at __queue_work+0xcbb/0x10f0, CPU#2: syz-executor/17996
[  700.941016][    C2] Modules linked in:
[  700.943022][    C2] CPU: 2 UID: 0 PID: 17996 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  700.947544][    C2] Tainted: [L]=SOFTLOCKUP
[  700.949337][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  700.953542][    C2] RIP: 0010:__queue_work+0xcbf/0x10f0
[  700.955772][    C2] Code: 00 00 00 fc ff df 49 8d 94 24 78 01 00 00 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 15 04 00 00 48 8d 3d d5 cd ec 0e 48 8b 75 18 <67> 48 0f b9 3a e9 77 f7 ff ff e8 22 6a 38 00 90 0f 0b 90 e9 ff f5
[  700.963774][    C2] RSP: 0000:ffffc90000538bf0 EFLAGS: 00010046
[  700.966336][    C2] RAX: dffffc0000000000 RBX: 0000000000000100 RCX: 1ffff11002724951
[  700.969513][    C2] RDX: ffff88802ac67178 RSI: ffffffff8a6f7010 RDI: ffffffff90baf360
[  700.972679][    C2] RBP: ffff888013924a70 R08: 0000000000000005 R09: 0000000000000000
[  700.975918][    C2] R10: 0000000000000100 R11: 0000000000000000 R12: ffff88802ac67000
[  700.979257][    C2] R13: 1ffff920000a718f R14: ffffffff81ce3690 R15: 0000000000000001
[  700.982333][    C2] FS:  0000000000000000(0000) GS:ffff8880975bf000(0063) knlGS:0000000057ca5480
[  700.985651][    C2] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  700.988076][    C2] CR2: 0000000057ca5470 CR3: 000000002904f000 CR4: 0000000000352ef0
[  700.990623][    C2] DR0: 0000000000000004 DR1: 0000000000000000 DR2: 0000000000000000
[  700.993249][    C2] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  700.995823][    C2] Call Trace:
[  700.996932][    C2]  <IRQ>
[  700.997872][    C2]  ? do_raw_spin_unlock+0x145/0x1e0
[  700.999516][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  701.001389][    C2]  call_timer_fn+0x19a/0x590
[  701.002869][    C2]  ? __pfx_call_timer_fn+0x10/0x10
[  701.004517][    C2]  ? __run_timers+0x560/0xac0
[  701.006045][    C2]  ? __run_timers+0x560/0xac0
[  701.007572][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  701.009431][    C2]  __run_timers+0x570/0xac0
[  701.010885][    C2]  ? __pfx___run_timers+0x10/0x10
[  701.012503][    C2]  run_timer_base+0x114/0x190
[  701.013999][    C2]  ? __pfx_run_timer_base+0x10/0x10
[  701.015650][    C2]  ? rcu_is_watching+0x12/0xc0
[  701.017197][    C2]  run_timer_softirq+0x1a/0x50
[  701.018737][    C2]  handle_softirqs+0x1ea/0x910
[  701.020278][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  701.022288][    C2]  __irq_exit_rcu+0xef/0x150
[  701.023880][    C2]  irq_exit_rcu+0x9/0x30
[  701.025256][    C2]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  701.027055][    C2]  </IRQ>
[  701.028021][    C2]  <TASK>
[  701.029076][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  701.030974][    C2] RIP: 0010:_raw_write_unlock_irq+0x29/0x50
[  701.032842][    C2] Code: 90 f3 0f 1e fa 53 48 8b 74 24 08 48 89 fb 48 83 c7 18 e8 ca e6 67 f6 48 89 df e8 72 3c 68 f6 e8 9d 5f 93 f6 fb bf 01 00 00 00 <e8> c2 7d 58 f6 65 8b 05 2b f8 6a 08 85 c0 74 06 5b e9 91 41 00 00
[  701.038848][    C2] RSP: 0000:ffffc9000649f8f0 EFLAGS: 00000202
[  701.040777][    C2] RAX: 00000000000eb843 RBX: ffffffff8e20c080 RCX: 0000000000000000
[  701.043214][    C2] RDX: 0000000000000000 RSI: ffffffff8dc4df07 RDI: 0000000000000001
[  701.045686][    C2] RBP: ffff8880227100e0 R08: 0000000000000001 R09: 0000000000000000
[  701.048176][    C2] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[  701.050658][    C2] R13: ffff888022710000 R14: dffffc0000000000 R15: ffff88802a274a00
[  701.053177][    C2]  release_task+0xd37/0x1ab0
[  701.054656][    C2]  ? __pfx_release_task+0x10/0x10
[  701.056245][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  701.058176][    C2]  ? lock_acquire+0x17c/0x330
[  701.059901][    C2]  ? wait_consider_task+0x2c31/0x3e00
[  701.061667][    C2]  ? rcu_is_watching+0x12/0xc0
[  701.063239][    C2]  wait_consider_task+0x1791/0x3e00
[  701.064909][    C2]  ? __pfx_wait_consider_task+0x10/0x10
[  701.066708][    C2]  ? do_raw_spin_lock+0x128/0x260
[  701.068328][    C2]  __do_wait+0x218/0x8b0
[  701.069698][    C2]  ? __pfx___do_wait+0x10/0x10
[  701.071242][    C2]  ? rcu_is_watching+0x12/0xc0
[  701.072805][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  701.074671][    C2]  ? do_wait+0x1b3/0x540
[  701.076028][    C2]  do_wait+0x1ec/0x540
[  701.077384][    C2]  kernel_wait4+0x16d/0x280
[  701.078855][    C2]  ? __pfx_kernel_wait4+0x10/0x10
[  701.080513][    C2]  ? __pfx_child_wait_callback+0x10/0x10
[  701.082300][    C2]  __do_compat_sys_wait4+0x15b/0x170
[  701.084008][    C2]  ? __pfx___do_compat_sys_wait4+0x10/0x10
[  701.085910][    C2]  ? do_user_addr_fault+0x8d6/0x12f0
[  701.087925][    C2]  ? rcu_is_watching+0x12/0xc0
[  701.089913][    C2]  do_int80_emulation+0x141/0x6b0
[  701.091996][    C2]  asm_int80_emulation+0x1a/0x20
[  701.094057][    C2] RIP: 0023:0xf71d572b
[  701.095742][    C2] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  701.103699][    C2] RSP: 002b:00000000ffb3571c EFLAGS: 00000246 ORIG_RAX: 0000000000000072
[  701.107125][    C2] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00000000ffb358b8
[  701.110458][    C2] RDX: 0000000040000001 RSI: 0000000000000000 RDI: 0000000000000000
[  701.113794][    C2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  701.117160][    C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  701.120542][    C2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  701.123861][    C2]  </TASK>
[  701.125221][    C2] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  701.128320][    C2] CPU: 2 UID: 0 PID: 17996 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  701.132837][    C2] Tainted: [L]=SOFTLOCKUP
[  701.134623][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  701.138930][    C2] Call Trace:
[  701.140415][    C2]  <IRQ>
[  701.141518][    C2]  dump_stack_lvl+0x100/0x190
[  701.143289][    C2]  vpanic+0x20d/0x630
[  701.144799][    C2]  panic+0xd1/0xd1
[  701.146215][    C2]  ? __pfx_panic+0x10/0x10
[  701.147905][    C2]  ? check_panic_on_warn+0x1f/0x90
[  701.149844][    C2]  check_panic_on_warn.cold+0x19/0x34
[  701.151858][    C2]  ? __queue_work+0xcbb/0x10f0
[  701.153419][    C2]  __warn.cold+0x191/0x2f8
[  701.154849][    C2]  __report_bug+0x296/0x3d0
[  701.156319][    C2]  ? __queue_work+0xcbb/0x10f0
[  701.158130][    C2]  ? __pfx___report_bug+0x10/0x10
[  701.159793][    C2]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  701.161497][    C2]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  701.163170][    C2]  ? look_up_lock_class+0x64/0x120
[  701.164810][    C2]  report_bug_entry+0xe1/0x290
[  701.166333][    C2]  ? __queue_work+0xcbf/0x10f0
[  701.167851][    C2]  handle_bug+0x1c9/0x2a0
[  701.169229][    C2]  exc_invalid_op+0x17/0x50
[  701.170675][    C2]  asm_exc_invalid_op+0x1a/0x20
[  701.172242][    C2] RIP: 0010:__queue_work+0xcbf/0x10f0
[  701.173951][    C2] Code: 00 00 00 fc ff df 49 8d 94 24 78 01 00 00 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 15 04 00 00 48 8d 3d d5 cd ec 0e 48 8b 75 18 <67> 48 0f b9 3a e9 77 f7 ff ff e8 22 6a 38 00 90 0f 0b 90 e9 ff f5
[  701.179927][    C2] RSP: 0000:ffffc90000538bf0 EFLAGS: 00010046
[  701.181861][    C2] RAX: dffffc0000000000 RBX: 0000000000000100 RCX: 1ffff11002724951
[  701.184348][    C2] RDX: ffff88802ac67178 RSI: ffffffff8a6f7010 RDI: ffffffff90baf360
[  701.186998][    C2] RBP: ffff888013924a70 R08: 0000000000000005 R09: 0000000000000000
[  701.189474][    C2] R10: 0000000000000100 R11: 0000000000000000 R12: ffff88802ac67000
[  701.191922][    C2] R13: 1ffff920000a718f R14: ffffffff81ce3690 R15: 0000000000000001
[  701.194407][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  701.196242][    C2]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  701.198003][    C2]  ? do_raw_spin_unlock+0x145/0x1e0
[  701.199615][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  701.201476][    C2]  call_timer_fn+0x19a/0x590
[  701.202948][    C2]  ? __pfx_call_timer_fn+0x10/0x10
[  701.204582][    C2]  ? __run_timers+0x560/0xac0
[  701.206078][    C2]  ? __run_timers+0x560/0xac0
[  701.207612][    C2]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  701.209561][    C2]  __run_timers+0x570/0xac0
[  701.211095][    C2]  ? __pfx___run_timers+0x10/0x10
[  701.212785][    C2]  run_timer_base+0x114/0x190
[  701.214345][    C2]  ? __pfx_run_timer_base+0x10/0x10
[  701.216003][    C2]  ? rcu_is_watching+0x12/0xc0
[  701.217555][    C2]  run_timer_softirq+0x1a/0x50
[  701.219238][    C2]  handle_softirqs+0x1ea/0x910
[  701.220829][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  701.222532][    C2]  __irq_exit_rcu+0xef/0x150
[  701.224020][    C2]  irq_exit_rcu+0x9/0x30
[  701.225408][    C2]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  701.227223][    C2]  </IRQ>
[  701.228189][    C2]  <TASK>
[  701.229163][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  701.231064][    C2] RIP: 0010:_raw_write_unlock_irq+0x29/0x50
[  701.232951][    C2] Code: 90 f3 0f 1e fa 53 48 8b 74 24 08 48 89 fb 48 83 c7 18 e8 ca e6 67 f6 48 89 df e8 72 3c 68 f6 e8 9d 5f 93 f6 fb bf 01 00 00 00 <e8> c2 7d 58 f6 65 8b 05 2b f8 6a 08 85 c0 74 06 5b e9 91 41 00 00
[  701.238964][    C2] RSP: 0000:ffffc9000649f8f0 EFLAGS: 00000202
[  701.240917][    C2] RAX: 00000000000eb843 RBX: ffffffff8e20c080 RCX: 0000000000000000
[  701.243408][    C2] RDX: 0000000000000000 RSI: ffffffff8dc4df07 RDI: 0000000000000001
[  701.245908][    C2] RBP: ffff8880227100e0 R08: 0000000000000001 R09: 0000000000000000
[  701.248454][    C2] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[  701.250942][    C2] R13: ffff888022710000 R14: dffffc0000000000 R15: ffff88802a274a00
[  701.253456][    C2]  release_task+0xd37/0x1ab0
[  701.254938][    C2]  ? __pfx_release_task+0x10/0x10
[  701.256553][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  701.258439][    C2]  ? lock_acquire+0x17c/0x330
[  701.259972][    C2]  ? wait_consider_task+0x2c31/0x3e00
[  701.261696][    C2]  ? rcu_is_watching+0x12/0xc0
[  701.263224][    C2]  wait_consider_task+0x1791/0x3e00
[  701.265022][    C2]  ? __pfx_wait_consider_task+0x10/0x10
[  701.266822][    C2]  ? do_raw_spin_lock+0x128/0x260
[  701.268460][    C2]  __do_wait+0x218/0x8b0
[  701.269838][    C2]  ? __pfx___do_wait+0x10/0x10
[  701.271388][    C2]  ? rcu_is_watching+0x12/0xc0
[  701.272933][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  701.274785][    C2]  ? do_wait+0x1b3/0x540
[  701.276147][    C2]  do_wait+0x1ec/0x540
[  701.277507][    C2]  kernel_wait4+0x16d/0x280
[  701.278958][    C2]  ? __pfx_kernel_wait4+0x10/0x10
[  701.280588][    C2]  ? __pfx_child_wait_callback+0x10/0x10
[  701.282362][    C2]  __do_compat_sys_wait4+0x15b/0x170
[  701.284035][    C2]  ? __pfx___do_compat_sys_wait4+0x10/0x10
[  701.285916][    C2]  ? do_user_addr_fault+0x8d6/0x12f0
[  701.287605][    C2]  ? rcu_is_watching+0x12/0xc0
[  701.289136][    C2]  do_int80_emulation+0x141/0x6b0
[  701.290737][    C2]  asm_int80_emulation+0x1a/0x20
[  701.292319][    C2] RIP: 0023:0xf71d572b
[  701.293610][    C2] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  701.299622][    C2] RSP: 002b:00000000ffb3571c EFLAGS: 00000246 ORIG_RAX: 0000000000000072
[  701.302257][    C2] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00000000ffb358b8
[  701.304769][    C2] RDX: 0000000040000001 RSI: 0000000000000000 RDI: 0000000000000000
[  701.307284][    C2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  701.309768][    C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  701.312290][    C2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  701.314797][    C2]  </TASK>
[  701.316509][    C2] Kernel Offset: disabled
[  701.317898][    C2] Rebooting in 86400 seconds..