last executing test programs:

9m28.93927736s ago: executing program 3 (id=396):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x3a840, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x28011, r1, 0x0)
lseek(r1, 0x5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x17)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000080), r2)
arch_prctl$ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0x14)
r3 = openat$audio1(0xffffff9c, &(0x7f0000002680), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000200))
r6 = dup2(r5, r5)
ioctl$VHOST_VSOCK_SET_RUNNING(r6, 0x4004af61, &(0x7f0000000000)=0x5)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000001c0)={<r8=>0x0, 0x2c, &(0x7f0000000180)=[@in={0x2, 0x4e24, @rand_addr=0x64010101}, @in6={0xa, 0x4e23, 0x58fe, @mcast2}]}, &(0x7f0000000240)=0xc)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000340)={r8, 0x5f, 0x10, 0xfffffffffffffffa, 0x531}, &(0x7f0000000380)=0x18)
r9 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0)
write$sequencer(r9, &(0x7f0000000000)=[@t={0x81, 0x5, 0x0, 0x0, @generic}], 0x8)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000840)={r7}, 0xc)
ioctl$SOUND_MIXER_INFO(r3, 0x805c4d65, &(0x7f00000026c0))
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x190)
r10 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r11 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r11, 0x29, 0x1b, &(0x7f0000000000)={@loopback}, 0x14)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x404, &(0x7f00000003c0)={{'fd', 0x3d, r10}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}, {@allow_other}, {@blksize={'blksize', 0x3d, 0xc00}}, {@blksize}, {@blksize={'blksize', 0x3d, 0x2200}}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x9}}], [{@permit_directio}]}})
ioctl$int_in(r10, 0x5452, &(0x7f0000000180)=0xff)

9m28.796787752s ago: executing program 3 (id=398):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x62081, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x840, 0x0, 0x0)
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f00000002c0)=@generic={0x1, 0x9, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000df100bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x0, 0xe, 0x0, &(0x7f0000000200)="1d5fe8317ca952a2ba4bfee0f003", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6}, 0x4c)
openat$ttyprintk(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000580)="63eced8e46aa7ce5a833c9f7b942", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_open_dev$loop(&(0x7f0000000140), 0xfffffffe, 0x900)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x88002, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0xd)
r5 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r7 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r7, 0x4008af12, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x1, 0x2, &(0x7f0000000200)=@raw=[@ldst={0x3, 0x2, 0x6, 0x6, 0xb, 0x2, 0x41}, @exit], &(0x7f0000000380)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$VHOST_SET_VRING_KICK(r7, 0x4008af20, &(0x7f0000000040)={0x1})

9m26.928165508s ago: executing program 3 (id=406):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x3)
socket$netlink(0x10, 0x3, 0x15)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000ea01020000000900010073797a3200000000090001008a797ab0000000000900030073797a32000000000900010073797a32000000000900030073797a3200000000140002"], 0x70}}, 0x20000800)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000800)={'batadv0\x00', <r6=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b80)={r3, 0xe0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000940), 0x0, 0x72, &(0x7f0000000980)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000009c0), &(0x7f0000000a00), 0x8, 0xe7, 0x8, 0x8, &(0x7f0000000a40)}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000c40)={'ip6gre0\x00', &(0x7f0000000bc0)={'syztnl1\x00', <r8=>0x0, 0x4, 0x3, 0xf9, 0x7, 0x5c, @private1, @empty, 0x8000, 0x40, 0x7, 0x1}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f0000000dc0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000d80)={&(0x7f0000000c80)={0xe4, 0x0, 0x200, 0x70bd29, 0x25dfdbff, {}, [@HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x24}, 0x4)
sendmsg$SMC_PNETID_DEL(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="270e28bd70000000000004"], 0x14}, 0x1, 0x40030000000000}, 0x4000)

9m22.777658409s ago: executing program 3 (id=415):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x12, &(0x7f00000000c0)=0x100000001, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280), 0x3000c11, &(0x7f00000000c0)=ANY=[@ANYBLOB="6d706f6c3d696e746572fe646176653a302d4e3a332f4e"])
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'vlan0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x2000001, {0x0, 0x0, 0x0, r3, {0x7, 0xa}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
fsetxattr$security_ima(r5, &(0x7f0000000040), &(0x7f0000000540)=@v2={0x3, 0x0, 0xf, 0x7ff}, 0x9, 0x2)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000000)={0x137, 0x6, 0x4, 0xb, 0x7, 0xb, 0x2000000, 0xfffffffffffffffc, 0x9657, 0x9, 0x7fffffff, 0x0, 0x8, 0xb, 0x80000000000000, 0xcc0, 0x1, 0x1, 0x94d6, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x5, 0x0, 0xfffffffffffffffa, 0x5, 0x4})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40ffff"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}}, 0x4084)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)

9m22.437763701s ago: executing program 3 (id=417):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x80, 0x0, &(0x7f0000000100)={0x1, 0x3, [0x361, 0x7a0, 0x179, 0x401]})
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x7ef)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="400000101000030400000000000000000000000030c19aeb6fad9572752052f8fedf7bb6d18b4ca9febd6e4d7a8a011c97b263bb4d2cd35429a522cf557e88ad5d7fa5cf0fe3ce34e69cb8730aaecf85ad95c55980044a19d170bda327fd370cd06e7e1b5cc1c0d154303ad536a8a8e45db409f13ddaca7fffe6d11c7ede2a0aa38c9b4baf1e0f3aa7260e48ddaded51a39852dc6a887287", @ANYRES32=0x0, @ANYBLOB="002a000010200000140012800b00010065727370616e0000040002800a0001000000000000000000"], 0x40}}, 0x0)
r1 = openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r1, &(0x7f0000000440)={0xc, 0x8, 0xfa00, {&(0x7f00000002c0)}}, 0x10)

9m22.02009726s ago: executing program 3 (id=418):
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
socket$netlink(0x10, 0x3, 0x4)
pipe(&(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x3e8, 0xf, 0x0, &(0x7f0000000000)="c1df07f00000d30a298ee68886dd87", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

9m21.933838394s ago: executing program 32 (id=418):
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
socket$netlink(0x10, 0x3, 0x4)
pipe(&(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x3e8, 0xf, 0x0, &(0x7f0000000000)="c1df07f00000d30a298ee68886dd87", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

5.22877704s ago: executing program 1 (id=2644):
r0 = gettid()
timer_create(0x8, &(0x7f00000000c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0xffff, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @mcast2, 0x4}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = userfaultfd(0x80001)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f00000002c0)=""/166)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
readv(r2, &(0x7f0000000300)=[{&(0x7f0000000100)=""/195, 0xc3}, {&(0x7f0000000400)=""/205, 0xcd}, {&(0x7f0000000640)=""/124, 0x7c}, {&(0x7f0000000000)=""/59, 0x3b}, {&(0x7f0000000540)=""/231, 0xe7}], 0x5)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_genetlink_get_family_id$tipc2(&(0x7f00000020c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001b00), 0xffffffffffffffff)
ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000000000/0x800000)=nil, 0x800000})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_THREAD_EXIT(r3, 0xc0046209, 0x200000000000000)

4.664095447s ago: executing program 4 (id=2657):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x1, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x31}}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000280)=@gcm_256={{0x303}, "1afc7c14d332bcc6", "a9ba0c85d68723369f51322151d9f41aaa2832bb07cc1e49ad714beac6f1ade8", "49960d8f", "bff2a81527ae4190"}, 0x38)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'veth1_macvtap\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4c, 0xd, 0x62, 0x6, 0x8, 0x7, 0xe3, 0x9, 0xa, 0x0, [0x4e, 0x9, 0xd2, 0x7, 0x401, 0x8000004, 0xc, 0xfffffffb]}})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000200), r2)
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000027c0)={0x0, 0x0, &(0x7f0000002780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fbdbdf25010000000c00020000000000000000001c0007801800018008000100", @ANYBLOB="04"], 0x3c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
r5 = openat$vsock(0xffffff9c, &(0x7f0000000040), 0x454141, 0x0)
ioctl$SNDRV_PCM_IOCTL_HWSYNC(r5, 0x4122, 0x0)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r6, 0x40187014, &(0x7f0000000040))
write$cgroup_int(r4, &(0x7f0000000000), 0xffffff6a)
sendfile(r0, r4, 0x0, 0x20000000002)

4.236774295s ago: executing program 1 (id=2661):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002dc0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000003c0)='`', 0x1}], 0x1}, 0x41)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x3c, r1, 0x2799f5eec7981083, 0x70bd28, 0x259fdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4c810}, 0x20000004)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_ifreq(r2, 0x8943, &(0x7f0000000dc0)={'netdevsim0\x00', @ifru_settings={0x4, 0x4, @fr=0x0}})
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x400)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x10)
r6 = socket$key(0xf, 0x3, 0x2)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000200)={0x1f, 0x1, 0x4}, 0x6)
sendmsg$key(r6, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000380)={0x2, 0x3, 0x0, 0x2, 0xa, 0x0, 0x70bd27, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x1000}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9, 0xfc, 0xc0000000}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @local}}]}, 0x50}, 0x1, 0x7}, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, <r8=>0x0], &(0x7f0000000040), 0x3, r5})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000580)={0x0, 0x1, &(0x7f0000000180)=[r5], &(0x7f00000000c0)=[0x3], &(0x7f0000000640)=[r8], &(0x7f0000000340), 0x0, 0xffffffffffffffff})

4.23580522s ago: executing program 4 (id=2662):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x8011, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x109122, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000340)='./file0\x00', 0x1, 0x38)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), &(0x7f0000000500)={0x0, 0xfb, 0xaa, 0x2, 0x9, "adc948fac0d6fd6c5474224f78a9637a", "45ee123d9fdaf68433002b46f78dab0b2e11b9c35e6146b90936bc64cb06bfdcae9a2c1073d72baee8df5b194dec4989cc161f4163de41fc29a31304caa2af37cc7cb5f34b31436d40b6dcc2af751821ba6a2cc9aeb3873c32181cf8cbee94370faaebfcebc647f4719a60748e5a3117304d7606fdb1a426f67bfed7200a69a74c1671f22ac548904b49b1b98517e56a2795ed97ba"}, 0xaa, 0x0)
write$binfmt_format(r0, &(0x7f0000000100)='0\x00', 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x78, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
write$qrtrtun(r0, &(0x7f0000000000)="ca0e968bb35b", 0x6)

4.130362666s ago: executing program 1 (id=2663):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', 0x602082, 0x1d4) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="180000002e00010026bdf000fcdbdf1b04000000040010"], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) (async)
personality(0x400000)
syz_io_uring_setup(0x30d, &(0x7f0000000040)={0x0, 0xfffffffc, 0x800, 0x1, 0xfffffffc}, &(0x7f0000000380), &(0x7f0000000280), &(0x7f0000000000)) (async)
sendmsg$nl_generic(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) (async)
close_range(r0, 0xffffffffffffffff, 0x0)

4.002050797s ago: executing program 4 (id=2664):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x40020}, 0x20000000)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$ttys(0xc, 0x2, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000, 0x3})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x42, 0x18)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010101}, {0x2, 0x0, @local}, {0x2, 0x4e21, @local}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x6})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r5], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48881)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000000), 0xd)

3.304257525s ago: executing program 1 (id=2666):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa20000000000000702000078ffffffb703000008230000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000060ff850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setregid(0x0, 0xee00)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r3, 0xee01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280), 0x3000c11, &(0x7f00000000c0)=ANY=[@ANYBLOB="6d706f6c3d696e746572fe646176653a302d4e3a332f4e"])
keyctl$setperm(0x5, r3, 0x30925)
keyctl$read(0xb, r3, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000000c0)={0x9}, 0x10)
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='iso9660\x00', 0x204001, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@deltfilter={0x1400, 0x2d, 0x1, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x1b, 0xa}, {0x8, 0xb}, {0xe, 0xe}}, [@TCA_CHAIN={0x8, 0xb, 0x9}, @TCA_CHAIN={0x8, 0xb, 0x6c}, @TCA_CHAIN={0x8, 0xb, 0xb91}, @filter_kind_options=@f_fw={{0x7}, {0x13a4, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xc, 0xa}}, @TCA_FW_ACT={0x136c, 0x4, [@m_connmark={0x10a4, 0x2, 0x0, 0x0, {{0xd}, {0x74, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x2, 0x20000000, 0x4, 0x1}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0xa, 0x4, 0x8, 0x9}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xa7, 0x10000000, 0x6, 0x9}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x2, 0x4, 0x10}, 0x8}}]}, {0x1004, 0x6, "84aad021d15ff4fb5c72620f1918b7f90011873928748bf9609432fef253d5ed18ad5de8aeb380d13b98ca41d854689ac128cf526a568e14a3632ecc80704062741256e4cb3a76dfd00350c8fe31e741da34e76ecf9e73b1d9ddf7e99c72ee2114c796693df7791bd458e91844ec79b6c0c15a43cfa3f7d177a2c6c4bdc91bf8e58be8740c5e4bf4bed15456bf8e27ae10f26a4dc274571b1e6cc04c56fa65351de2e8e294a3ac8fa6c357bfa17ccff4388f5e45157402c0efbe0265cb35556d96abc2da12a7d115956eaf4c3a36b0a71b4edabfb53c5b4990a0b03d81ad0dfa19f6450b9543d32edaa6ce5f86aa80690a566b6f0f645791ed1e3ea48592b6566f16b31c768a6ed31f967a750b887c303460ceb4224c83ea853badc577e9e84c58c6f67bd1b12a9bec67b808a1f7e7565f016b47e21e424031f2e59d578e2d2bd62ea74681ddef06a1998e432ee882ffdaa4a8d304fa330f080d97c2b6b7c39ea8f2a12a9a17277f63b6f0e4a28e077e36ae2c73d178488256884a41ab27fc565093c90cdf5444338ef02d0ac5953b17c92beda2e69ea611b5c17e71cce613a946027fa0654556267b27b0c147e2bd576a345a71f9c4319944aabcf651749cba5fe7842b011b6f74f19a34d15398b8c0e148f9a75b19130cd722c0e502154400a59992169aa77ced3a156eb5ef8ca4afd2f85a1b440f71f82e0f1759dae7927d63e4f08dedd75648b6cf6a89861be6f4125cc91438bd35afdb25f8d4a6e5f1bd4c18fb7eefe5e52bea19e82a05596d71c4bba169c15a09ea18d3a1bbde4ab367ba8e54a9c1f3f44e344fc69cedad2b9c8fc4135b739a229b052747c674551a07a9aac57932f8f58f816b1cb0da6eb0c3af2f2cc99f2610871395b4e338777b1f2c9396db275249841b21c9229514c2be7f20e633636e69e896bcbcad7b05f8af2a2010b9dd5c7d761405897da3b328eedd2e714f3ed9f62f0473114d333503d21e019d976973e005f22dc200e3ca2b5c7cba2a53cff9ede616b75ff19a6e919d4ccabd0506a60ed1dd2b7880742ac454f210e7548bf2c39a5afa61c4b054c2c291badbeebef09e18bb86ceb8d5a9dccb0dc2290501ef974606b93536bedc887ca0d437dcbb0ad2cb1d8a72320b578c0c0b26d7b1ba4a2e75cc9b576ad8135387680ac737ad9588e490e63228665eb4bebd26fd640d1985e26d72f44b2fa4049bb342e189e6e26d41317f9c534ef0864e67785ee8c6b5e37aca2f31949ac2ba0989a5abfd7ac9c1fcefcc9e55da1fceda2197da78f969927a7700bf20b0c33f99ec2667671152740a812500ea96fd05d254d2f314b3106b8684acc840346751d0e07e590b6666585ae5f457b4db3bb439804b756f0fb2f6368e3c6e6d28e0217cf045c60aa8142c7bd644c22487d5855ac8396ca3a4acb8c4925c9d446687d30b5772b04c99e1193ec20bbca9a76eac2cf6eb2cd4b2f08ae3c2787d1f2d72643bb291ee2a21716388e03a8a89cf769c69c5997b92f5cf16aaedde7075484f5832a69e3d72593737688b3a5046f67dc2267fc2250b471e8db7f3a73f0c0ff8dc18a2adb3eb3b64613bb2d8fb7a67159816f87c5719471c9148672953433840add26763f64dcdabe1cd93b35937ee08347fc52b0f6d5784b3d9cf90887ca08e87896976419c6ceeb8c7ca3d9daccedc60ce5d0082db0133ee7931c9eb7440b104ae7c194b250da89fedf1a05da2aee52a01000c48f83277ed6cf09ad8902c565ae1cd16269cc159371258575f0381ea9ea09cd6792a7811fcc23893f23d2a7f85af7ad8f249002223cdc91bd941f88f75b139c9c1ef2590101db2d358efdeaa40cb2e9483954792f67c10847960ea58cfe0f5dde4bd230e577a40402c25f76014e833829f823904a0f4d6655ee4a00ca44a428df2c8641cd19263edff019bb83f53e05ab0e4fce636493ec26015b6ebc3e9dacbb3b5dad2aa67f4e70eba56ef9239eb2f58132319e7afd3da5c5e9ac44cb9f93f14b198fc21ad68ea1d324a428f9c898c62bc02e06844c002b8eedb544d44b067da4fb6f1d02539be89cc50d27813113e8a68bd6f751ff9ce1c3a65c6ff6c26db0212dbf0236a1c2235f76569eeb4a7ab0ac3c2f373dd388eefb2b0fb317c78a88f1f0654d3ae13177810c6c0838bc6033e8b7cec1c7ee8387d883a2f51d9816eeda6596ca8a779925c0da84a60563093d527557deaf6120a88332a93e4c116a30393473dc984b97ef2a1400bd4c026bce78dd1508a2ebe0264b4fb7dbbdd229f26432ef2c8335073aac56c7417fcbcf3da8caa7e5b949d1f96a66f47e5353f0c2f63d587c9f8c1bbe28d881a27757ac8f6d4273e5b8ba27e71de31f35857d267c24ee23ac4d48e434fa4aef2f6f25736b16de8d064ade8b93114af0c680f5eaf97a9da90985cec000ec8e6b76ceff2645215b3172c82fd3539f0e1e9e970906857d1844fb7dc494c11557a139967cf1d28cfbebdbeb61d765923ff99e8b3dfb618624776cd436dc00b904137849bf2b944fc0dbf1b9decb0c446ed268fe18b48df40be6b664e48d3adbe393fdecef3cd93fa4ef8599a47d6340af3d34c6063788c079e43e9da90ea9ab48a8574b1d83c40c5ec7f4f21dc1882738cdfab70969fe65f9ece13c2c1b13f8f34802c36b515e9266551bf924f29b5a255e12551c57ee2001dbb9b0d67f50f7550b01213c9c2a276f5cb04d97d3a1bcce557fa1c535f861ae37eb89bcbcfa4683e45dc8cda72e9fb52832e9a39ec28f0b1523d38804aff1689ba62c89ae7bbccccee6048690e93948f10d9d61e4c16c4b4aaa046bba61a2de85e7f206a0cef90e07423d49fe97b7beb6bfe8bb6a6abac19c7cc92a6e3cec0cbdf6b27a13ba8a3668f35723f41721b42b0bb8e4525aee6e48e7c3402cd09faeddee5555c767d1519653aa01f16b19caf338a601c650d138539ab05a9f5df6fea716376bc7dce9a73e187f30c6d3b4efb12202269809d4aafbb01ed59685c4719bf2d623954294934106a7274d52a634cba4cfbfb3f3a7abf865aaea4a2bb42930ef83824ab375eedb53755e49aa5387e07b1ae17ef283a08357229b7cd55eab4bf4fbd586fdc5cd8b91720d83aec576a6eac779d30839fe5fa22fe2c01b618ee1bb67f0ee4b29464c84ef92b5ad7a995e54effe7308d2b13b2249f559971681b58099b9100d99ededb1f1b0fb27b416b44e9229fdbea218339ccf53c61375db5af408dcf064b599e10b924c95851b790308d53e1d34f57b0ce9e9321d7eb4dabda0da88e54ed959e507e6e9954e3bc121a60e28a95675fff03d5ca0977e735eb6710d4ac2eba88261ea17b23d2c59d2ca92880ec16a1ce335c9566a925cf83c5c8568de27410df813456f4a79e646a06355d1a13fd9b166fc3f1f6bb5415e9ceb30995cea9fd74b99d544e7c389d0a3beca8400f59b62a3139169ace70a2447b68e24298b1a4b2bf7de74a66f792416904e12cd6dae2693c842aaec0bf9a8b257d316d29dcbfb7201231d81415271c69adad06a8c38707768a1914780e5bf46430f2b6f4f7a5dedc26c5ed61f71067341f3286d6adcdbff5d9f7737a95cc5ebf24dfb4f2444329675fc5a668255d8ae0e4497a79f7f6fcabdc493a6ec86edb72f3f8273b9c9f1b45101708a2b46c7b5e85b12cf4a418a13f3f973a15b382cc1b923bcaef7a2547d322d875b384f2d2a1eaf2c67a58dad44ff3b0475ff293917d98d0cabb94ba075d68ced5a81c40123481569bb3915af56dfd6859c2b0995148eb8ab9909012b57ba964100c6df0c41d591325fadcbd82ae65a3fe445ba8877c9e6265beddf3290cb92d22080abf9d579c8a4bc336fc536ec16a41b2c23fac0196671a80ff231779a6f69f83eb22e64672792cac63577e3d7bc1d67bcf58ba2a62e6d1b1e02274bcaedffeae1d46d9fb16df0aa61d31ae144e4f7dbbb7e1c42683dc8af5b30aa5790cf9d0ad66ed37cd6c9c7de575e32924895ef1a71e3d4ca59763585e2c8c5bc5fad67595457203c0c1f2e058c9c7b3cd69af6ca1141d87d36721422dce42f77c5f5aa7ec90f4ed1004b4daa5da9ba9809f1814d7ebe2a882e177c1cdc5b179e40917799fb0a924c10aecb19d0aec6ad6fbfcefad936aeced4129e5f0a126f845ec6c01aea56dac6ca8ce154ff7ef11b851746e87f4a3dc2b2e2dc054b564e3a14fe0c6d009f9d431a51f4f7b5fab2685a120d747d78e8465ad2a6dbfd3157d87c5b511e0162d45e15eb07a171c1693db6a9db2f398d5f0994f0747d6aad7101c92c93d0e18da94a7d3a3f52a680b54aed249ae6e5162c241de5877bb4ad0f02bfb98b5754df84ac808b0b364d71c4629a3bbba8f48f112b5fedac559a42d033c55627207cf3aa7f9539d0c1ce53303e5df0e4e83f03ad734b378e7d7fea8a3da93571164b17c51a706edf8f0fa8e37d074d2d43db9efb312efb9a61ee9040209454680393575c38ccc5bf1b8c3c25d552e4386420e8b1c17ba32274e3c26327aed039fa4190ec8729e6e1e8909426637dd2781b43071883ea773bd8f743ec33390c627f27ac644c71ef4a7182e89b4d7529640b8649a776c016fdbe33667088f5477c8f388eac306bc49ddff1ac8827bf01e77c17a6875316c18410a2ad1913d3f7baa1fe45df349ad750224932d8676bf900e99b6a057330a3861d31e91170ddbf551b92deeb95ecc2a1baeb79e3eb2963d4a78b4f9f9e1302231b288ef95ed20433ea5b12e37852e2b8729b0236b7ffd2bde42608a640ae0244fec3e59f0b1c5ddbd6bcaca36ed14bd1e0408acbdf2291112c84676a3d58490e2abfaa00744ca44803b2af1bc1fae6c9e1c0213288c6737ee9e77811b5af024ba1d451e87582ba3d9ccb4124cde099a8af116f0f49b2a5aa5b4c2a1e22f93e19beccb00bfc592841412a91d818cf38118982b1ebe624ba49e12d52248263fdfc26dcaa76ebdefcb36f062885c8158b30de6d0a03d048c43245c5d74d7052fa1397e26130e6fe8f2cc1d2f26d41eff816738fa3b89e3b1ad029ec2c08921766dc9b78877ced557866117938bd1fc5259b3c17e4417b92db23d2948b25466883ae9efc335260367a71d61a5fadb5892aa3a4dc81bca008ad336d77aa2c8878d76013100c140fe493b3af71df43237add64fb7f89208c3fb734b0ece8c0b14468c7869d4f9d8b98adf8660c1913eab8537f5bac740caaa0084d4c82d3da7bafa73c6434a064f7eefda3fbdd81f7a6ef8fc409f51480366667927c9068b47ff56f0728899b9ca88f33bbe56301448e81c8bd1957a03d1349866c1ce015c2f71469aa0029c2e2704a9cbded38898af15823098852f28fd9d01760e457c7e9f16b480014a0c021b2b082be83d6b26e776734d2a42c18c4bec9769a7fc8eb7657b91bd11dc76bd6f19aad8a07d650788a7161e85f7413d4e206c973ec5b20af8d36b2e3ce92987d46b30f6a6c5140bb810b0653904b846b11722df6997ca1a2b4770d3b5651e5a580a7b34f21a356dec75fc8f9a955e8738008f57d5f19774273c700fa96d490fa0e3b94c2d78fc87ead83e623a300813ab6ef6d5573a59bb726fceb6ea7da95d2deaed3e2985f665c2d5e5819c7767b6854daace1d9f483d295b9348e97ff942fac84424e5f1943c795bbc75f57a3557acf499060404ccd3e9cc79ff37cb3681489c7818a2ebbfbd7cdedee4b7a315c5bb8f3c976a5654a4f29f393c4edda4b7802840da42c357c95da9b03e72173a019d4685addfaade4d557a570e3af6438052dd70ab7c"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_connmark={0x17c, 0x1b, 0x0, 0x0, {{0xd}, {0xac, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8, 0xe, 0x3, 0x8, 0xfffffff9}, 0x4}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0xfff, 0x3, 0x5, 0x2}, 0x39e}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffffd, 0x5, 0x20000000, 0x7, 0xfffffff7}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7fffffff, 0xa, 0x1, 0xe9, 0xfff}, 0xc}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xf, 0x4, 0x20000000, 0x7f, 0x8}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x3, 0x2, 0xffff, 0x2}, 0x80}}]}, {0xa3, 0x6, "c8b49922c70bd105899182440410be2636710628a4b5fa14b4ea4332797dad49828af39eacf26b2139c9879c1c740e4fc3b0f81f5dbb789d4dfbb4fbe8041fed2440d289c2210fa692948c9792bd2a22618335dd2ca5ec62b34c03b2ea8b50231acae9d9b4826e10c2e8e258fb38bc6367a58168bd89605c4ec827c5b62072753ddca9d10efab086cdf9c33cbc8a80e3619ed84b2c0b43174639f280ab0118"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_vlan={0x148, 0xf, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x5, 0xe, 0x2, 0xfffffe01}, 0x2}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x24}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x721}]}, {0xde, 0x6, "3743b02d03e61e393a2a27616eaa41c2b827b17561f1f3701801effcec47fd0272f9c58ed6f7be3fcd7c96d47e44a1fd22adec18426c42700b7f9db9926fd46f263e3f24f87f03049c947c17743f16afb88ecc8031cece9ce6ea2aee7d0db85d3a5b9a3a6baf65032fffc6c455bddf98603ce77c4e1641f77691cb1388bdab44d2f9b05127ef18699f518c445ce57f0fcb4cfa3558c0651b0ba07716ae26098a3f81012e3494c652c61f374b09b70302abba807bb4b8de33802ada8ab8751fcc17f433931a432990f4940e94562aa184d7baf1a83f9deffb9720"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x292709cd9b312fa6}}}}]}, @TCA_FW_CLASSID={0x8, 0x1, {0xffff, 0xffff}}, @TCA_FW_MASK={0x8, 0x5, 0x3}, @TCA_FW_INDEV={0x14, 0x3, 'pimreg\x00'}, @TCA_FW_CLASSID={0x8, 0x1, {0xffff, 0x7}}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0xf1}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x1400}}, 0x8004)

3.162383183s ago: executing program 4 (id=2669):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
pwritev2(r6, &(0x7f0000000980)=[{&(0x7f0000000500)="be", 0x1}], 0x1, 0x5, 0xa, 0x14)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r7, 0x9c3fa077fa966179, 0x12, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x4040800)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
gettid()
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)

3.145728506s ago: executing program 1 (id=2670):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_open_dev$sndctrl(0x0, 0x1, 0x48001)
r0 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
r1 = openat$proc_mixer(0xffffff9c, &(0x7f0000000380)='/proc/asound/card0/oss_mixer\x00', 0x9800, 0x0)
ioctl$NILFS_IOCTL_SET_SUINFO(r1, 0x40186e8d, &(0x7f00000004c0)={&(0x7f00000003c0)=[{0xffffffffffffffff, 0x2, 0x0, {0x9, 0x800}}, {0x8, 0x0, 0x0, {0x0, 0x10001, 0x1}}, {0xb3f3, 0x2, 0x0, {0x6, 0x3, 0x1}}, {0x2, 0x2, 0x0, {0x8, 0x8000}}, {0x7, 0x1, 0x0, {0x8, 0x80, 0x1}}, {0xf, 0x0, 0x0, {0xfffffffffffffff8, 0xc, 0x2}}, {0x1, 0x1, 0x0, {0x1, 0x9}}, {0xa63, 0x2, 0x0, {0x100}}], 0x8, 0x20, 0x3, 0xfffffffffffffff9})
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x5ede4a12)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mmap(&(0x7f000089a000/0x2000)=nil, 0x2000, 0xb635773f06ebbeef, 0x810, r0, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x2, 0x0, 'dh\x00', 0x10, 0x5, 0x2d}, 0x2c)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'none\x00', 0x3a, 0x5, 0x22}, 0x2c)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x880, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x400000f3, 0x0, 0x9}]})
socket$igmp(0x2, 0x3, 0x2)
socket$igmp(0x2, 0x3, 0x2)
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r9, 0x0, 0xc8, &(0x7f0000003d40), 0x4)

2.886782107s ago: executing program 2 (id=2672):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x8011, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x109122, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000340)='./file0\x00', 0x1, 0x38)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), &(0x7f0000000500)={0x0, 0xfb, 0xaa, 0x2, 0x9, "adc948fac0d6fd6c5474224f78a9637a", "45ee123d9fdaf68433002b46f78dab0b2e11b9c35e6146b90936bc64cb06bfdcae9a2c1073d72baee8df5b194dec4989cc161f4163de41fc29a31304caa2af37cc7cb5f34b31436d40b6dcc2af751821ba6a2cc9aeb3873c32181cf8cbee94370faaebfcebc647f4719a60748e5a3117304d7606fdb1a426f67bfed7200a69a74c1671f22ac548904b49b1b98517e56a2795ed97ba"}, 0xaa, 0x0)
write$binfmt_format(r0, &(0x7f0000000100)='0\x00', 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x78, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
write$qrtrtun(r0, &(0x7f0000000000)="ca0e968bb35b", 0x6)

2.678367314s ago: executing program 2 (id=2673):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r0, 0x20, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async, rerun: 64)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) (rerun: 64)
sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r2, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40004}, 0x0) (async)
r3 = openat$rdma_cm(0xffffff9c, &(0x7f00000002c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_REJECT(r3, &(0x7f0000000300)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x3, "69d168", "d7cfadf68594c2342292e7b3bf4bd03e4bac57822ce84e907d3eaba2fda68e31d0e78d13cb3e1fcdda8989744f65f2adaf3f2dff6525964f6867897c557f6de490fcf294665da4e3ae71084d6230b2db9281f48abf28157030ead74fa44bbe529167909fb1c0c25de06dc6b88b857d8617982c546166a03dfef5ce9e821a82d35cce8006e062814e33dd65947435d04bb2116b932791b5e9f4bec76b2c4b367d2835731baa5d0a256e3f46f6cb71537bc6ba2364d399e68e7d50eec00ccb3d39713c6b097f366663eea72fe850f7e5a2e8ee107a27b852ab6abcf9f95940121239f5e0618be36484346a7bce7fa2c053f67c4393196e529912551ffad21e1ce0"}}, 0x110)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r4, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r0, 0x100, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4044}, 0x40) (async)
ioctl$AUTOFS_IOC_PROTOVER(r4, 0x80049363, &(0x7f0000000540)) (async)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, &(0x7f00000005c0)={0x12, 0x10, 0xfa00, {&(0x7f0000000580), 0xffffffffffffffff, r3}}, 0x18) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'ipvlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r4, &(0x7f0000000bc0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000680)={0x4ac, r0, 0x200, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x12a, 0x2a, [@sec_chan_ofs={0x3e, 0x1}, @rann={0x7e, 0x15, {{0x0, 0x5d}, 0xf, 0x91, @device_a, 0x8, 0xfffffe01, 0x2}}, @prep={0x83, 0x1f, {{}, 0x5, 0xff, @device_a, 0x7d, @void, 0x80, 0x1, @device_a, 0x6}}, @perr={0x84, 0x35, {0x2, 0x3, [{{0x0, 0x1}, @device_a, 0xf840, @value, 0x34}, {{0x0, 0x1}, @device_a, 0x0, @value=@broadcast, 0x40}, {{}, @device_b, 0xd129, @void, 0x35}]}}, @perr={0x84, 0xaf, {0x3, 0xb, [{{0x0, 0x1}, @device_b, 0x5, @value, 0x20}, {{}, @device_a, 0x7fff, @void, 0xc}, {{}, @broadcast, 0x4, @void, 0x6}, {{0x0, 0x1}, @broadcast, 0x8, @value, 0x15}, {{}, @device_a, 0x200000, @void, 0x21}, {{0x0, 0x1}, @device_a, 0x400, @value=@device_b, 0x1c}, {{}, @broadcast, 0x4, @void, 0x19}, {{}, @device_b, 0x0, @void, 0x1b}, {{0x0, 0x1}, @device_b, 0x7, @value, 0x3e}, {{}, @device_b, 0xffffffff, @void, 0xb}, {{0x0, 0x1}, @device_b, 0xe, @value=@broadcast, 0x1a}]}}, @dsss={0x3, 0x1, 0xb6}]}, @NL80211_ATTR_IE={0x1f, 0x2a, [@erp={0x2a, 0x1}, @dsss={0x3, 0x1, 0x6}, @ssid={0x0, 0x6, @default_ibss_ssid}, @dsss={0x3, 0x1, 0xb2}, @supported_rates={0x1, 0x8, [{0x1, 0x1}, {0x5}, {0x6c, 0x1}, {0x2, 0x1}, {0x30, 0x1}, {0x18, 0x1}, {0x18, 0x1}, {0x30}]}]}, @fils_params=[@NL80211_ATTR_FILS_ERP_RRK={0xbe, 0xfc, "19127bf65469024e512f2ccfa343e8acef08cd7b92b3b382b9f0714f13712e92ebe35cd58589c143cf7a655e8dea007326eff38227fd5fdb9db8a240cfbee7f7bd5b9c002a0b51da363d3f1f537e0941a6fc3072278ce3f1b93fbee5df3312c5d0a45c603204f9d42be9b9e67931a69350c8c69431ddfd1bd4742fcf68b018f6971b30fb7eed39bd4a2452e2daf96a234913af09be96a8785a07daf200b48dacebd62d5488b48e835800aa2d615563aa6e273ba7340852e1160e"}, @NL80211_ATTR_FILS_ERP_REALM={0xa5, 0xfa, "ef6156788c76a15af01d5d4d69146f0ffe161e4a0f5d30c7475ad121a483cffa7e0eed079f1aa40f524c31dd0f82c959ce05749de7d6ec4a3ce59426ac45423331a13f39bbcac0fb067e15be094687103f2122b282da5422bf62e55761b10a63ed6c9f7b041d1c6b8d5cf4eb97f5f241329bc426a1201acf56e2e0c4e8ac7f1e290ea9923be1080f735de7f60ab31d0f5ac589bdb2682ffddfedf563e4d0172c3b"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6}, @NL80211_ATTR_FILS_ERP_USERNAME={0x12, 0xf9, "eac142145e3400598657db3aaf86"}, @NL80211_ATTR_FILS_ERP_RRK={0xba, 0xfc, "e903eb5753d77459cd1d3320fa6e7c6805461b6d1ad3fa9eeeb893f6074d050da7547e50be83c6043d457742c25755981f5d90193c6af7cc48789f4b6b85d6af96d62b584e7961ce88a473d907a7cfa1036cbe06f9f36f1d9148968d5739db4e66c460d747701ca25dbc525a9a6d5639413aad60a9d02a64e9aec336de4e0485349307d091963c752af2a3a47d664539e7c9325253326d79a8b898564e5c3c870707325e5e10f719d222a4bfabea59765b609472586f"}], @NL80211_ATTR_IE={0x102, 0x2a, [@mesh_chsw={0x76, 0x6, {0x2, 0x0, 0x28, 0x6}}, @random_vendor={0xdd, 0x7e, "0e8d3c8c4cf51d2e6e3721d5bbdd26b5b7802d0cbc98a7cd7d0634097c67961e5bca992bbe7ba6c226901b4796c79d1f78d0d3ebb56924aff92849194a00b449de890ff6174417b415f07c966ea674562052aa5af34e1cf8f939f238c02d9a8a46388f7d69a5384f0b47e61eb8889d1932bb02f55070feee0cef13311a07"}, @tim={0x5, 0x64, {0x9e, 0xbc, 0x6, "4a16fb6be0a1074399e50f3dbadf21631c56eb683d31c7c2deeed0bd066054fe8bba4c59325d19f5398e86751edf804e2bca69939305d4ded2af89232270b07fd68e17c8966d6ca74be438cf7ab92f329b9da21d22ce99f2f990ff70e7bf894d56"}}, @cf={0x4, 0x6, {0x3c, 0x2, 0x6, 0x4}}, @challenge={0x10, 0x1, 0xf4}, @channel_switch={0x25, 0x3, {0x0, 0xad, 0x9}}]}]}, 0x4ac}}, 0x40)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000c40), r4)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r4, &(0x7f0000000d00)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x34, r6, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xffffffffffffff54}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x2}, @L2TP_ATTR_DEBUG={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async, rerun: 64)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000d80), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000000e80)={&(0x7f0000000d40), 0xc, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x6c, r8, 0x2, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @local}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @local}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40}, 0x40000) (async)
ioctl$SIOCX25GCALLUSERDATA(0xffffffffffffffff, 0x89e4, &(0x7f0000000ec0)={0x79, "7ad7c724820cfb3864a59c39593eb72fb2496275cb2a667358c1606da33d9ff0cf36356f45a4c84653b0f028914c01ed9d4de801fa3bef86eecbfba23d2ce81715ffb4fc559ecf7307bbfbe3e4abedd4af75349cee78a74a5ef06d1513494d0ffefb6e3aecefc1c91f341149acf6d23a551e02b9ac41e00acd776b4938d3dd22"})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000f80), r4) (async)
connect(r4, &(0x7f0000000fc0)=@ieee802154={0x24, @short={0x2, 0x3, 0xaaa0}}, 0x80) (async)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000001100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)=@ipmr_newroute={0x2c, 0x18, 0x1, 0x70bd2b, 0x25dfdbfe, {0x80, 0x0, 0x20, 0x7, 0xff, 0x0, 0x0, 0x3, 0x1600}, [@RTA_SRC={0x8, 0x2, @empty}, @RTA_IIF={0x8, 0x3, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008050}, 0x40008001)
r10 = accept4$packet(0xffffffffffffffff, &(0x7f0000001140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001180)=0x14, 0xc0000)
getsockname$packet(r10, &(0x7f00000011c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001200)=0x14)
r11 = accept4$x25(0xffffffffffffffff, &(0x7f0000001240)={0x9, @remote}, &(0x7f0000001280)=0x12, 0x800)
setsockopt$X25_QBITINCL(r11, 0x106, 0x1, &(0x7f00000012c0)=0x1, 0x4)
lseek(r9, 0x4, 0x0) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000001340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001300)={<r12=>0xffffffffffffffff}, 0x106, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r3, &(0x7f0000001380)={0xa, 0x4, 0xfa00, {r12}}, 0xc)

2.61562025s ago: executing program 2 (id=2674):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp', 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0x3, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x6b7, 0x80, 0x0, 0x1, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x24000000)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a128ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x1500)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0)

2.445988881s ago: executing program 0 (id=2676):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) (async)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'macsec0\x00', <r2=>0x0}) (async)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040), 0x6)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0xfffffffc}) (async)
ioctl$sock_bt_hci(r3, 0x400448e6, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="7c0000001000000800"/20, @ANYRES32=0x0, @ANYBLOB="46060900010002004c0012800b00010067726574617000003c000280060011004e23000008000100", @ANYRES32=r2, @ANYBLOB="08000700e000000208000400584f000006000f00f8ff0000060010004e1f0000080007000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="40cf056678ec0ea5ea902838eb99eaf5b4ac4a0b39f1a93714f384e1153ee8e6c77232aeb835a8b7557b41585dbaa33867ce78076fd6fc5f2a8e54879e236f18c57f9b779a47cdfb9e882973681f2c1551"], 0x7c}, 0x1, 0x0, 0x0, 0x600}, 0x0) (async)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000000)={0x1, 0xa4e})

2.31359037s ago: executing program 0 (id=2677):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x40020}, 0x20000000)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$ttys(0xc, 0x2, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000, 0x3})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x42, 0x18)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010101}, {0x2, 0x0, @local}, {0x2, 0x4e21, @local}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x6})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r5], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48881)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000000), 0xd)

1.693889326s ago: executing program 0 (id=2678):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_open_dev$loop(&(0x7f0000000240), 0xffffffff7ffffffd, 0x1ea1e2)
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x200)
pipe2(&(0x7f0000000200)={<r2=>0x0, 0x0}, 0x0)
read$FUSE(r2, &(0x7f0000001000)={0x2020}, 0x2020)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x1, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0) (fail_nth: 1)
vmsplice(r0, &(0x7f0000000680)=[{&(0x7f00000003c0)}, {&(0x7f00000006c0)="84b0459158c085154fede4f8c066619ed64e4bb02a55ced5b3c23b3474994782b12a60d6ab167341b89e2c6adaa62c9e8e72400d802de2370a7b85dd5875a857560d36ae68c21afb36462cf600bf2f756af0edd49c0802508ebd737ebc99f84c941f1eba5e8a5366085e9acd5217df27e123a55231b58db80452e8db871f88eaba57b84d021d92613c4032bc066696f87866823c1bc25d7eb398d88c18bbdbb80271fae3d2534f1d2a508b254263cc83ecacdb039bad6fcd23f25e7643c4ea1186fd71bb6325d2adde2df0aa8773edec0f68f83e7cf91fd5de05cf71470d153a91066cc002f7dd29cf725883e080d1aa7656d238b5ff192c61947395af40fedc00f41f172c6d11e7a78f67461cc1b0c96102f94037c9520aa0557796f429db151d2dc3e869a671d0759ece16dc2ce6c923bbf54845e2b8a22e8f1455789d4b9a2e36f6f7ba966bfa5d8e5d445f8798dd3a73ad408859550d554533efa8eee469609d8b6cdb3702dc4e0d35131ca06960b3247b63e8b6e59a11a7fad01dd6799b468bbf306ba62e73b8b2b6e700fd34ca45cb62f54390f5b484a0ef0e3f3b20075be4b6ccd96cfb906b2734e3449dfe886af6568b7750de62a33805c308931eb4b2d971dd84dc336a966837066d0e966b214b48b6f669734fb95a65263a6d621f29b590cf7cdf761264d4ffad2f05f3d7ac2b204633e782da4c78d8a2fe8e3b703eb92ce75948d599a352c73456c6cdb99ffac8ee5559543efd765651b797100776df00a9a4635f2b54a8a845404a0531f29d3e5853cf8c44f45df014bc2fceaa80b63ac0084a8226dd6bf9385eef2e4fb1604edb3abc488685d6d569f6d7541d8e7f0505000e6fa5fa393df4550a8cbbb8ac4eb6c2a90db59e8942aaac64221b8b14fa27795cf89e383d11d5774974070d87983f5d4ddd38ef3d8f0e5ca9558ad77b7acbb85e8b2cfbb097efce6eb18af848b953d5dbbd894edea5f17c3dea92a788b0b516cbb7e7c03e0557dbe7baffd8572ba293129438bc7f43bf25f5f850c2da984ad488cbaf90ec166b8cd165da86abf2ac91da5e29ab3c6118680abdf648a60ff2998205ac2bd79d1b06cb11281c19bcc895c915f98c01c80bf940d853b711b62b142706336bed20dec5a4831f6f6f1e7da2c4393e31241af052558496375e5d415030f95cb74ce1d1948ed9450053eef0c02176e3ba5101a9795dcb2e44d0777b494ba4ef16ec1df22aa6a0b61f88bf3ccf52190ffb71d0321d311fa9e97b95b75c337982546c9f1ed7922d46d7815d3f0a31fe262d4c938a72c2e3a23d047e52d6c9483bc74c82ef96f4878ffe84bb02250e6be1712e9f40deb3d8122883b5948ad7b80b9784f2c291e69d9eb723eb996cfb65c88ebb0f222d5482018a97879648c2864cea726643bc59bf3d1c25d0dcdbca3c4f4f80fa55a7add8c1bf3c78cb198d6ac950df1fa6b6669227ec9f32874378e4a9e4309ba5ae247fc3018ef741a4c933ac61c30835198facf99fffc8ac958777c08dd1135b4c27c4acd5003f9a5c19d79d1230d149f5462d31c258a59029d30b46d490eedf5fd0fe17fe2c3b483895bb1a368285587047176b290cbfcdd49d8aa1666d3ed4893bad17951f3164a02f7e6db8a4b7107c2362124727d4e887e8786ddf44805c4da53caefc1241658a8c57dc922785f279a11194038ce0b80f1f50cd129db678c6ea11150e038abb1194b3651aaf23f54a6a6e90be7739783d978d5694d92e9e27b40229b2b14b65f564999e06a090866ba25b908823d7e5e426fa758a7981c2ec11e497b996f1883a67f63800e670c8c45838d00a788f4da7d617b8a8f6d09ce3a1f93ab09d544852fa60a5e7ea88778d6923581a2c308a543901ef2ba4822e2a12df6fd4384a9d35603708aca43da02cb1024a58c7acd075ba4382da74493a54b33d75d8d24a3f122e80371e72abf4aa70f81b31baf5d0114e8e471bfe8e7e99489ace7de037d4f5dbd1f58f874b04790d5b1d86b49dd428da6daf92d294096600ba9a71a469241981452fbac01615ea27ea3d02eb0202870070122d94d1ff4f45d056657b072a04b30e66ba2f8fe01f66a0309dce40590e2aa3afd7ebe141266914570c532e95acb71ae1c334f8063154fad9aa0ff15597f48bc7eb9a2a02484f4599950775aeaf2c61c2c10c6917b773a0e21c74991696a54868679f264e7b9d6a6054bf0d1a245fe1af3d9ab96283813fb15e9c36c044b8c3ef60f70cb6cb106aaef0a2c3794cda86eb6191e83f88ea50fc95a414256772b08688a6fae44e0573c286d192c55edf849461fa1affa1e7da29140a598eb7f7d86468b9175a182a33f9a928fc9a9944faef0b2434a70d45423ace458dcd5b6c9b5ec7a3e2972b3dba301dc54ff9edff7880e0631c8a5093317cf2163492f825c719bfa9a075e6e83fe86a3d333b97421aa695b2ec414666b1f9622449dcc88e5575d3f903191ccd7d3650cf32e1898d985b538efb5e64897c5b7fe03cb67e2425fa26449046ac6e03f7eceb757be1efd01dee718ca4a35ae4482676bf85cdfff9735f78852f01c889afe5a730aaaa490b62178a9571b9ea2d29d78d384bb2b1b576896c39e01686aaf263a9012c25de56c98ff07d785927a0f2d2c888a79f474f1065e254d5516c820992862c4f8c5daab06df86fbe3c86d57d3b161e3a9b75982c8a3297fea09a228bc66953ac89189cc04ff130a5c33c834e25d9b350d39a3326948e525fbaedb4167219e3c22d9275470204430e492d8713f7ca96c4b4308153f42a9d713d8d09094f3d5647c1785de58c6b9d4be5de0471a35f0e448a268a36a523308589e1352fda9af83eb89984e4fc1ffd7d2677ea04eaeda35abcf63c2a2ee898625e1e23ed00e8055637c353dfbb3c597a6e97ab05e2efedfc7c5201fdb2c070dcea73b049c42ea0c438dc65b3a3ee59a495a1f9277d26013ed44ef9e24ef9cbbbdacd423a7d0622e402cc9379aa81726b341160540255ff9820b0a54163baf2c6c89ec136f9477737d40109111dcef90b49f24e9f7d2b9dc2f5d4c611509446eb5ba7e6293c483143997c24d6c743941b7fe04c8127fd2998654c07fcb75ba8fcb52deb73f0e953002a598695b77ccdda490ae949ba873e4a34dd19feeefce89113bcef0ee48a90f4a438c4e34d0f293e5918b71d14a8cc0e3f99ddc59fa3c5b67519d8ad9aa0f9a7898516955ad9cb3ecacb1b0375676754ab54f74b87deb728bae1a708c939e7905934761d8e4a73e9f5909b1604347bfd7bffdd13885bb14063ad801542152b853e97f896af9e01b7429c6d136e0d0a68538e5239aca708757113d749f6af088acb6daa4c71495730445629c11bbabda00828c7b9bd3ac71ed938084c4077d1e187f1ce94b2f05f9620ace7e8acb9cd4536ce756989a2fefbd3d2a13446add5480c0137dd9ce50500d589d0beb77493e3f44ff3ad420023aba12ad2af2a282a4f76bb1696ec34d401245620bd3b7890f3487a6aec780c511f46cc137cd0e7d7cba8de8d86f65ebb2518e9392a2503c42b6a3d654f16e50dcad97ba37e8668555526db592cb7d04989f3f967fe874df0cc42bcabaa24ad38852c7fe28e1c582994e7209cfa4fcbec005642f49fd360fe9cc1db876b472cbcb076fe9aea545a7c3c76d8e4697e26a6971e671f2374515ab5acc9ce9ebae0248b9878cb48ad674bc202d7724e59aa242eed5c17c237990ac4800897d83509acb54e68442aaa2110f5645c0882f517b535b6853dea3b2e734d3389ee805423cc490ad1f6ab164c7e06219c811858e347939ccdf91f5a47ecaa9706e485d668a0e0ce17c44ec5d95896b088c89d2fb46b58bc017ed40429c14a001cfd7a51dffb9c9fe68c1a05b3b065f4528b88ba72179b11946b91a76eaacca06ef0dd1a3d4916ccfe13767356465ea88f132c92ab008daa26fccb7cb000baa22dd811885fccfeb7df6c58e7da4e1b26c9526327f287818f15c99d165ba25e72001e8af6375c00bd4650d8296355a2d486bed57a716b15c92e1cae932068bbd6539e840d44dd1cb0f715b9c46ef8e33ac25f2977851fef57b47c40af14bcf716f923f92c10d2de0f9564e1fc1f2a63f8f7262623a8f3a246ea7e485e251e8bf4416f91dda75719e3369b800066b3b2e52c1f9e1f56da0fe678e465b820b5d19474d62ebf6058b9a77417f0ce63d1b817415255cf2d98e436f7d9df08827a61bf774185d8f7d34590c54dbf4bd50a483cceb0b06ab0761c4986ce38d4d3f8e6336abb152bb86deb6db2c8b13e7db6b7cdd84b8cc2203d1ea09dbdcaeb07393bad9b3d552cb656a1b77dd527f4a6ff7776b9c4c5465c61f154d79da8d178cd969591b5ca6f7811cd4ea3919a84ed274b3d008715e8b15d75e9f67175dbee8ebfe039d6d5ba883b45916daca217e8768f97307f555456cdd11518f59c06b43b3ba0e66c83d6af0a4b6e39429998d9a9a417b2f472c41911292004343841fabbeb3f80636d52df5969a1e0d4d3a2db629464d9aaeeb7843e7581025a10d15a1b5f7bb4cad97f43e17387b1c091cd04e3b7a806c22fd9e38f4515bf374f89d82852c1af19885f7ce3e74d7a2183001877debdc7f9379c8e2d8acacdaf88edbf233ed12a4f05d437fa81ed3f32e48552d91a83b58214f8724c0ab867d223f82b274dbdb15e22f463000b3664eb83a3449deac376396d0a970f13a23651da51b5f0ff93743315a541f900d7e0f2a35b81ddc2e821196f3c86132261b93439082fbac7b92ddea25332c82973fc6de4cc224c374ff3656980ba15e66b8e38285317a319bd704107b5205484b08270dd7755d06104f24993755e31996138d659f43b371ba4363deaaa211ace6f71dd5e9b979c9072fe55dddebdf52398bd8f67f40b9739e8035db83395a1ef6d96bb1e7eca3e5622dadd415e9e32392703f270a689fbfab1cc00ef40acc29fda7aa1336eb33c2049e7d53d30521e29d1cbc380a91fa46c1f2d58d7def3a711c0654eb0eea171096af1c96e5cae46e0f9d2a4ea053b236d8e59e44274512bf47ecf57a086cae33f8e10072e508c4836030f43f3061ea55c6104fb1264dedd9fd8f0f59db05bfd2dce44249ec61c5d4287a619c6765368102ca4374428aa7281d52a6a73b6bee687a005baa0c2915169c631c758eb065df9d38d49921fd65ccd6341b52cce538e19d2813587641612a95c4e2a425545eb66f3b9bdb80c862b7f3df2d25b461c86741b2c4c269c079603c5e0e7b84c2a567dc948d30f661a0286904460a6506b9a2e696759b10e0066b7076233c2d2b906de3c8e5eb4f169eaa1726a9d8a494f2d13ada53ec40851d5e3a30fb2e32d2a9f7ca1ac54271d8abcbf0aa59f665c0cb40945ca1c105b1c6929131a751f0b0a01edbd35cb49b23e21ce92ba6471efe8f2cc745088bd26049740b4b51ee079ae1ca4eea89866aa337495b12593440c7efc63245a3b98a09168a76d8878e35cd49acf581d4af8d6c09d4b82ba8a9f194f6debc5afb830b775b42ae9a74d639ede0ca4", 0xf54}, {0x0}], 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000200)={'wg0\x00'})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r1}, &(0x7f00000002c0), &(0x7f0000000300)='%-5lx  \x00'}, 0x1c)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000380)='./file0\x00', 0x0, 0x10}, 0x14)
write$binfmt_script(r1, &(0x7f0000020240), 0x10010)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000001700)={&(0x7f0000001640)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000016c0)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x800)

1.62988465s ago: executing program 2 (id=2679):
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000180)=0x19, 0x4)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140))
connect$pppoe(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'ip_vti0\x00'}}, 0x1e)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040), 0x12)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0xf00, 0x2, 0x0, 0x10005, 0x900, 0x7, 0x3, 0x3}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.565632614s ago: executing program 0 (id=2680):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
listen(r0, 0x5)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x40000)

1.509567389s ago: executing program 0 (id=2681):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe80"], 0x0)
r1 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x20002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = add_key$user(&(0x7f0000000340), &(0x7f0000000440)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x48, 0x0, 0x800, 0x70bd2a, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x6}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r3, r3, r3}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha224-generic\x00'}})
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000200)={0xa, 0x4e21, 0x1, @local, 0x7}, 0x1c, 0x0}, 0x200040c4)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = getpid()
fcntl$setownex(r0, 0xf, &(0x7f0000000040)={0x2, r7})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r8 = socket$igmp(0x2, 0x3, 0x2)
recvmmsg(r8, &(0x7f0000001d40)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x120, 0x0)

1.383681169s ago: executing program 2 (id=2682):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe80"], 0x0)
r1 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x20002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = add_key$user(&(0x7f0000000340), &(0x7f0000000440)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x48, 0x0, 0x800, 0x70bd2a, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x6}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)
ioctl$SNAPSHOT_S2RAM(r1, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r3, r3, r3}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha224-generic\x00'}})
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000200)={0xa, 0x4e21, 0x1, @local, 0x7}, 0x1c, 0x0}, 0x200040c4)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = getpid()
syz_open_procfs(r7, &(0x7f0000000300)='net/ip_vs_stats_percpu\x00')
fcntl$setownex(r0, 0xf, &(0x7f0000000040)={0x2, r7})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x2, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
socket$igmp(0x2, 0x3, 0x2)

318.747774ms ago: executing program 4 (id=2683):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (fail_nth: 7)

276.313724ms ago: executing program 1 (id=2684):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x8080, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0xc1)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2fdfffffd}, 0xc)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x84, &(0x7f0000000280)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}, @in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e24, @local}, @in6={0xa, 0x4e24, 0x9, @mcast1, 0x9}, @in6={0xa, 0x4623, 0xff, @dev={0xfe, 0x80, '\x00', 0x44}, 0x7f}, @in6={0xa, 0x4e24, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xc}]}, &(0x7f0000000080)=0xc)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r6=>0x0]}, &(0x7f0000000240)=0x8)
r7 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi0\x00', 0x101001, 0x0)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, &(0x7f0000002500)={'comedi_bond\x00', [0x3, 0x5, 0x24, 0x84e1, 0x2f, 0x2006, 0x6, 0x8, 0x80ffa, 0x800000, 0x0, 0x8ebd, 0x1003, 0x1000004, 0x40f, 0x10000, 0xffffffa5, 0x7ffffffd, 0x1ff, 0x209ea, 0x10, 0x3ffdc, 0x8, 0x5, 0x746f, 0x8, 0x5, 0x8, 0x0, 0x4, 0x7ffd]})
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000080)={0xb3ad, 0x0, 0x4, 0x800, 0xbc, 0x1, 0x67, 0x400, r6}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc"], 0x48)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e37bcdba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007f13a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff1ae0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a0064341697e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a202a991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0x2000, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000002480), 0xce4, r10}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x3ff, r10, 0x0, 0x100000000000000}, 0x38)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x9, &(0x7f00000000c0)=0x1, 0x4)
r11 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r11)

14.346456ms ago: executing program 2 (id=2685):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r2=>0x0})
clock_gettime(0x0, &(0x7f0000000040)={<r3=>0x0, <r4=>0x0})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f00000001c0)={r0, 0x96, 0x7, 0xf978})
nanosleep(&(0x7f0000000080)={r3, r4+60000000}, &(0x7f0000000100))
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x4c, r1, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x79}, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)

11.307001ms ago: executing program 4 (id=2686):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r2=>0x0})
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x2, 0x1, 0x1, 0x1}, {0x2, 0x1}}, {{0x3, 0x1, 0x1}, {0x3, 0x0, 0x1, 0x1}}], 0x10)
bind$can_raw(r1, &(0x7f0000000200)={0x1d, r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x1}, {0xffff, 0xa}, {0x1}}}, 0x24}}, 0x80)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r3 = openat$sequencer(0xffffff9c, &(0x7f0000000480), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r3, 0xc0046d00, &(0x7f0000000500))
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_io_uring_setup(0xf01, &(0x7f0000000080)={0x0, 0x7f3d, 0xc00, 0x6, 0x42f6}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
syz_io_uring_submit(r5, r6, r7, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x10})
io_uring_enter(r4, 0x742f, 0x77ae, 0x1, 0x0, 0x0)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
vmsplice(r8, &(0x7f00000001c0)=[{&(0x7f0000000280)="dc", 0x1}], 0x1, 0x3)
close(r8)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r9, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
r10 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000540)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a40)={0x0, 0x1a, &(0x7f0000000380)=ANY=[@ANYBLOB="b79f0000000000007b8af3ff00000000b7080000000000007b8af0ff000000005cb600b3000000000000000000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a5000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000009823"], 0x0}, 0x94)
add_key(&(0x7f0000000200)='dns_resolver\x00', &(0x7f0000000180)={'syz', 0x1, 0x48}, &(0x7f0000000240)="48ab0500", 0x1001, r10)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x3)
setsockopt$inet_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f0000000300)=0x1, 0x4)
connect$inet(r9, &(0x7f00000006c0)={0x2, 0x0, @empty}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r9, 0x6, 0x13, &(0x7f0000000900)=0xffffffffffffffff, 0x4)

0s ago: executing program 0 (id=2687):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@mcast2, @in6=@local, 0x0, 0x0, 0x0, 0x779, 0x2}, {0x0, 0x2}, {0xfffffffffffffffc, 0x80000000000, 0x4, 0x1000000000}, 0x0, 0x0, 0x1}, {{@in=@private=0x200, 0x0, 0x3c}, 0x2, @in6=@empty, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffff, 0x1000}}, 0xe4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a010400000000000000000a00000109000180070dcf26fbab49281b9589000100637400001c0002800500030000000000080002400000000995000140000000090900020073797a320000000014000000110001007167e9a011fff391637901f84702afc500000000000000000200000a000000000000"], 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000640)="06e28092c5ec1d88d05e0a6f2ce709c63de1ab461557270000fc494605c77dc874d0734eed79ecd2e373cf63d3a4e9a461877edf08af5c6c56be907e383f7a1cce50acae1ed1944d1e00f576d2365e27c059eaceee4e56e1f161effd91efedde230512ce932b03ea7ccfb1442c3d8c8954f4b9cdc4bc9dc1f14af9e5b22f9ba40774572c6992cab7a7b60004285435319ebbae2cc5f343756fd4c9eb88760294047270864a6921876a953daf8b1e8dfa14c0626ce6597cd21a38b8b115ea15c3d63f4119868d4b3948cfcda7f069a9ccb0bbaa4854f0dc1092e6f0b16873951b1e521e1ce63614fc34a7cc07f154261ec71cd457229a5897a9815f7641bdf50b05aa1d5d1a8449f02cfaaeab93fe13c3d9506d0b6601af66ef870fb98b97b7b9d1c3c2790c21dbf6f7ebd3b0a85faa3288257ab2ae248865498bf0b7f23e12cfa7a3137a9903f866eb874415cf20253e94ddfb1533827d152e7832802139c31983e997baa5f23a40c8f9cbe7e7274895237c1c62ae78573167529ff5d9bfb1bc323c07b3aab1f85970d441f0129d27dbe5664644592b3c5d6ff85793058d9fe9e99ac2108ee522390c933756a59cc6f6ef0e7ca509ddc84efff7ab44c61a0abbcd8f1de55583861a81bc5a176152615ca08b82da4de1e960f6eb291f0ede5222e58d63a15e3e9516ace4ac5c5d922bd755ff05b72d", 0x1f5}, {&(0x7f0000000c80)="c9fbe0378bef0a6749d715b5c3e27d03e68c83579553d3bd9cc08edbae86d2f95e95a3fa8ab031e21b5a47e4205c87eefc819e6ea7bd0f6772e957f739339398cd07aeb0522339dde07af5b6ee6b94221ca3494c29be340810d421808f27877885583a2c80d4331aca54533ad84a0ccc5fa28956504f2eafc0f098f878ae3caf30b7981d5e778aaa197d235aa31c4c77fdf0e1c0d31fc7c43969830f82c4b5631e47df6b9a9f59a57e0e7bd1f9e4fcdb4150f713fb9e3530650b43a92853d1e3334fe72113d518a558343615ba8d3412bda82b725855e14c29f7ed81e1cbb76f9684cc6b7fcdc2808119a0f8328b0c5d0e996e50e95605724abb1c635b0bf633f4bcca6213fef03260e56321e3270f322eb13b8ab70c726cbce78c93e4c87d7d7b363542b1b4ebaf0ed52607d1e3c1d575199af15464ff90242ae9459775aa7c045233df9912fc47d6793f40bb5543b537ed6b79e0091e3c069644ce8d6ea00125815fae3c25f4d5c847e76c0c697d7df260ba36e6917f75ccd289070477665e64ac3e00c93228b72763f28104defab475f03841980110b23d02a3d1b74d25c8f2e1c8dfd9243e0bb7a583f091f829329f045f2fc0c40bb4a5205b071d4b6959663c6bfc1f04b23db627ac9fc792cd3355dbbc031d56107ea3379209a49abf03a8347fce6d48cf1968b64558e30210b02214cd0728c6743b89bd4cc2f1d1424fcedd95fa700751a4ff438469fd9e6f3a47200f3fbbde74bdbbeabfb6f96e32366d85a8e6bb6d576687634daac56c9619e4bbeea7606f223d3976c4bea9a07406b037cef4d06cc9e447dc06901c91145aeb9b9726cbf808d253cb01e0806f21d82b928173be2f5bbed1a97e725b17d1d1bd19c14935abd242ca6501c4282f5f1a3e813c68bdb88add0b6fcc14b8355a81b9ac915e5d51212438c5d2993f26456c9ecde871752c99ddbaecb3f6f5f02a0542e898b64a6d475aae01f2aca6c6013907c085ef56483c910cdf4cdcdb516533aeb97644462cd012e0407dfdeff5428e23edd335b1590641353c54f0802f45d880cb8f22ebbac0cc094a771877aac6491aa62350ccde2993826928e6614b76c15e4aae8ede6de392f4f6567f0833ced4458bca37928cc2a70ca20cd38c11138b6ba39a6374ef7f150eb2d5a500a6b9c010d13dcf7318deb8c106e2448c6b21f62051300080dcc9d87db52cefe722035f1508fff231c22bfc8f1d2e14de70a281be8eb3649ace61896f0c33357fcd838db94aaca611b228f76cb4ab983ad3ab636c7260d57bba0061574bb0876afbeb916e252572687b8d28ba7c945f07e0286bedfd7c259769016225a158bf607dd62e11c83bc686a7ab2903ddd64d4e2c44f39ac1f76b80d6be086396e7515441afcadfecb940776ee4f776d3c294dce9aab77e5c2f6c36c20b4343d80d0c3da5f838b948aa684729c578718d3a0811a1dd654e7ad5e414d892ceb3dd704632caa4dcfdc947ce9391ab9abaa0951d12d56623b0028fe78da20a65df9eabb16e4b14bbbfea7108ab4308e7cb540ab8a810cebbf0d3b64ba108d281c91b011f2a8e565c4b802448bad1a57fe6e74fd3278211a70f0767746ed1f234e8edbcb6f8a215e66849a7f10d1533ef626e31725439afd95c9b3a673041459e473d5ddbcc187f55d72d054bf16a714ee0f4bb5d14cf29b853fd6f703b54f227d20ca414b3d6314e9448d211707158ea758e04a2fe7dad468374d62ab4240bb3c9782faa9f87aec26876714b169198931cbd486c01bb2156488467cda498d0a0c62ff6cf03fc68aa3b8051fff5d68e8374796439e9cf12dae426d3692c2d50699eae00ba4b9797fe5295740d8efb64a48bda389e841254638a118337404194e440a233", 0x53b}], 0x2, 0x0, 0x0, 0x2c}, 0x4000)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

kernel console output (not intermixed with test programs):

t_after_hwframe+0x84/0x8e
[  687.314169][T14111] RIP: 0023:0xf7f58f6c
[  687.314181][T14111] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  687.314193][T14111] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000006
[  687.314206][T14111] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  687.314213][T14111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  687.314220][T14111] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  687.314227][T14111] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  687.314234][T14111] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  687.314254][T14111]  </TASK>
[  687.405225][ T5945] Bluetooth: hci5: command 0x1003 tx timeout
[  687.547914][ T5947] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  687.555619][ T6027] usb 6-1: USB disconnect, device number 57
[  687.578493][ T6027] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[  687.699765][T14154] syzkaller1: entered promiscuous mode
[  687.701688][T14154] syzkaller1: entered allmulticast mode
[  688.064751][T14159] FAULT_INJECTION: forcing a failure.
[  688.064751][T14159] name failslab, interval 1, probability 0, space 0, times 0
[  688.069537][T14159] CPU: 0 UID: 0 PID: 14159 Comm: syz.2.2219 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  688.069562][T14159] Tainted: [L]=SOFTLOCKUP
[  688.069566][T14159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  688.069573][T14159] Call Trace:
[  688.069578][T14159]  <TASK>
[  688.069584][T14159]  dump_stack_lvl+0x100/0x190
[  688.069610][T14159]  should_fail_ex.cold+0x5/0xa
[  688.069626][T14159]  should_failslab+0xc2/0x120
[  688.069641][T14159]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  688.069661][T14159]  ? alloc_inode+0x183/0x250
[  688.069678][T14159]  ? find_inode_fast+0x1fa/0x910
[  688.069696][T14159]  alloc_inode+0x183/0x250
[  688.069712][T14159]  iget_locked+0x1d9/0x6d0
[  688.069729][T14159]  ? __pfx_iget_locked+0x10/0x10
[  688.069744][T14159]  ? kernfs_root+0xee/0x2a0
[  688.069762][T14159]  ? kernfs_root+0xee/0x2a0
[  688.069782][T14159]  kernfs_get_inode+0x46/0x470
[  688.069799][T14159]  kernfs_iop_lookup+0x1a7/0x2d0
[  688.069839][T14159]  __lookup_slow+0x251/0x460
[  688.069857][T14159]  ? __pfx___lookup_slow+0x10/0x10
[  688.069881][T14159]  ? __d_lookup+0x266/0x4a0
[  688.069902][T14159]  lookup_slow+0x50/0x70
[  688.069918][T14159]  path_lookupat+0x5e8/0xc40
[  688.069938][T14159]  filename_lookup+0x202/0x590
[  688.069951][T14159]  ? __pfx_filename_lookup+0x10/0x10
[  688.069975][T14159]  ? __asan_memcpy+0x3c/0x60
[  688.070010][T14159]  kern_path+0x37/0x50
[  688.070021][T14159]  bpf_uprobe_multi_link_attach+0x424/0x13d0
[  688.070039][T14159]  ? find_held_lock+0x2b/0x80
[  688.070051][T14159]  ? __fget_files+0x215/0x3d0
[  688.070066][T14159]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  688.070080][T14159]  ? __fget_files+0x21f/0x3d0
[  688.070095][T14159]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  688.070110][T14159]  __sys_bpf+0x3faf/0x4b90
[  688.070127][T14159]  ? __pfx___sys_bpf+0x10/0x10
[  688.070140][T14159]  ? proc_fail_nth_write+0x9f/0x220
[  688.070156][T14159]  ? find_held_lock+0x2b/0x80
[  688.070170][T14159]  ? find_held_lock+0x2b/0x80
[  688.070181][T14159]  ? ksys_write+0x190/0x250
[  688.070195][T14159]  ? __mutex_unlock_slowpath+0x15c/0x790
[  688.070217][T14159]  ? fput+0x79/0x100
[  688.070231][T14159]  ? ksys_write+0x1ac/0x250
[  688.070244][T14159]  __ia32_sys_bpf+0x79/0xf0
[  688.070258][T14159]  ? lockdep_hardirqs_on+0x78/0x100
[  688.070270][T14159]  __do_fast_syscall_32+0xe3/0x8c0
[  688.070286][T14159]  do_fast_syscall_32+0x32/0x70
[  688.070299][T14159]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  688.070314][T14159] RIP: 0023:0xf701ef6c
[  688.070325][T14159] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  688.070336][T14159] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  688.070349][T14159] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 0000000080000180
[  688.070356][T14159] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  688.070362][T14159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  688.070368][T14159] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  688.070375][T14159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  688.070389][T14159]  </TASK>
[  688.216427][T14168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  688.223480][T14168] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  688.316511][T14161] binder: 14160:14161 ioctl c0046209 0 returned -22
[  688.979154][T14178] binder: 14173:14178 ioctl c0046209 0 returned -22
[  689.212427][T14180] netlink: 212328 bytes leftover after parsing attributes in process `syz.0.2226'.
[  690.347563][   T24] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[  690.518452][   T24] usb 6-1: Using ep0 maxpacket: 16
[  690.522333][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  690.528911][   T24] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  690.533610][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.537104][   T24] usb 6-1: Product: syz
[  690.539092][   T24] usb 6-1: Manufacturer: syz
[  690.544969][   T24] usb 6-1: SerialNumber: syz
[  690.544991][T14206] binder: 14204:14206 ioctl c0046209 0 returned -22
[  690.556820][   T24] usb 6-1: config 0 descriptor??
[  690.565047][   T24] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  690.570461][   T24] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  690.861763][T14210] FAULT_INJECTION: forcing a failure.
[  690.861763][T14210] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  690.866726][T14210] CPU: 3 UID: 0 PID: 14210 Comm: syz.2.2235 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  690.866756][T14210] Tainted: [L]=SOFTLOCKUP
[  690.866762][T14210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  690.866772][T14210] Call Trace:
[  690.866781][T14210]  <TASK>
[  690.866789][T14210]  dump_stack_lvl+0x100/0x190
[  690.866824][T14210]  should_fail_ex.cold+0x5/0xa
[  690.866847][T14210]  _copy_to_user+0x32/0xd0
[  690.866872][T14210]  simple_read_from_buffer+0xcb/0x170
[  690.866902][T14210]  proc_fail_nth_read+0x1af/0x230
[  690.866926][T14210]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  690.866950][T14210]  ? rw_verify_area+0xce/0x6d0
[  690.866975][T14210]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  690.866995][T14210]  vfs_read+0x1e4/0xb30
[  690.867016][T14210]  ? __pfx_vfs_read+0x10/0x10
[  690.867030][T14210]  ? find_held_lock+0x2b/0x80
[  690.867049][T14210]  ? __fget_files+0x215/0x3d0
[  690.867071][T14210]  ? __fget_files+0x21f/0x3d0
[  690.867094][T14210]  ksys_read+0x12a/0x250
[  690.867111][T14210]  ? __pfx_ksys_read+0x10/0x10
[  690.867150][T14210]  do_int80_emulation+0x141/0x6b0
[  690.867174][T14210]  asm_int80_emulation+0x1a/0x20
[  690.867193][T14210] RIP: 0023:0xf7155cab
[  690.867207][T14210] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  690.867223][T14210] RSP: 002b:00000000f540d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  690.867246][T14210] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f540d5d0
[  690.867256][T14210] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  690.867266][T14210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  690.867275][T14210] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  690.867286][T14210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  690.867308][T14210]  </TASK>
[  691.097361][T14213] could not allocate digest TFM handle sha224-generic
[  691.209285][   T24] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  691.673908][   T24] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  691.677661][   T24] em28xx 6-1:0.0: board has no eeprom
[  691.758085][   T24] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  691.761116][   T24] em28xx 6-1:0.0: dvb set to bulk mode.
[  691.763349][ T6025] em28xx 6-1:0.0: Binding DVB extension
[  691.773664][   T24] usb 6-1: USB disconnect, device number 58
[  691.777473][   T24] em28xx 6-1:0.0: Disconnecting em28xx
[  691.929605][ T6025] em28xx 6-1:0.0: Registering input extension
[  691.932262][   T24] em28xx 6-1:0.0: Closing input extension
[  691.954275][   T24] em28xx 6-1:0.0: Freeing device
[  693.210857][T14241] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2242'.
[  693.724708][T14255] could not allocate digest TFM handle sha224-generic
[  694.139422][T14271] binder: 14261:14271 ioctl c0046209 0 returned -22
[  694.325207][T14277] could not allocate digest TFM handle sha224-generic
[  694.846644][ T6007] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  695.060024][ T6007] usb 6-1: Using ep0 maxpacket: 16
[  695.064590][ T6007] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  695.071246][ T6007] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  695.076839][ T6007] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  695.080075][ T6007] usb 6-1: Product: syz
[  695.083718][ T6007] usb 6-1: Manufacturer: syz
[  695.085852][ T6007] usb 6-1: SerialNumber: syz
[  695.099596][ T6007] usb 6-1: config 0 descriptor??
[  695.106362][ T6007] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  695.109241][ T6007] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  695.526759][T14291] could not allocate digest TFM handle sha224-generic
[  695.758173][ T6007] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  696.208061][ T6007] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  696.214908][ T6007] em28xx 6-1:0.0: board has no eeprom
[  696.309139][ T6007] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  696.312883][ T6007] em28xx 6-1:0.0: dvb set to bulk mode.
[  696.323118][ T6007] usb 6-1: USB disconnect, device number 59
[  696.327580][   T34] em28xx 6-1:0.0: Binding DVB extension
[  696.331092][ T6007] em28xx 6-1:0.0: Disconnecting em28xx
[  696.393568][   T34] em28xx 6-1:0.0: Registering input extension
[  696.401409][ T6007] em28xx 6-1:0.0: Closing input extension
[  696.434119][ T6007] em28xx 6-1:0.0: Freeing device
[  696.448284][T14302] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  696.450747][T14302] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  696.457368][T14302] vhci_hcd vhci_hcd.0: Device attached
[  696.737886][ T8238] usb 37-1: new low-speed USB device number 16 using vhci_hcd
[  696.804251][T14315] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2254'.
[  696.972852][T14303] vhci_hcd: connection reset by peer
[  696.975676][   T12] vhci_hcd vhci_hcd.0: stop threads
[  696.978013][   T12] vhci_hcd vhci_hcd.0: release socket
[  696.980432][   T12] vhci_hcd vhci_hcd.0: disconnect device
[  697.082752][T14321] 9pnet_virtio: no channels available for device ./bus
[  697.830296][T14325] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.909567][T14325] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.972171][T14325] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.007830][T14328] could not allocate digest TFM handle sha224-generic
[  698.197988][T14325] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.305372][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  698.325262][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  698.333993][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  698.340798][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  698.672050][ T1174] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  698.676370][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  698.839633][T14348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  698.843440][T14348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  698.926282][T14350] random: crng reseeded on system resumption
[  699.132177][T14357] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  699.368879][T14364] could not allocate digest TFM handle sha224-generic
[  699.541678][T14371] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  699.544782][T14371] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.626184][T14371] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  699.629290][T14371] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.702026][T14371] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  699.705214][T14371] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.766055][T14371] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  699.769251][T14371] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.845617][   T53] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  699.859423][   T53] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  699.870768][T12444] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  699.874280][T12444] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  699.883058][T12444] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  699.885696][T12444] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  699.892903][T12444] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  699.895644][T12444] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  700.640682][T10023] raw-gadget.0 gadget.2: failed to queue disconnect event
[  700.852851][ T5945] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  700.858484][ T5945] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  700.861999][ T5945] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  700.865792][ T5945] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  700.869255][ T5945] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  700.951408][T14385] lo speed is unknown, defaulting to 1000
[  701.075225][T14385] chnl_net:caif_netlink_parms(): no params data found
[  701.419586][T14385] bridge0: port 1(bridge_slave_0) entered blocking state
[  701.422270][T14385] bridge0: port 1(bridge_slave_0) entered disabled state
[  701.425158][T14385] bridge_slave_0: entered allmulticast mode
[  701.428262][T14385] bridge_slave_0: entered promiscuous mode
[  701.441371][T14385] bridge0: port 2(bridge_slave_1) entered blocking state
[  701.443959][T14385] bridge0: port 2(bridge_slave_1) entered disabled state
[  701.446783][T14385] bridge_slave_1: entered allmulticast mode
[  701.450049][T14385] bridge_slave_1: entered promiscuous mode
[  701.495539][T14396] FAULT_INJECTION: forcing a failure.
[  701.495539][T14396] name failslab, interval 1, probability 0, space 0, times 0
[  701.499544][T14396] CPU: 1 UID: 0 PID: 14396 Comm: syz.1.2277 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  701.499565][T14396] Tainted: [L]=SOFTLOCKUP
[  701.499570][T14396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  701.499578][T14396] Call Trace:
[  701.499583][T14396]  <TASK>
[  701.499588][T14396]  dump_stack_lvl+0x100/0x190
[  701.499615][T14396]  should_fail_ex.cold+0x5/0xa
[  701.499631][T14396]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[  701.499650][T14396]  should_failslab+0xc2/0x120
[  701.499665][T14396]  __kmalloc_noprof+0xe0/0x850
[  701.499685][T14396]  ? lockdep_hardirqs_on+0x78/0x100
[  701.499702][T14396]  genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[  701.499721][T14396]  genl_family_rcv_msg_doit+0xc7/0x300
[  701.499738][T14396]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  701.499754][T14396]  ? genl_get_cmd+0x3ef/0x720
[  701.499771][T14396]  ? bpf_lsm_capable+0x9/0x10
[  701.499785][T14396]  ? security_capable+0x80/0x260
[  701.499798][T14396]  ? ns_capable+0xd2/0xf0
[  701.499813][T14396]  genl_rcv_msg+0x560/0x800
[  701.499830][T14396]  ? __pfx_genl_rcv_msg+0x10/0x10
[  701.499845][T14396]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  701.499863][T14396]  ? __pfx_nl80211_tdls_oper+0x10/0x10
[  701.499879][T14396]  ? __pfx_nl80211_post_doit+0x10/0x10
[  701.499902][T14396]  netlink_rcv_skb+0x159/0x420
[  701.499916][T14396]  ? __pfx_genl_rcv_msg+0x10/0x10
[  701.499931][T14396]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  701.499950][T14396]  ? netlink_deliver_tap+0x1ae/0xcc0
[  701.499965][T14396]  genl_rcv+0x28/0x40
[  701.499978][T14396]  netlink_unicast+0x5aa/0x870
[  701.499993][T14396]  ? __pfx_netlink_unicast+0x10/0x10
[  701.500006][T14396]  ? __pfx___might_resched+0x10/0x10
[  701.500030][T14396]  netlink_sendmsg+0x8b0/0xda0
[  701.500046][T14396]  ? __pfx_netlink_sendmsg+0x10/0x10
[  701.500061][T14396]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  701.500076][T14396]  ____sys_sendmsg+0x9e1/0xb70
[  701.500092][T14396]  ? __pfx_netlink_sendmsg+0x10/0x10
[  701.500116][T14396]  ? __pfx_____sys_sendmsg+0x10/0x10
[  701.500138][T14396]  ___sys_sendmsg+0x190/0x1e0
[  701.500155][T14396]  ? __pfx____sys_sendmsg+0x10/0x10
[  701.500189][T14396]  __sys_sendmsg+0x170/0x220
[  701.500202][T14396]  ? __pfx___sys_sendmsg+0x10/0x10
[  701.500218][T14396]  ? __pfx_ksys_write+0x10/0x10
[  701.500235][T14396]  __do_fast_syscall_32+0xe3/0x8c0
[  701.500250][T14396]  do_fast_syscall_32+0x32/0x70
[  701.500265][T14396]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  701.500281][T14396] RIP: 0023:0xf7f58f6c
[  701.500293][T14396] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  701.500304][T14396] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  701.500317][T14396] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000700
[  701.500325][T14396] RDX: 000000000000c044 RSI: 0000000000000000 RDI: 0000000000000000
[  701.500332][T14396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  701.500339][T14396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  701.500346][T14396] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  701.500365][T14396]  </TASK>
[  701.505230][T14385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  701.689463][T14385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  701.707793][T14400] binder: 14397:14400 ioctl c0046209 0 returned -22
[  701.745416][T14385] team0: Port device team_slave_0 added
[  701.749013][T14385] team0: Port device team_slave_1 added
[  701.776198][T14385] batman_adv: batadv0: Adding interface: batadv_slave_0
[  701.779384][T14385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  701.791132][T14385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  701.800870][T14385] batman_adv: batadv0: Adding interface: batadv_slave_1
[  701.804638][T14385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  701.814695][T14385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  701.849354][T14385] hsr_slave_0: entered promiscuous mode
[  701.852761][T14385] hsr_slave_1: entered promiscuous mode
[  701.950591][T14385] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  701.954251][T14385] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  702.083515][T14385] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  702.087979][T14385] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  702.161734][T14385] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  702.165613][T14385] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  702.223275][T14385] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  702.226693][T14385] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  702.251809][  T841] usb 9-1: new high-speed USB device number 48 using dummy_hcd
[  702.412160][ T8238] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  702.422841][  T841] usb 9-1: Using ep0 maxpacket: 16
[  702.426283][  T841] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  702.432302][  T841] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  702.435645][  T841] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  702.438314][  T841] usb 9-1: Product: syz
[  702.439711][  T841] usb 9-1: Manufacturer: syz
[  702.441246][  T841] usb 9-1: SerialNumber: syz
[  702.444409][  T841] usb 9-1: config 0 descriptor??
[  702.450853][  T841] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  702.453944][  T841] em28xx 9-1:0.0: DVB interface 0 found: bulk
[  703.096645][  T841] em28xx 9-1:0.0: unknown em28xx chip ID (0)
[  703.106763][ T5947] Bluetooth: hci4: command tx timeout
[  703.534080][  T841] em28xx 9-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  703.536699][  T841] em28xx 9-1:0.0: board has no eeprom
[  703.598172][  T841] em28xx 9-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  703.600688][  T841] em28xx 9-1:0.0: dvb set to bulk mode.
[  703.611853][  T841] usb 9-1: USB disconnect, device number 48
[  703.615832][  T841] em28xx 9-1:0.0: Disconnecting em28xx
[  703.617664][ T5994] em28xx 9-1:0.0: Binding DVB extension
[  703.645657][ T5994] em28xx 9-1:0.0: Registering input extension
[  703.647814][  T841] em28xx 9-1:0.0: Closing input extension
[  703.657489][  T841] em28xx 9-1:0.0: Freeing device
[  704.154026][T11955] block nbd4: Connection timed out, retrying (0/2 alive)
[  704.156964][T11955] block nbd4: Connection timed out, retrying (0/2 alive)
[  704.159707][T11955] block nbd4: Connection timed out, retrying (0/2 alive)
[  704.162508][T11955] block nbd4: Connection timed out, retrying (0/2 alive)
[  704.165195][ T7278] block nbd4: Dead connection, failed to find a fallback
[  704.168220][ T7278] block nbd4: shutting down sockets
[  704.170706][ T7278] blk_print_req_error: 138 callbacks suppressed
[  704.170727][ T7278] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.177865][ T7278] buffer_io_error: 138 callbacks suppressed
[  704.177885][ T7278] Buffer I/O error on dev nbd4, logical block 2, async page read
[  704.183762][ T7278] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.188043][ T7278] Buffer I/O error on dev nbd4, logical block 1, async page read
[  704.190660][ T7278] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.193638][ T7278] Buffer I/O error on dev nbd4, logical block 0, async page read
[  704.196290][ T7278] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.199646][ T7278] Buffer I/O error on dev nbd4, logical block 3, async page read
[  704.202433][ T5934] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.205475][ T5934] Buffer I/O error on dev nbd4, logical block 0, async page read
[  704.208088][ T5934] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.211710][ T5934] Buffer I/O error on dev nbd4, logical block 1, async page read
[  704.214549][ T5934] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.217637][ T5934] Buffer I/O error on dev nbd4, logical block 2, async page read
[  704.220262][ T5934] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.223311][ T5934] Buffer I/O error on dev nbd4, logical block 3, async page read
[  704.225884][ T5934] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.229819][ T5934] Buffer I/O error on dev nbd4, logical block 0, async page read
[  704.232749][ T5934] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  704.235909][ T5934] Buffer I/O error on dev nbd4, logical block 1, async page read
[  704.238954][ T5934] ldm_validate_partition_table(): Disk read failed.
[  704.242441][ T5934] Dev nbd4: unable to read RDB block 0
[  704.245358][ T5934]  nbd4: unable to read partition table
[  704.250289][ T5934] ldm_validate_partition_table(): Disk read failed.
[  704.252680][ T5934] Dev nbd4: unable to read RDB block 0
[  704.254776][ T5934]  nbd4: unable to read partition table
[  704.486138][T14414] could not allocate digest TFM handle sha224-generic
[  704.945678][T14418] lo speed is unknown, defaulting to 1000
[  705.000688][T14420] 9p: Bad value for 'rfdno'
[  705.022491][T14420] Mount JFS Failure: -22
[  705.026433][T14420] jfs_mount failed w/return code = -22
[  705.329408][ T5947] Bluetooth: hci4: command tx timeout
[  705.753338][T14425] random: crng reseeded on system resumption
[  707.243212][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  707.562831][ T5947] Bluetooth: hci4: command tx timeout
[  708.471697][T14385] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  708.485530][T14385] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  708.492479][T14385] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  708.509018][T14385] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  708.595635][T14385] 8021q: adding VLAN 0 to HW filter on device bond0
[  708.607970][T14385] 8021q: adding VLAN 0 to HW filter on device team0
[  708.618299][T12448] bridge0: port 1(bridge_slave_0) entered blocking state
[  708.621265][T12448] bridge0: port 1(bridge_slave_0) entered forwarding state
[  708.631322][T12444] bridge0: port 2(bridge_slave_1) entered blocking state
[  708.634459][T12444] bridge0: port 2(bridge_slave_1) entered forwarding state
[  708.817319][T14385] 8021q: adding VLAN 0 to HW filter on device batadv0
[  708.850519][T14385] veth0_vlan: entered promiscuous mode
[  708.857317][T14385] veth1_vlan: entered promiscuous mode
[  708.875501][T14385] veth0_macvtap: entered promiscuous mode
[  708.880984][T14385] veth1_macvtap: entered promiscuous mode
[  708.895247][T14385] batman_adv: batadv0: Interface activated: batadv_slave_0
[  708.904391][T14385] batman_adv: batadv0: Interface activated: batadv_slave_1
[  708.912081][T12444] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  708.915230][T12444] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  708.918750][T12444] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  708.922928][T12444] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  708.975240][T12448] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  708.978013][T12448] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  709.008909][T12448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  709.012215][T12448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  709.280711][T14471] lo speed is unknown, defaulting to 1000
[  709.325056][T14471] bpf: Bad value for 'mode'
[  709.381546][T14474] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2293'.
[  709.389157][T14474] bridge0: port 2(bridge_slave_1) entered disabled state
[  709.392608][T14474] bridge0: port 1(bridge_slave_0) entered disabled state
[  709.416692][T14474] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2293'.
[  709.651479][T14479] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  709.769998][T14479] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  709.774991][ T5947] Bluetooth: hci4: command tx timeout
[  709.791980][T14482] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  709.794232][T14482] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  709.797839][T14482] vhci_hcd vhci_hcd.0: Device attached
[  709.805081][T14482] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2295'.
[  709.875721][T14479] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  709.942038][T14479] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.026139][T12448] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  710.047893][T12448] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  710.069862][T12448] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  710.073461][T12448] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  710.179186][   T50] usb 41-1: new high-speed USB device number 21 using vhci_hcd
[  710.194951][T14486] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  710.198127][T14486] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.249712][T14486] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  710.253151][T14486] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.345320][T14486] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  710.349492][T14486] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.388011][T14483] vhci_hcd: connection reset by peer
[  710.390752][   T70] vhci_hcd vhci_hcd.2: stop threads
[  710.392776][   T70] vhci_hcd vhci_hcd.2: release socket
[  710.395259][   T70] vhci_hcd vhci_hcd.2: disconnect device
[  710.414268][T14486] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  710.418794][T14486] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.523239][   T70] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  710.525964][   T70] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  710.532800][ T1174] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  710.535742][ T1174] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  710.544479][ T1174] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  710.547296][ T1174] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  710.556275][   T70] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  710.559797][   T70] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  711.365866][T14497] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  712.385256][T14501] could not allocate digest TFM handle sha224-generic
[  712.812931][T14509] Bluetooth: hci0: unsupported parameter 255
[  712.815665][T14509] Bluetooth: hci0: unsupported parameter 255
[  713.002528][ T6007] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  713.066329][   T24] usb 9-1: new high-speed USB device number 49 using dummy_hcd
[  713.162257][ T6007] usb 7-1: Using ep0 maxpacket: 32
[  713.167888][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  713.171745][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  713.176123][ T6007] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  713.180014][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  713.186496][ T6007] usb 7-1: config 0 descriptor??
[  713.229825][   T24] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  713.232687][   T24] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  713.247299][   T24] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  713.258557][   T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  713.263496][   T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  713.270640][   T24] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  713.273827][   T24] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  713.276560][   T24] usb 9-1: Product: syz
[  713.278282][   T24] usb 9-1: Manufacturer: syz
[  713.286169][T14523] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  713.288291][T14523] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  713.294016][T14523] vhci_hcd vhci_hcd.0: Device attached
[  713.295622][   T24] cdc_wdm 9-1:1.0: skipping garbage
[  713.297899][   T24] cdc_wdm 9-1:1.0: skipping garbage
[  713.301348][T14523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2305'.
[  713.304072][   T24] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  713.306225][   T24] cdc_wdm 9-1:1.0: Unknown control protocol
[  713.557626][ T8238] usb 39-1: new high-speed USB device number 17 using vhci_hcd
[  713.572462][    C3] wdm_int_callback: 327 callbacks suppressed
[  713.572482][    C3] cdc_wdm 9-1:1.0: wdm_int_callback - 6 bytes
[  713.633010][ T6007] savu 0003:1E7D:2D5A.0022: hiddev1,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  713.786863][    C3] wdm_int_callback: 327 callbacks suppressed
[  713.786894][    C3] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  713.787125][ T8156] usb 9-1: USB disconnect, device number 49
[  713.788969][    C3] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  713.788986][    C3] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  713.837635][T14507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2301'.
[  713.841101][T14507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2301'.
[  713.854887][   T70] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 0
[  713.855836][  T841] usb 7-1: USB disconnect, device number 32
[  713.931040][T14524] vhci_hcd: connection reset by peer
[  713.933359][   T70] vhci_hcd vhci_hcd.1: stop threads
[  713.935222][   T70] vhci_hcd vhci_hcd.1: release socket
[  713.937319][   T70] vhci_hcd vhci_hcd.1: disconnect device
[  714.306284][T14532] fuse: Bad value for 'fd'
[  714.605345][T14536] netlink: 'syz.1.2310': attribute type 1 has an invalid length.
[  714.834677][T14539] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  714.838932][T14539] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.898707][T14539] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  714.902027][T14539] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.962376][T14539] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  714.965599][T14539] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.025284][T14539] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  715.028613][T14539] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.673608][   T50] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  716.026085][ T5947] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  716.528493][T14553] could not allocate digest TFM handle sha224-generic
[  717.929775][   T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  717.933232][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  717.937344][T14565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2316'.
[  717.942821][T14565] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2316'.
[  717.945811][T14565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2316'.
[  717.948932][T14565] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2316'.
[  717.952036][   T12] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  717.954633][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  717.958881][   T12] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  717.967783][T14565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2316'.
[  717.971383][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  717.974812][   T12] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  717.983578][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  718.004399][T14565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2316'.
[  718.023998][T14565] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2316'.
[  718.058110][T14565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2316'.
[  718.078306][ T5994] usb 9-1: new high-speed USB device number 50 using dummy_hcd
[  718.116084][T14565] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2316'.
[  718.120112][T14565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2316'.
[  718.251575][ T5994] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  718.251654][T14574] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  718.258342][T14574] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  718.262159][ T5994] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  718.262373][T14574] vhci_hcd vhci_hcd.0: Device attached
[  718.273023][ T5994] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  718.293525][ T5994] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  718.299131][ T5994] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  718.306241][ T5994] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  718.309613][ T5994] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  718.312126][ T5994] usb 9-1: Product: syz
[  718.313488][ T5994] usb 9-1: Manufacturer: syz
[  718.324873][ T5994] cdc_wdm 9-1:1.0: skipping garbage
[  718.326851][ T5994] cdc_wdm 9-1:1.0: skipping garbage
[  718.330170][ T5994] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  718.332037][ T5994] cdc_wdm 9-1:1.0: Unknown control protocol
[  718.558753][ T8156] usb 41-1: new high-speed USB device number 22 using vhci_hcd
[  718.662126][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 6 bytes
[  718.674107][T14581] could not allocate digest TFM handle sha224-generic
[  718.876742][   T24] usb 9-1: USB disconnect, device number 50
[  718.878922][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  718.881651][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  718.883626][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  719.171280][T14575] vhci_hcd: connection reset by peer
[  719.173602][T12448] vhci_hcd vhci_hcd.2: stop threads
[  719.175429][T12448] vhci_hcd vhci_hcd.2: release socket
[  719.186284][T12448] vhci_hcd vhci_hcd.2: disconnect device
[  719.253378][ T8238] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  719.488457][   T34] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[  719.667766][   T34] usb 6-1: Using ep0 maxpacket: 32
[  719.679911][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  719.683553][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  719.686730][   T34] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  719.689801][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  719.696705][   T34] usb 6-1: config 0 descriptor??
[  719.871244][T14596] could not allocate digest TFM handle sha224-generic
[  720.137584][   T34] savu 0003:1E7D:2D5A.0023: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[  720.404689][   T70] Bluetooth: hci1: Frame reassembly failed (-84)
[  720.411153][   T12] Bluetooth: hci1: Frame reassembly failed (-84)
[  720.415796][ T6027] usb 6-1: USB disconnect, device number 60
[  722.609049][ T5945] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  722.803032][T14618] sctp: [Deprecated]: syz.1.2331 (pid 14618) Use of int in maxseg socket option.
[  722.803032][T14618] Use struct sctp_assoc_value instead
[  723.266443][ T5947] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  723.274941][ T5947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  723.280152][ T5947] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  723.287285][ T5947] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  723.297685][ T5947] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  723.313986][  T841] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  723.486634][  T841] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  723.490486][  T841] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  723.495485][  T841] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  723.499342][  T841] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  723.503966][  T841] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  723.511506][  T841] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  723.515467][  T841] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  723.519247][  T841] usb 5-1: Product: syz
[  723.521459][  T841] usb 5-1: Manufacturer: syz
[  723.539815][  T841] cdc_wdm 5-1:1.0: skipping garbage
[  723.542139][  T841] cdc_wdm 5-1:1.0: skipping garbage
[  723.547038][  T841] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  723.550424][  T841] cdc_wdm 5-1:1.0: Unknown control protocol
[  723.740747][T14622] lo speed is unknown, defaulting to 1000
[  723.822505][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 6 bytes
[  724.029735][T14622] chnl_net:caif_netlink_parms(): no params data found
[  724.040814][ T8156] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  724.044382][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  724.046758][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  724.048948][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  724.049249][ T8238] usb 5-1: USB disconnect, device number 46
[  724.051080][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  724.051094][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  724.212358][T14632] could not allocate digest TFM handle sha224-generic
[  724.584455][T14622] bridge0: port 1(bridge_slave_0) entered blocking state
[  724.588172][T14622] bridge0: port 1(bridge_slave_0) entered disabled state
[  724.591420][T14622] bridge_slave_0: entered allmulticast mode
[  724.595340][T14622] bridge_slave_0: entered promiscuous mode
[  724.603610][T14622] bridge0: port 2(bridge_slave_1) entered blocking state
[  724.606669][T14622] bridge0: port 2(bridge_slave_1) entered disabled state
[  724.610346][T14622] bridge_slave_1: entered allmulticast mode
[  724.614621][T14622] bridge_slave_1: entered promiscuous mode
[  724.645899][T14622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  724.652168][T14622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  724.668971][T14622] team0: Port device team_slave_0 added
[  724.672541][T14622] team0: Port device team_slave_1 added
[  724.689114][T14622] batman_adv: batadv0: Adding interface: batadv_slave_0
[  724.691713][T14622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  724.701398][T14622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  724.714313][T14622] batman_adv: batadv0: Adding interface: batadv_slave_1
[  724.716847][T14622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  724.728454][T14622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  724.774419][T14622] hsr_slave_0: entered promiscuous mode
[  724.778568][T14622] hsr_slave_1: entered promiscuous mode
[  724.781998][T14622] debugfs: 'hsr0' already exists in 'hsr'
[  724.784821][T14622] Cannot create hsr debugfs directory
[  724.897519][T14622] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  724.903179][T14622] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  724.968833][T14622] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  724.972132][T14622] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.078681][T14622] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  725.082852][T14622] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.134550][T14644] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  725.136735][T14644] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  725.139964][T14644] vhci_hcd vhci_hcd.0: Device attached
[  725.144479][T14644] __nla_validate_parse: 8 callbacks suppressed
[  725.144500][T14644] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2334'.
[  725.171474][T14622] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  725.174970][T14622] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.218462][T14648] FAULT_INJECTION: forcing a failure.
[  725.218462][T14648] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  725.225509][T14648] CPU: 2 UID: 0 PID: 14648 Comm: syz.2.2337 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  725.225545][T14648] Tainted: [L]=SOFTLOCKUP
[  725.225552][T14648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  725.225564][T14648] Call Trace:
[  725.225571][T14648]  <TASK>
[  725.225580][T14648]  dump_stack_lvl+0x100/0x190
[  725.225620][T14648]  should_fail_ex.cold+0x5/0xa
[  725.225667][T14648]  _copy_from_user+0x2e/0xd0
[  725.225695][T14648]  memdup_user+0x6b/0xe0
[  725.225719][T14648]  __do_sys_io_uring_register.cold+0x2d/0xd3e
[  725.225806][T14648]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  725.225831][T14648]  ? __pfx___do_sys_io_uring_register+0x10/0x10
[  725.225853][T14648]  ? __fget_files+0x21f/0x3d0
[  725.225880][T14648]  ? fput+0x79/0x100
[  725.225906][T14648]  ? ksys_write+0x1ac/0x250
[  725.225926][T14648]  ? __pfx_ksys_write+0x10/0x10
[  725.225949][T14648]  __do_fast_syscall_32+0xe3/0x8c0
[  725.225975][T14648]  do_fast_syscall_32+0x32/0x70
[  725.225998][T14648]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  725.226020][T14648] RIP: 0023:0xf7f26f6c
[  725.226038][T14648] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  725.226055][T14648] RSP: 002b:00000000f53e650c EFLAGS: 00000292 ORIG_RAX: 00000000000001ab
[  725.226076][T14648] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000008
[  725.226087][T14648] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[  725.226100][T14648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  725.226111][T14648] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  725.226123][T14648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  725.226147][T14648]  </TASK>
[  725.515790][ T5947] Bluetooth: hci1: command tx timeout
[  725.579218][T14649] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  726.241299][ T8156] usb 45-1: new high-speed USB device number 16 using vhci_hcd
[  726.247655][T14645] vhci_hcd: connection reset by peer
[  726.258330][   T12] vhci_hcd vhci_hcd.4: stop threads
[  726.260644][   T12] vhci_hcd vhci_hcd.4: release socket
[  726.264757][   T12] vhci_hcd vhci_hcd.4: disconnect device
[  726.352680][T14652] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.471611][T14652] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.556790][T14652] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.629954][T14652] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.742037][T12444] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  726.757549][T12444] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  726.765600][T12444] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  726.776585][   T53] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  727.738457][ T5947] Bluetooth: hci1: command tx timeout
[  727.769867][T14622] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  727.785233][T14622] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  727.794665][T14622] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  727.801045][T14622] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  727.859835][T14622] 8021q: adding VLAN 0 to HW filter on device bond0
[  727.869302][T14622] 8021q: adding VLAN 0 to HW filter on device team0
[  727.881834][T12444] bridge0: port 1(bridge_slave_0) entered blocking state
[  727.884944][T12444] bridge0: port 1(bridge_slave_0) entered forwarding state
[  727.911343][T12444] bridge0: port 2(bridge_slave_1) entered blocking state
[  727.913993][T12444] bridge0: port 2(bridge_slave_1) entered forwarding state
[  727.933953][T14622] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  728.046891][T14622] 8021q: adding VLAN 0 to HW filter on device batadv0
[  728.078197][T14622] veth0_vlan: entered promiscuous mode
[  728.090169][T14622] veth1_vlan: entered promiscuous mode
[  728.097622][   T40] audit: type=1326 audit(1775727977.287:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.186952][   T40] audit: type=1326 audit(1775727977.296:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.194742][   T40] audit: type=1326 audit(1775727977.296:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.203204][   T40] audit: type=1326 audit(1775727977.296:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.210204][   T40] audit: type=1326 audit(1775727977.296:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.217593][   T40] audit: type=1326 audit(1775727977.305:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.226279][T14622] veth0_macvtap: entered promiscuous mode
[  728.226637][   T40] audit: type=1326 audit(1775727977.305:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.236968][   T40] audit: type=1326 audit(1775727977.315:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.245076][   T40] audit: type=1326 audit(1775727977.324:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.247363][T14622] veth1_macvtap: entered promiscuous mode
[  728.254411][   T40] audit: type=1326 audit(1775727977.324:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.4.2341" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf6fcef6c code=0x7ffc0000
[  728.271853][T14622] batman_adv: batadv0: Interface activated: batadv_slave_0
[  728.281008][T14622] batman_adv: batadv0: Interface activated: batadv_slave_1
[  728.297069][   T53] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  728.303530][   T53] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  728.310409][   T53] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  728.313477][   T53] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  728.359549][ T1174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  728.363071][ T1174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  728.404018][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  728.407806][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  728.441010][T14678] KVM: debugfs: duplicate directory 14678-7
[  728.659541][T14683] lo speed is unknown, defaulting to 1000
[  728.913547][  T841] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  729.084609][  T841] usb 5-1: Using ep0 maxpacket: 16
[  729.115346][  T841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  729.146083][  T841] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  729.158312][  T841] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.164544][  T841] usb 5-1: Product: syz
[  729.166155][  T841] usb 5-1: Manufacturer: syz
[  729.167784][  T841] usb 5-1: SerialNumber: syz
[  729.183317][  T841] usb 5-1: config 0 descriptor??
[  729.217182][  T841] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  729.224022][ T6014] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  729.239437][  T841] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  729.424207][ T6014] usb 7-1: Using ep0 maxpacket: 8
[  729.517165][ T6014] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  729.545921][ T6014] usb 7-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  729.580263][ T6014] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  729.584683][ T6014] usb 7-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  729.597395][T14693] could not allocate digest TFM handle sha224-generic
[  729.601475][ T6014] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  729.606085][ T6014] usb 7-1: config 168 has 0 interfaces, different from the descriptor's value: 1
[  729.665710][ T6014] usb 7-1: string descriptor 0 read error: -22
[  729.670631][ T6014] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  729.675167][ T6014] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.683596][ T6014] usb 7-1: rejected 3 configurations due to insufficient available bus power
[  729.686821][ T6014] usb 7-1: no configuration chosen from 3 choices
[  729.925711][  T841] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  729.971399][ T5947] Bluetooth: hci1: command tx timeout
[  730.434955][  T841] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  730.437797][  T841] em28xx 5-1:0.0: board has no eeprom
[  730.505841][  T841] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  730.508218][  T841] em28xx 5-1:0.0: dvb set to bulk mode.
[  730.510329][ T6014] em28xx 5-1:0.0: Binding DVB extension
[  730.518825][  T841] usb 5-1: USB disconnect, device number 47
[  730.530803][  T841] em28xx 5-1:0.0: Disconnecting em28xx
[  730.534166][ T6014] em28xx 5-1:0.0: Registering input extension
[  730.536117][  T841] em28xx 5-1:0.0: Closing input extension
[  730.544462][  T841] em28xx 5-1:0.0: Freeing device
[  731.357267][T14720] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  731.428848][T14720] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  731.476884][T14720] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  731.568996][T14720] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  731.702648][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  731.706371][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  731.715241][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  731.728982][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  731.734778][ T8156] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  732.165582][   T24] usb 7-1: USB disconnect, device number 33
[  732.172754][ T5947] Bluetooth: hci1: command tx timeout
[  732.356371][T14728] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2356'.
[  732.649903][T14732] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2357'.
[  732.675352][T14736] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  732.858008][   T70] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  732.862552][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  733.088807][ T8156] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[  733.252095][ T8156] usb 6-1: Using ep0 maxpacket: 16
[  733.267558][ T8156] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  733.275957][ T8156] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  733.280391][ T8156] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.288102][ T8156] usb 6-1: Product: syz
[  733.291329][ T8156] usb 6-1: Manufacturer: syz
[  733.296750][ T8156] usb 6-1: SerialNumber: syz
[  733.302092][ T8156] usb 6-1: config 0 descriptor??
[  733.308488][ T8156] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  733.312895][ T8156] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  733.391462][T14750] netlink: 'syz.2.2364': attribute type 8 has an invalid length.
[  733.515718][T14752] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2365'.
[  733.952802][ T8156] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  733.987383][T14766] vlan2: entered allmulticast mode
[  733.989991][T14766] bond0: entered allmulticast mode
[  733.992230][T14766] bond_slave_0: entered allmulticast mode
[  733.995044][T14766] bond_slave_1: entered allmulticast mode
[  734.002864][T14766] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2370'.
[  734.020028][T14766] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  734.024546][T14766] bond_slave_0: left allmulticast mode
[  734.030364][T14766] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  734.036799][T14766] bond_slave_1: left allmulticast mode
[  734.040510][T14766] bond0 (unregistering): Released all slaves
[  734.392363][ T8156] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  734.396346][ T8156] em28xx 6-1:0.0: board has no eeprom
[  734.459848][ T8156] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  734.463090][ T8156] em28xx 6-1:0.0: dvb set to bulk mode.
[  734.466413][ T6207] em28xx 6-1:0.0: Binding DVB extension
[  734.474498][T14775] fuse: Bad value for 'user_id'
[  734.475159][ T8156] usb 6-1: USB disconnect, device number 61
[  734.476244][T14775] fuse: Bad value for 'user_id'
[  734.488094][ T8156] em28xx 6-1:0.0: Disconnecting em28xx
[  734.505120][ T6207] em28xx 6-1:0.0: Registering input extension
[  734.507683][ T8156] em28xx 6-1:0.0: Closing input extension
[  734.520473][ T8156] em28xx 6-1:0.0: Freeing device
[  735.261158][T14791] 9p: Unknown Cache mode or invalid value fscac
[  735.606553][T14802] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  735.701400][T14802] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  735.713658][T14807] binder: 14799:14807 ioctl c0046209 0 returned -22
[  735.769141][T14802] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  735.875315][T14802] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  735.970596][T12448] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  735.973467][T12448] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  735.984903][T12448] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  735.993232][T12448] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  736.054850][ T3247] kernel read not supported for file /dsp1 (pid: 3247 comm: kworker/2:2)
[  736.334022][T14818] could not allocate digest TFM handle sha224-generic
[  736.409240][T14823] FAULT_INJECTION: forcing a failure.
[  736.409240][T14823] name failslab, interval 1, probability 0, space 0, times 0
[  736.413583][T14823] CPU: 2 UID: 0 PID: 14823 Comm: syz.4.2388 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.413621][T14823] Tainted: [L]=SOFTLOCKUP
[  736.413625][T14823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  736.413633][T14823] Call Trace:
[  736.413640][T14823]  <TASK>
[  736.413647][T14823]  dump_stack_lvl+0x100/0x190
[  736.413673][T14823]  should_fail_ex.cold+0x5/0xa
[  736.413689][T14823]  should_failslab+0xc2/0x120
[  736.413705][T14823]  __kvmalloc_node_noprof+0xfa/0xa00
[  736.413716][T14823]  ? bucket_table_alloc.isra.0+0x88/0x460
[  736.413734][T14823]  bucket_table_alloc.isra.0+0x88/0x460
[  736.413749][T14823]  rhashtable_init_noprof+0x43b/0x7d0
[  736.413764][T14823]  rhltable_init_noprof+0x20/0x60
[  736.413778][T14823]  nf_tables_newtable+0xf1b/0x19f0
[  736.413798][T14823]  ? __pfx_nf_tables_newtable+0x10/0x10
[  736.413816][T14823]  ? __nla_parse+0x40/0x60
[  736.413829][T14823]  nfnetlink_rcv_batch+0x1418/0x2880
[  736.413854][T14823]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  736.413893][T14823]  ? __nla_parse+0x40/0x60
[  736.413905][T14823]  nfnetlink_rcv+0x3bd/0x440
[  736.413921][T14823]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  736.413941][T14823]  netlink_unicast+0x5aa/0x870
[  736.413957][T14823]  ? __pfx_netlink_unicast+0x10/0x10
[  736.413975][T14823]  netlink_sendmsg+0x8b0/0xda0
[  736.413990][T14823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  736.414005][T14823]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  736.414020][T14823]  ____sys_sendmsg+0x9e1/0xb70
[  736.414034][T14823]  ? __pfx_netlink_sendmsg+0x10/0x10
[  736.414048][T14823]  ? __pfx_____sys_sendmsg+0x10/0x10
[  736.414068][T14823]  ___sys_sendmsg+0x190/0x1e0
[  736.414085][T14823]  ? __pfx____sys_sendmsg+0x10/0x10
[  736.414116][T14823]  __sys_sendmsg+0x170/0x220
[  736.414128][T14823]  ? __pfx___sys_sendmsg+0x10/0x10
[  736.414144][T14823]  ? __pfx_ksys_write+0x10/0x10
[  736.414159][T14823]  __do_fast_syscall_32+0xe3/0x8c0
[  736.414176][T14823]  do_fast_syscall_32+0x32/0x70
[  736.414189][T14823]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  736.414204][T14823] RIP: 0023:0xf6fcef6c
[  736.414220][T14823] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  736.414231][T14823] RSP: 002b:00000000f53bd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  736.414243][T14823] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  736.414336][T14823] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  736.414343][T14823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  736.414349][T14823] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  736.414356][T14823] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.414370][T14823]  </TASK>
[  736.414519][T14823] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2388'.
[  736.753972][T14825] fuse: Bad value for 'group_id'
[  736.755981][T14825] fuse: Bad value for 'group_id'
[  736.783541][T14825] FAULT_INJECTION: forcing a failure.
[  736.783541][T14825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  736.788452][T14825] CPU: 3 UID: 0 PID: 14825 Comm: syz.4.2389 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.788482][T14825] Tainted: [L]=SOFTLOCKUP
[  736.788488][T14825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  736.788499][T14825] Call Trace:
[  736.788508][T14825]  <TASK>
[  736.788520][T14825]  dump_stack_lvl+0x100/0x190
[  736.788553][T14825]  should_fail_ex.cold+0x5/0xa
[  736.788569][T14825]  _copy_to_user+0x32/0xd0
[  736.788588][T14825]  simple_read_from_buffer+0xcb/0x170
[  736.788610][T14825]  proc_fail_nth_read+0x1af/0x230
[  736.788630][T14825]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  736.788655][T14825]  ? rw_verify_area+0xce/0x6d0
[  736.788683][T14825]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  736.788707][T14825]  vfs_read+0x1e4/0xb30
[  736.788731][T14825]  ? __pfx_vfs_read+0x10/0x10
[  736.788747][T14825]  ? find_held_lock+0x2b/0x80
[  736.788769][T14825]  ? __fget_files+0x215/0x3d0
[  736.788788][T14825]  ? __fget_files+0x21f/0x3d0
[  736.788804][T14825]  ksys_read+0x12a/0x250
[  736.788816][T14825]  ? __pfx_ksys_read+0x10/0x10
[  736.788847][T14825]  do_int80_emulation+0x141/0x6b0
[  736.788867][T14825]  asm_int80_emulation+0x1a/0x20
[  736.788879][T14825] RIP: 0023:0xf7105cab
[  736.788891][T14825] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  736.788903][T14825] RSP: 002b:00000000f53bd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  736.788916][T14825] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f53bd5d0
[  736.788923][T14825] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  736.788930][T14825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  736.788940][T14825] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  736.788950][T14825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.788975][T14825]  </TASK>
[  737.560775][T14850] could not allocate digest TFM handle sha224-generic
[  738.381434][T14855] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  738.384334][T14855] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  738.388181][T14855] vhci_hcd vhci_hcd.0: Device attached
[  738.613253][T14856] vhci_hcd: connection closed
[  738.613548][   T53] vhci_hcd vhci_hcd.4: stop threads
[  738.617344][   T53] vhci_hcd vhci_hcd.4: release socket
[  738.619287][   T53] vhci_hcd vhci_hcd.4: disconnect device
[  738.876044][T14868] No buffer was provided with the request
[  739.029033][T14874] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  739.405434][T14884] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2407'.
[  739.460663][ T6207] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[  739.655498][ T6207] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  739.659576][ T6207] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  739.664039][ T6207] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  739.669005][ T6207] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  739.673346][ T6207] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  739.681301][ T6207] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  739.685729][ T6207] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  739.689810][ T6207] usb 6-1: Product: syz
[  739.691643][ T6207] usb 6-1: Manufacturer: syz
[  739.701657][ T6207] cdc_wdm 6-1:1.0: skipping garbage
[  739.704236][ T6207] cdc_wdm 6-1:1.0: skipping garbage
[  739.717878][ T6207] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  739.720179][ T6207] cdc_wdm 6-1:1.0: Unknown control protocol
[  739.971394][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 7 bytes
[  740.169996][T14903] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2414'.
[  740.173672][T14903] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2414'.
[  740.186134][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  740.186550][  T841] usb 6-1: USB disconnect, device number 62
[  740.188897][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  740.188912][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  741.016185][T14915] FAULT_INJECTION: forcing a failure.
[  741.016185][T14915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  741.020589][T14915] CPU: 3 UID: 0 PID: 14915 Comm: syz.1.2418 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  741.020610][T14915] Tainted: [L]=SOFTLOCKUP
[  741.020614][T14915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  741.020621][T14915] Call Trace:
[  741.020626][T14915]  <TASK>
[  741.020632][T14915]  dump_stack_lvl+0x100/0x190
[  741.020670][T14915]  should_fail_ex.cold+0x5/0xa
[  741.020685][T14915]  _copy_from_iter+0x1f4/0x1690
[  741.020704][T14915]  ? alloc_pages_mpol+0x25a/0x550
[  741.020720][T14915]  ? __pfx__copy_from_iter+0x10/0x10
[  741.020734][T14915]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  741.020753][T14915]  copy_page_from_iter+0xde/0x180
[  741.020770][T14915]  tun_build_skb.constprop.0+0x2ea/0x15d0
[  741.020792][T14915]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  741.020806][T14915]  ? unwind_get_return_address+0x59/0xa0
[  741.020820][T14915]  ? arch_stack_walk+0xa6/0xf0
[  741.020835][T14915]  ? __lock_acquire+0x4a5/0x2630
[  741.020860][T14915]  tun_get_user+0x16d0/0x3e10
[  741.020880][T14915]  ? __pfx_tun_get_user+0x10/0x10
[  741.020895][T14915]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  741.020916][T14915]  ? find_held_lock+0x2b/0x80
[  741.020927][T14915]  ? tun_get+0x191/0x370
[  741.020938][T14915]  ? tun_get+0x191/0x370
[  741.020954][T14915]  tun_chr_write_iter+0xdc/0x200
[  741.020969][T14915]  vfs_write+0x6ac/0x1070
[  741.020981][T14915]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  741.020996][T14915]  ? __pfx_vfs_write+0x10/0x10
[  741.021006][T14915]  ? find_held_lock+0x2b/0x80
[  741.021026][T14915]  ksys_write+0x12a/0x250
[  741.021037][T14915]  ? __pfx_ksys_write+0x10/0x10
[  741.021052][T14915]  do_int80_emulation+0x141/0x6b0
[  741.021068][T14915]  asm_int80_emulation+0x1a/0x20
[  741.021080][T14915] RIP: 0023:0xf7115cab
[  741.021090][T14915] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  741.021102][T14915] RSP: 002b:00000000f53cd44c EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  741.021114][T14915] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000800000c0
[  741.021121][T14915] RDX: 000000000000003e RSI: 0000000000000000 RDI: 0000000000000000
[  741.021127][T14915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  741.021134][T14915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  741.021140][T14915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  741.021154][T14915]  </TASK>
[  742.335140][ T6207] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  742.388566][ T3247] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  742.507222][ T6207] usb 7-1: Using ep0 maxpacket: 32
[  742.514782][ T6207] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  742.518730][ T6207] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  742.522291][ T6207] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  742.525578][ T6207] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.538645][ T6207] usb 7-1: config 0 descriptor??
[  742.552524][ T3247] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  742.555617][ T3247] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  742.559210][ T3247] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  742.562434][ T3247] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  742.566057][ T3247] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  742.573464][ T3247] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  742.576340][ T3247] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  742.578886][ T3247] usb 5-1: Product: syz
[  742.580254][ T3247] usb 5-1: Manufacturer: syz
[  742.589140][ T3247] cdc_wdm 5-1:1.0: skipping garbage
[  742.591323][ T3247] cdc_wdm 5-1:1.0: skipping garbage
[  742.595353][ T3247] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  742.597293][ T3247] cdc_wdm 5-1:1.0: Unknown control protocol
[  742.994988][ T6207] savu 0003:1E7D:2D5A.0024: hiddev1,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  743.073836][    C3] cdc_wdm 5-1:1.0: Unexpected error -71
[  743.074319][  T841] usb 5-1: USB disconnect, device number 48
[  743.075696][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  743.080316][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  743.082292][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  743.196280][T14927] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2423'.
[  743.199251][T14927] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2423'.
[  743.209297][   T34] usb 7-1: USB disconnect, device number 34
[  743.211437][   T70] Bluetooth: hci3: received HCILL_GO_TO_SLEEP_ACK in state 1
[  744.628418][T14970] can: request_module (can-proto-0) failed.
[  745.434118][ T5947] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  745.434226][ T5945] Bluetooth: hci3: command 0x1003 tx timeout
[  746.274086][T14991] 9p: Unknown Cache mode or invalid value fscac
[  747.446272][T15005] binder: 15000:15005 ioctl c0046209 0 returned -22
[  747.769824][T15010] syzkaller1: entered promiscuous mode
[  747.771809][T15010] syzkaller1: entered allmulticast mode
[  748.268130][T15021] could not allocate digest TFM handle sha224-generic
[  748.804068][T15027] binder: 15026:15027 ioctl c0046209 0 returned -22
[  749.304743][ T5945] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  749.310829][ T5945] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  749.315098][ T5945] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  749.319546][ T5945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  749.323043][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  749.363605][T15035] lo speed is unknown, defaulting to 1000
[  749.398603][ T3247] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  749.487360][T15035] chnl_net:caif_netlink_parms(): no params data found
[  749.574493][T15035] bridge0: port 1(bridge_slave_0) entered blocking state
[  749.577010][T15035] bridge0: port 1(bridge_slave_0) entered disabled state
[  749.580363][T15035] bridge_slave_0: entered allmulticast mode
[  749.584550][T15035] bridge_slave_0: entered promiscuous mode
[  749.589967][T15035] bridge0: port 2(bridge_slave_1) entered blocking state
[  749.593751][T15035] bridge0: port 2(bridge_slave_1) entered disabled state
[  749.596961][T15035] bridge_slave_1: entered allmulticast mode
[  749.601655][ T3247] usb 7-1: Using ep0 maxpacket: 8
[  749.604643][ T3247] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  749.608083][ T3247] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  749.611009][ T3247] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.612636][T15035] bridge_slave_1: entered promiscuous mode
[  749.623299][ T3247] usb 7-1: config 0 descriptor??
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x1b0000)
[  749.651585][T15035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  749.668228][T15035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  749.689815][T15035] team0: Port device team_slave_0 added
[  749.693199][T15035] team0: Port device team_slave_1 added
[  749.720473][ T1111] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  749.721778][T15035] batman_adv: batadv0: Adding interface: batadv_slave_0
[  749.722562][ T1111] ata1: failed to read log page 10h (errno=-5)
[  749.722582][ T1111] ata1.00: exception Emask 0x1 SAct 0x18000000 SErr 0x0 action 0x0
[  749.724730][T15035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  749.726735][ T1111] ata1.00: irq_stat 0x41000000
[  749.730333][T15035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  749.740761][ T1111] ata1.00: failed command: READ FPDMA QUEUED
[  749.746005][T15035] batman_adv: batadv0: Adding interface: batadv_slave_1
[  749.748557][T15035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  749.752196][ T1111] ata1.00: cmd 60/80:d8:ee:32:01/0d:00:00:00:00/40 tag 27 ncq dma 1769472 in
[  749.752196][ T1111]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  749.757229][T15035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  749.764861][ T1111] ata1.00: status: { DRDY }
[  749.768014][ T1111] ata1.00: failed command: READ FPDMA QUEUED
[  749.770142][ T1111] ata1.00: cmd 60/80:e0:ee:40:01/02:00:00:00:00/40 tag 28 ncq dma 327680 in
[  749.770142][ T1111]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  749.783370][ T1111] ata1.00: status: { DRDY }
[  749.847123][ T3247] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  749.855327][T15035] hsr_slave_0: entered promiscuous mode
[  749.857656][T15035] hsr_slave_1: entered promiscuous mode
[  749.861787][T15035] debugfs: 'hsr0' already exists in 'hsr'
[  749.863653][T15035] Cannot create hsr debugfs directory
[  749.868640][T15053] macvtap0: entered promiscuous mode
[  749.874555][ T1111] ata1.00: configured for UDMA/100
[  749.876558][ T1111] sd 0:0:0:0: [sda] tag#27 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  749.880647][T15053] macvtap0: left promiscuous mode
[  749.883782][ T1111] sd 0:0:0:0: [sda] tag#27 Sense Key : Aborted Command [current] 
[  749.886320][ T1111] sd 0:0:0:0: [sda] tag#27 Add. Sense: No additional sense information
[  749.888924][ T1111] sd 0:0:0:0: [sda] tag#27 CDB: Read(10) 28 00 00 01 32 ee 00 0d 80 00
[  749.892173][ T1111] blk_print_req_error: 138 callbacks suppressed
[  749.892186][ T1111] I/O error, dev sda, sector 78574 op 0x0:(READ) flags 0x80700 phys_seg 55 prio class 2
[  749.897751][ T1111] sd 0:0:0:0: [sda] tag#28 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  749.901004][ T1111] sd 0:0:0:0: [sda] tag#28 Sense Key : Aborted Command [current] 
[  749.903585][ T1111] sd 0:0:0:0: [sda] tag#28 Add. Sense: No additional sense information
[  749.906223][ T1111] sd 0:0:0:0: [sda] tag#28 CDB: Read(10) 28 00 00 01 40 ee 00 02 80 00
[  749.908989][ T1111] I/O error, dev sda, sector 82158 op 0x0:(READ) flags 0x80700 phys_seg 11 prio class 2
[  749.912385][ T1111] ata1: EH complete
[  749.983675][T15035] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  750.064050][T15035] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  750.154372][T15035] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  750.226374][T15035] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  750.361511][T15035] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  750.366287][T15035] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  750.370138][ T3247] usb 7-1: USB disconnect, device number 35
[  750.373041][T15035] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  750.377682][T15035] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  750.403860][T15035] bridge0: port 2(bridge_slave_1) entered blocking state
[  750.406210][T15035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  750.408683][T15035] bridge0: port 1(bridge_slave_0) entered blocking state
[  750.410991][T15035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  750.444439][T15035] 8021q: adding VLAN 0 to HW filter on device bond0
[  750.453791][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  750.458125][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  750.466269][T15035] 8021q: adding VLAN 0 to HW filter on device team0
[  750.473302][T12444] bridge0: port 1(bridge_slave_0) entered blocking state
[  750.475673][T12444] bridge0: port 1(bridge_slave_0) entered forwarding state
[  750.485114][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  750.487476][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  750.596730][T15035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  750.620191][T15035] veth0_vlan: entered promiscuous mode
[  750.625413][T15035] veth1_vlan: entered promiscuous mode
[  750.644282][T15035] veth0_macvtap: entered promiscuous mode
[  750.648402][T15035] veth1_macvtap: entered promiscuous mode
[  750.657131][T15035] batman_adv: batadv0: Interface activated: batadv_slave_0
[  750.664923][T15035] batman_adv: batadv0: Interface activated: batadv_slave_1
[  750.670748][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  750.673977][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  750.676705][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  750.680009][T12448] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  750.726812][T12448] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  750.729738][T12448] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  750.750370][   T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  750.754141][   T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  750.945400][T15077] could not allocate digest TFM handle sha224-generic
[  751.182313][T15083] binder: 15082:15083 ioctl c0046209 0 returned -22
[  751.504281][ T5947] Bluetooth: hci3: command tx timeout
[  751.892050][T15100] could not allocate digest TFM handle sha224-generic
[  752.936079][T15112] netlink: 'syz.2.2467': attribute type 1 has an invalid length.
[  752.942770][T15112] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2467'.
[  753.520504][T15119] binder: 15118:15119 ioctl c0046209 0 returned -22
[  753.576169][T15124] FAULT_INJECTION: forcing a failure.
[  753.576169][T15124] name failslab, interval 1, probability 0, space 0, times 0
[  753.587530][T15124] CPU: 2 UID: 0 PID: 15124 Comm: syz.1.2471 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  753.587553][T15124] Tainted: [L]=SOFTLOCKUP
[  753.587557][T15124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  753.587565][T15124] Call Trace:
[  753.587571][T15124]  <TASK>
[  753.587576][T15124]  dump_stack_lvl+0x100/0x190
[  753.587601][T15124]  should_fail_ex.cold+0x5/0xa
[  753.587617][T15124]  should_failslab+0xc2/0x120
[  753.587632][T15124]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  753.587650][T15124]  ? skb_clone+0x190/0x400
[  753.587665][T15124]  skb_clone+0x190/0x400
[  753.587676][T15124]  netlink_deliver_tap+0xaed/0xcc0
[  753.587692][T15124]  netlink_unicast+0x70c/0x870
[  753.587707][T15124]  ? __pfx_netlink_unicast+0x10/0x10
[  753.587719][T15124]  ? __alloc_skb+0x5b7/0x710
[  753.587737][T15124]  ? genl_rcv_msg+0x4be/0x800
[  753.587754][T15124]  netlink_ack+0x655/0xb80
[  753.587771][T15124]  netlink_rcv_skb+0x333/0x420
[  753.587783][T15124]  ? __pfx_genl_rcv_msg+0x10/0x10
[  753.587798][T15124]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  753.587816][T15124]  ? netlink_deliver_tap+0x1ae/0xcc0
[  753.587829][T15124]  genl_rcv+0x28/0x40
[  753.587842][T15124]  netlink_unicast+0x5aa/0x870
[  753.587856][T15124]  ? __pfx_netlink_unicast+0x10/0x10
[  753.587873][T15124]  netlink_sendmsg+0x8b0/0xda0
[  753.587889][T15124]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.587903][T15124]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  753.587919][T15124]  ____sys_sendmsg+0x9e1/0xb70
[  753.587932][T15124]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.587946][T15124]  ? __pfx_____sys_sendmsg+0x10/0x10
[  753.587972][T15124]  ___sys_sendmsg+0x190/0x1e0
[  753.587994][T15124]  ? __pfx____sys_sendmsg+0x10/0x10
[  753.588038][T15124]  __sys_sendmsg+0x170/0x220
[  753.588053][T15124]  ? __pfx___sys_sendmsg+0x10/0x10
[  753.588069][T15124]  ? __pfx_ksys_write+0x10/0x10
[  753.588084][T15124]  __do_fast_syscall_32+0xe3/0x8c0
[  753.588100][T15124]  do_fast_syscall_32+0x32/0x70
[  753.588118][T15124]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  753.588134][T15124] RIP: 0023:0xf6fdef6c
[  753.588144][T15124] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  753.588155][T15124] RSP: 002b:00000000f53cd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  753.588167][T15124] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  753.588174][T15124] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  753.588181][T15124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  753.588187][T15124] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  753.588194][T15124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  753.588208][T15124]  </TASK>
[  753.716889][ T5947] Bluetooth: hci3: command tx timeout
[  753.988630][T15148] could not allocate digest TFM handle sha224-generic
[  754.112913][T15153] could not allocate digest TFM handle sha224-generic
[  755.308712][T15160] kernel read not supported for file /file1 (pid: 15160 comm: syz.2.2476)
[  755.314488][   T40] kauditd_printk_skb: 3102 callbacks suppressed
[  755.314505][   T40] audit: type=1800 audit(1775728002.759:4602): pid=15160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2476" name="file1" dev="mqueue" ino=77517 res=0 errno=0
[  755.325853][T15160] program syz.2.2476 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  755.338064][ T5947] Bluetooth: hci4: unexpected event 0x09 length: 7 > 3
[  755.647329][T15167] binder: 15166:15167 ioctl c0046209 0 returned -22
[  755.735631][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  755.943464][ T5947] Bluetooth: hci3: command tx timeout
[  756.162980][   T34] usb 9-1: new high-speed USB device number 51 using dummy_hcd
[  756.301885][   T34] usb 9-1: device descriptor read/64, error -71
[  756.558320][   T34] usb 9-1: new high-speed USB device number 52 using dummy_hcd
[  756.697179][   T34] usb 9-1: device descriptor read/64, error -71
[  756.814965][   T34] usb usb9-port1: attempt power cycle
[  757.178057][   T34] usb 9-1: new high-speed USB device number 53 using dummy_hcd
[  757.200362][   T34] usb 9-1: device descriptor read/8, error -71
[  757.455940][   T34] usb 9-1: new high-speed USB device number 54 using dummy_hcd
[  757.487467][T15191] could not allocate digest TFM handle sha224-generic
[  757.488621][   T34] usb 9-1: device descriptor read/8, error -71
[  757.605781][   T34] usb usb9-port1: unable to enumerate USB device
[  758.091011][T15201] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  758.093185][T15201] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  758.095672][T15201] vhci_hcd vhci_hcd.0: Device attached
[  758.161964][ T5947] Bluetooth: hci3: command tx timeout
[  758.560541][T15206] could not allocate digest TFM handle sha224-generic
[  758.684966][ T5987] usb 39-1: new low-speed USB device number 18 using vhci_hcd
[  759.144334][T15202] vhci_hcd: connection reset by peer
[  759.146988][   T53] vhci_hcd vhci_hcd.1: stop threads
[  759.148759][   T53] vhci_hcd vhci_hcd.1: release socket
[  759.155076][   T53] vhci_hcd vhci_hcd.1: disconnect device
[  759.281317][T15216] could not allocate digest TFM handle sha224-generic
[  759.860333][  T841] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  760.031240][  T841] usb 7-1: Using ep0 maxpacket: 32
[  760.034703][  T841] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  760.038764][  T841] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  760.042248][  T841] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  760.045231][  T841] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.051353][  T841] usb 7-1: config 0 descriptor??
[  760.495897][T15229] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.560535][T15229] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.560726][  T841] savu 0003:1E7D:2D5A.0025: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  760.632811][T15229] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.682059][T15229] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.774645][T15213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2490'.
[  760.790139][T15213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2490'.
[  760.811749][   T53] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  760.815959][   T53] Bluetooth: hci2: received HCILL_GO_TO_SLEEP_ACK in state 0
[  760.816495][ T5994] usb 7-1: USB disconnect, device number 36
[  760.819305][   T53] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  760.844566][   T53] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  760.847229][   T53] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  761.075170][T15245] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  761.077298][T15245] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  761.080372][T15245] vhci_hcd vhci_hcd.0: Device attached
[  761.092734][T15245] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2495'.
[  761.178796][T15242] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2497'.
[  761.334970][ T8238] usb 37-1: new high-speed USB device number 17 using vhci_hcd
[  761.368459][T15250] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  761.379387][T15250] bond0: (slave lo): Enslaving as an active interface with an up link
[  761.382378][T15250] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  761.391585][   T34] lo speed is unknown, defaulting to 1000
[  761.393782][   T34] syz2: Port: 1 Link ACTIVE
[  761.396431][ T6027] lo speed is unknown, defaulting to 1000
[  761.402855][T15250] bridge0: port 3(batadv2) entered blocking state
[  761.405191][T15250] bridge0: port 3(batadv2) entered disabled state
[  761.407582][T15250] batadv2: entered allmulticast mode
[  761.411061][T15250] batadv2: entered promiscuous mode
[  761.429113][T15250] input: syz0 as /devices/virtual/input/input22
[  761.684810][T15246] vhci_hcd: connection reset by peer
[  761.687001][   T46] vhci_hcd vhci_hcd.0: stop threads
[  761.689960][   T46] vhci_hcd vhci_hcd.0: release socket
[  761.693141][   T46] vhci_hcd vhci_hcd.0: disconnect device
[  761.882845][T15255] could not allocate digest TFM handle sha224-generic
[  761.944119][T12448] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  761.948133][T12448] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  762.125906][T15261] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  762.128025][T15261] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  762.131472][T15261] vhci_hcd vhci_hcd.0: Device attached
[  762.137844][T15261] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2501'.
[  762.499793][ T8156] usb 45-1: new high-speed USB device number 17 using vhci_hcd
[  763.034113][ T5945] Bluetooth: hci2: command 0x1003 tx timeout
[  763.034146][ T5947] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  763.943872][T15262] vhci_hcd: connection reset by peer
[  763.945866][T15145] vhci_hcd vhci_hcd.4: stop threads
[  763.947620][T15145] vhci_hcd vhci_hcd.4: release socket
[  763.949785][T15145] vhci_hcd vhci_hcd.4: disconnect device
[  764.107339][T15271] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.157077][ T5987] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  764.228811][T15271] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.311409][T15271] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.411205][T15271] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.521626][   T53] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  764.529595][   T53] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  764.538071][   T53] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  764.549402][   T53] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  764.792827][T15286] could not allocate digest TFM handle sha224-generic
[  764.815939][T15293] ptrace attach of "/syz-executor exec"[7663] was attempted by "/syz-executor exec"[15293]
[  764.984693][T15296] could not allocate digest TFM handle sha224-generic
[  765.164559][T15303] could not allocate digest TFM handle sha224-generic
[  765.704416][T15312] binder: 15308:15312 ioctl c0046209 0 returned -22
[  766.222508][T15317] FAULT_INJECTION: forcing a failure.
[  766.222508][T15317] name failslab, interval 1, probability 0, space 0, times 0
[  766.227634][T15317] CPU: 1 UID: 0 PID: 15317 Comm: syz.4.2516 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  766.227656][T15317] Tainted: [L]=SOFTLOCKUP
[  766.227661][T15317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  766.227669][T15317] Call Trace:
[  766.227676][T15317]  <TASK>
[  766.227683][T15317]  dump_stack_lvl+0x100/0x190
[  766.227714][T15317]  should_fail_ex.cold+0x5/0xa
[  766.227738][T15317]  should_failslab+0xc2/0x120
[  766.227760][T15317]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  766.227792][T15317]  ? dst_alloc+0x99/0x1a0
[  766.227830][T15317]  dst_alloc+0x99/0x1a0
[  766.227858][T15317]  ? ip_route_output_key_hash_rcu+0x1f8e/0x2870
[  766.227887][T15317]  rt_dst_alloc+0x35/0x3a0
[  766.227934][T15317]  ip_route_output_key_hash_rcu+0x87a/0x2870
[  766.227959][T15317]  ip_route_output_key_hash+0x118/0x2b0
[  766.227978][T15317]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  766.227996][T15317]  ? __lock_acquire+0x4a5/0x2630
[  766.228017][T15317]  ? __lock_acquire+0x4a5/0x2630
[  766.228041][T15317]  tcp_v4_connect+0x86b/0x1b40
[  766.228065][T15317]  ? __pfx_tcp_v4_connect+0x10/0x10
[  766.228084][T15317]  ? __local_bh_enable_ip+0x9e/0x120
[  766.228102][T15317]  mptcp_connect+0x4b5/0xad0
[  766.228127][T15317]  __inet_stream_connect+0x208/0xfa0
[  766.228150][T15317]  ? __pfx___inet_stream_connect+0x10/0x10
[  766.228169][T15317]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  766.228192][T15317]  ? __pfx_inet_stream_connect+0x10/0x10
[  766.228211][T15317]  ? __local_bh_enable_ip+0x9e/0x120
[  766.228227][T15317]  ? __pfx_inet_stream_connect+0x10/0x10
[  766.228244][T15317]  inet_stream_connect+0x57/0xa0
[  766.228263][T15317]  __sys_connect_file+0x141/0x1a0
[  766.228287][T15317]  __sys_connect+0x141/0x170
[  766.228307][T15317]  ? __pfx___sys_connect+0x10/0x10
[  766.228333][T15317]  ? ksys_write+0x1ac/0x250
[  766.228348][T15317]  ? __pfx_ksys_write+0x10/0x10
[  766.228376][T15317]  __ia32_sys_connect+0x71/0xb0
[  766.228399][T15317]  ? lockdep_hardirqs_on+0x78/0x100
[  766.228414][T15317]  __do_fast_syscall_32+0xe3/0x8c0
[  766.228432][T15317]  do_fast_syscall_32+0x32/0x70
[  766.228448][T15317]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  766.228467][T15317] RIP: 0023:0xf6fcef6c
[  766.228480][T15317] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  766.228494][T15317] RSP: 002b:00000000f53bd50c EFLAGS: 00000292 ORIG_RAX: 000000000000016a
[  766.228508][T15317] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000080
[  766.228516][T15317] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  766.228524][T15317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  766.228532][T15317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  766.228540][T15317] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  766.228557][T15317]  </TASK>
[  766.590316][T15328] could not allocate digest TFM handle sha224-generic
[  766.785196][ T8238] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  767.052989][ T7496] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  767.062790][   T53] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  767.467678][T15340] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  767.470119][T15340] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  767.475122][T15340] vhci_hcd vhci_hcd.0: Device attached
[  767.514079][T15340] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2519'.
[  767.529869][T15343] could not allocate digest TFM handle sha224-generic
[  767.681878][T15348] could not allocate digest TFM handle sha224-generic
[  767.684784][T15341] vhci_hcd: connection closed
[  767.685326][ T7496] vhci_hcd vhci_hcd.0: stop threads
[  767.689414][ T7496] vhci_hcd vhci_hcd.0: release socket
[  767.692244][ T7496] vhci_hcd vhci_hcd.0: disconnect device
[  767.981904][ T8156] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  768.956222][T15357] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  769.065545][T15363] netlink: 236 bytes leftover after parsing attributes in process `syz.0.2529'.
[  769.069644][T15364] netlink: 236 bytes leftover after parsing attributes in process `syz.0.2529'.
[  769.243472][T15364] dlm: no locking on control device
[  769.243481][T15363] dlm: no locking on control device
[  769.427378][T15371] block device autoloading is deprecated and will be removed.
[  769.878488][T15382] could not allocate digest TFM handle sha224-generic
[  770.423324][T15389] could not allocate digest TFM handle sha224-generic
[  771.124943][T15395] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.183199][T15395] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.251964][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  771.310595][T15395] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.435058][T15395] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.509641][T15403] program syz.4.2538 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  771.538620][T12448] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  771.547359][T12448] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  771.555372][T12448] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  771.569074][T12448] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  771.648834][T15407] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.657731][T15407] buffer_io_error: 138 callbacks suppressed
[  771.657756][T15407] Buffer I/O error on dev nbd4, logical block 0, async page read
[  771.663869][T15407] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.668212][T15407] Buffer I/O error on dev nbd4, logical block 1, async page read
[  771.672782][T15407] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.676598][T15407] Buffer I/O error on dev nbd4, logical block 2, async page read
[  771.680765][T15407] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.685317][T15407] Buffer I/O error on dev nbd4, logical block 3, async page read
[  771.688540][T15407] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.692954][T15407] Buffer I/O error on dev nbd4, logical block 0, async page read
[  771.696562][T15407] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.700855][T15407] Buffer I/O error on dev nbd4, logical block 1, async page read
[  771.705897][T15407] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.710696][T15407] Buffer I/O error on dev nbd4, logical block 2, async page read
[  771.716520][T15407] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.720443][T15407] Buffer I/O error on dev nbd4, logical block 3, async page read
[  771.727381][T15407] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.732186][T15407] Buffer I/O error on dev nbd4, logical block 0, async page read
[  771.736799][T15407] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  771.741620][T15407] Buffer I/O error on dev nbd4, logical block 1, async page read
[  771.746475][T15407] ldm_validate_partition_table(): Disk read failed.
[  771.749752][T15407] Dev nbd4: unable to read RDB block 0
[  771.752860][T15407]  nbd4: unable to read partition table
[  772.343162][T15423] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (eth1-tx-0)
[  772.527926][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  772.778457][T15425] ldm_validate_partition_table(): Disk read failed.
[  772.782947][T15425] Dev nbd0: unable to read RDB block 0
[  772.785606][T15425]  nbd0: unable to read partition table
[  773.150013][T15428] could not allocate digest TFM handle sha224-generic
[  774.365023][T15437] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.420528][T15437] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.505680][T15437] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.588413][T15437] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.668419][   T46] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  774.676985][   T46] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  774.686933][   T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  774.696843][   T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  774.749022][T15455] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  774.751203][T15455] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  774.757677][T15455] vhci_hcd vhci_hcd.0: Device attached
[  774.785227][T15455] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2554'.
[  774.978816][T15465] binder: 15458:15465 ioctl c0046209 0 returned -22
[  775.000880][T15456] vhci_hcd: connection closed
[  775.001166][T15145] vhci_hcd vhci_hcd.4: stop threads
[  775.006912][T15145] vhci_hcd vhci_hcd.4: release socket
[  775.009400][T15145] vhci_hcd vhci_hcd.4: disconnect device
[  775.066601][   T50] usb 45-1: new high-speed USB device number 18 using vhci_hcd
[  775.069974][   T50] usb 45-1: enqueue for inactive port 0
[  775.141510][   T50] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  775.243572][T15469] lo speed is unknown, defaulting to 1000
[  776.028783][ T3247] usb 9-1: new high-speed USB device number 55 using dummy_hcd
[  776.059623][T15492] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  776.061793][T15492] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  776.065047][T15492] vhci_hcd vhci_hcd.0: Device attached
[  776.200650][ T3247] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  776.203510][ T3247] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  776.207289][ T3247] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  776.213741][ T3247] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  776.217487][ T3247] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  776.223383][ T3247] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  776.226352][ T3247] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  776.228862][ T3247] usb 9-1: Product: syz
[  776.230234][ T3247] usb 9-1: Manufacturer: syz
[  776.248526][ T3247] cdc_wdm 9-1:1.0: skipping garbage
[  776.250323][ T3247] cdc_wdm 9-1:1.0: skipping garbage
[  776.257549][ T3247] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  776.259450][ T3247] cdc_wdm 9-1:1.0: Unknown control protocol
[  776.359739][ T5987] usb 42-1: SetAddress Request (18) to port 0
[  776.362796][ T5987] usb 42-1: new SuperSpeed USB device number 18 using vhci_hcd
[  776.584910][T15494] vhci_hcd: connection reset by peer
[  776.587004][   T53] vhci_hcd vhci_hcd.2: stop threads
[  776.588729][   T53] vhci_hcd vhci_hcd.2: release socket
[  776.590588][   T53] vhci_hcd vhci_hcd.2: disconnect device
[  776.732478][    C2] cdc_wdm 9-1:1.0: Unexpected error -71
[  776.732851][ T8156] usb 9-1: USB disconnect, device number 55
[  776.735068][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  776.735092][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  776.735106][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  776.897269][T15501] syzkaller0: entered promiscuous mode
[  776.899654][T15501] syzkaller0: entered allmulticast mode
[  777.858739][T15506] could not allocate digest TFM handle sha224-generic
[  778.057683][T15517] overlay: Unknown parameter 'smackfstransmute'
[  778.121192][T15519] binder: 15514:15519 ioctl c0046209 0 returned -22
[  778.133729][T15518] max out of range
[  778.370081][T15523] FAULT_INJECTION: forcing a failure.
[  778.370081][T15523] name failslab, interval 1, probability 0, space 0, times 0
[  778.374463][T15523] CPU: 3 UID: 0 PID: 15523 Comm: syz.2.2575 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  778.374490][T15523] Tainted: [L]=SOFTLOCKUP
[  778.374497][T15523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  778.374509][T15523] Call Trace:
[  778.374520][T15523]  <TASK>
[  778.374530][T15523]  dump_stack_lvl+0x100/0x190
[  778.374577][T15523]  should_fail_ex.cold+0x5/0xa
[  778.374605][T15523]  should_failslab+0xc2/0x120
[  778.374625][T15523]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  778.374649][T15523]  ? __alloc_skb+0x140/0x710
[  778.374675][T15523]  __alloc_skb+0x140/0x710
[  778.374693][T15523]  ? __alloc_skb+0x5b7/0x710
[  778.374713][T15523]  ? __pfx___alloc_skb+0x10/0x10
[  778.374732][T15523]  ? genl_rcv_msg+0x4be/0x800
[  778.374755][T15523]  netlink_ack+0x117/0xb80
[  778.374774][T15523]  netlink_rcv_skb+0x333/0x420
[  778.374788][T15523]  ? __pfx_genl_rcv_msg+0x10/0x10
[  778.374805][T15523]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  778.374826][T15523]  ? netlink_deliver_tap+0x1ae/0xcc0
[  778.374841][T15523]  genl_rcv+0x28/0x40
[  778.374855][T15523]  netlink_unicast+0x5aa/0x870
[  778.374871][T15523]  ? __pfx_netlink_unicast+0x10/0x10
[  778.374885][T15523]  ? __pfx___might_resched+0x10/0x10
[  778.374918][T15523]  netlink_sendmsg+0x8b0/0xda0
[  778.374946][T15523]  ? __pfx_netlink_sendmsg+0x10/0x10
[  778.374973][T15523]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  778.375015][T15523]  ____sys_sendmsg+0x9e1/0xb70
[  778.375033][T15523]  ? __pfx_netlink_sendmsg+0x10/0x10
[  778.375049][T15523]  ? __pfx_____sys_sendmsg+0x10/0x10
[  778.375072][T15523]  ___sys_sendmsg+0x190/0x1e0
[  778.375092][T15523]  ? __pfx____sys_sendmsg+0x10/0x10
[  778.375128][T15523]  __sys_sendmsg+0x170/0x220
[  778.375142][T15523]  ? __pfx___sys_sendmsg+0x10/0x10
[  778.375160][T15523]  ? __pfx_ksys_write+0x10/0x10
[  778.375178][T15523]  __do_fast_syscall_32+0xe3/0x8c0
[  778.375199][T15523]  do_fast_syscall_32+0x32/0x70
[  778.375214][T15523]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  778.375233][T15523] RIP: 0023:0xf7f26f6c
[  778.375245][T15523] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  778.375259][T15523] RSP: 002b:00000000f53e650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  778.375272][T15523] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000a80
[  778.375280][T15523] RDX: 0000000004048000 RSI: 0000000000000000 RDI: 0000000000000000
[  778.375288][T15523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  778.375296][T15523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  778.375303][T15523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  778.375319][T15523]  </TASK>
[  779.691787][T15533] could not allocate digest TFM handle sha224-generic
[  779.984267][T15536] could not allocate digest TFM handle sha224-generic
[  780.888395][T15554] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  780.916905][T15552] netlink: 'syz.4.2582': attribute type 4 has an invalid length.
[  780.965224][T15552] netlink: 'syz.4.2582': attribute type 4 has an invalid length.
[  780.971581][T15554] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  781.103281][T15566] binder: 15562:15566 ioctl c0046209 0 returned -22
[  781.157526][T15554] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  781.226623][T15554] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  781.395918][   T46] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  781.406845][T15145] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  781.418996][   T46] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  781.427021][T15145] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  781.767061][ T5987] usb 42-1: device descriptor read/8, error -110
[  781.994492][T15580] could not allocate digest TFM handle sha224-generic
[  782.261742][ T5987] usb usb42-port1: attempt power cycle
[  782.463515][T15586] could not allocate digest TFM handle sha224-generic
[  783.948095][ T5987] usb usb42-port1: unable to enumerate USB device
[  784.282923][T15598] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  784.285097][T15598] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  784.287853][T15598] vhci_hcd vhci_hcd.0: Device attached
[  784.363492][T15598] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2594'.
[  784.587952][ T8238] usb 41-1: new high-speed USB device number 23 using vhci_hcd
[  784.895732][T15614] could not allocate digest TFM handle sha224-generic
[  785.017324][T15618] binder: 15612:15618 ioctl c0046209 0 returned -22
[  785.467038][T15599] vhci_hcd: connection reset by peer
[  785.468999][T15145] vhci_hcd vhci_hcd.2: stop threads
[  785.470880][T15145] vhci_hcd vhci_hcd.2: release socket
[  785.472991][T15145] vhci_hcd vhci_hcd.2: disconnect device
[  785.883267][T15621] could not allocate digest TFM handle sha224-generic
[  787.084370][T15643] could not allocate digest TFM handle sha224-generic
[  788.009205][T15653] binder: 15650:15653 ioctl c0046209 0 returned -22
[  788.549002][T15649] could not allocate digest TFM handle sha224-generic
[  788.762163][T15662] could not allocate digest TFM handle sha224-generic
[  788.786768][T15664] could not allocate digest TFM handle sha224-generic
[  789.033333][T14510] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[  789.204247][T14510] usb 6-1: Using ep0 maxpacket: 32
[  789.208870][T14510] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  789.214282][T14510] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  789.219171][T14510] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  789.222936][T14510] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.230145][T14510] usb 6-1: config 0 descriptor??
[  789.694784][T14510] savu 0003:1E7D:2D5A.0026: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[  789.871181][T15687] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  789.891382][T15668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2613'.
[  789.895124][T15668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2613'.
[  789.907582][T15135] Bluetooth: hci2: received HCILL_GO_TO_SLEEP_ACK in state 0
[  789.908274][  T841] usb 6-1: USB disconnect, device number 63
[  789.936396][T15687] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  790.008688][T15687] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  790.037786][ T8238] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  790.068097][T15687] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  790.150221][   T46] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  790.161992][   T46] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  790.171964][   T46] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  790.179207][   T46] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  790.748674][T15701] binder: 15694:15701 ioctl c0046209 0 returned -22
[  790.785138][T15699] could not allocate digest TFM handle sha224-generic
[  792.100240][ T5947] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  792.516831][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  792.875817][T15713] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  792.992788][T15713] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  793.047540][T15713] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  793.362486][T15713] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  793.458358][T15135] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  793.466085][T15135] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  793.474388][T15135] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  793.486106][T15135] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  793.621524][T15720] could not allocate digest TFM handle sha224-generic
[  793.750290][T15725] could not allocate digest TFM handle sha224-generic
[  793.920179][T15715] could not allocate digest TFM handle sha224-generic
[  794.722756][T15741] could not allocate digest TFM handle sha224-generic
[  795.019249][T15750] binder: 15747:15750 ioctl c0046209 0 returned -22
[  795.558262][T15753] could not allocate digest TFM handle sha224-generic
[  795.655596][T15761] could not allocate digest TFM handle sha224-generic
[  795.980164][T15769] could not allocate digest TFM handle sha224-generic
[  796.168859][T15773] could not allocate digest TFM handle sha224-generic
[  797.134622][T15786] netlink: 196 bytes leftover after parsing attributes in process `syz.4.2642'.
[  797.137873][T15786] netlink: 196 bytes leftover after parsing attributes in process `syz.4.2642'.
[  797.224824][T15798] FAULT_INJECTION: forcing a failure.
[  797.224824][T15798] name failslab, interval 1, probability 0, space 0, times 0
[  797.228740][T15798] CPU: 3 UID: 0 PID: 15798 Comm: syz.0.2647 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  797.228760][T15798] Tainted: [L]=SOFTLOCKUP
[  797.228764][T15798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  797.228772][T15798] Call Trace:
[  797.228777][T15798]  <TASK>
[  797.228782][T15798]  dump_stack_lvl+0x100/0x190
[  797.228819][T15798]  should_fail_ex.cold+0x5/0xa
[  797.228837][T15798]  should_failslab+0xc2/0x120
[  797.228852][T15798]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  797.228873][T15798]  ? __alloc_skb+0x140/0x710
[  797.228896][T15798]  __alloc_skb+0x140/0x710
[  797.228914][T15798]  ? __alloc_skb+0x5b7/0x710
[  797.228932][T15798]  ? __pfx___alloc_skb+0x10/0x10
[  797.228948][T15798]  ? kernel_text_address+0x8d/0x100
[  797.228968][T15798]  ? __kernel_text_address+0xd/0x30
[  797.228986][T15798]  ? unwind_get_return_address+0x59/0xa0
[  797.229010][T15798]  alloc_skb_with_frags+0xe0/0x810
[  797.229038][T15798]  sock_alloc_send_pskb+0x801/0x980
[  797.229066][T15798]  ? look_up_lock_class+0x55/0x120
[  797.229089][T15798]  ? register_lock_class+0x40/0x560
[  797.229111][T15798]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  797.229129][T15798]  ? __lock_acquire+0x4a5/0x2630
[  797.229148][T15798]  __ip6_append_data+0x2c3f/0x4dc0
[  797.229168][T15798]  ? __pfx_udplite_getfrag+0x10/0x10
[  797.229187][T15798]  ? find_held_lock+0x2b/0x80
[  797.229201][T15798]  ? __pfx___ip6_append_data+0x10/0x10
[  797.229216][T15798]  ? __pfx_ip6_mtu+0x10/0x10
[  797.229226][T15798]  ? ip6_setup_cork+0x5be/0x14c0
[  797.229241][T15798]  ip6_make_skb+0x2a3/0x3b0
[  797.229258][T15798]  ? __pfx_udplite_getfrag+0x10/0x10
[  797.229275][T15798]  ? __pfx_ip6_make_skb+0x10/0x10
[  797.229293][T15798]  ? find_held_lock+0x2b/0x80
[  797.229303][T15798]  ? ip6_dst_hoplimit+0xf3/0x4d0
[  797.229343][T15798]  ? ip6_dst_hoplimit+0xf3/0x4d0
[  797.229364][T15798]  ? udpv6_sendmsg+0x2499/0x2f60
[  797.229385][T15798]  udpv6_sendmsg+0x2499/0x2f60
[  797.229409][T15798]  ? __pfx_udplite_getfrag+0x10/0x10
[  797.229429][T15798]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  797.229446][T15798]  ? kernel_text_address+0x8d/0x100
[  797.229463][T15798]  ? __kernel_text_address+0xd/0x30
[  797.229489][T15798]  ? __pfx___might_resched+0x10/0x10
[  797.229531][T15798]  ? __pfx_aa_sk_perm+0x10/0x10
[  797.229551][T15798]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  797.229570][T15798]  ? inet6_sendmsg+0x105/0x140
[  797.229580][T15798]  inet6_sendmsg+0x105/0x140
[  797.229591][T15798]  sock_write_iter+0x439/0x5a0
[  797.229607][T15798]  ? __pfx_sock_write_iter+0x10/0x10
[  797.229621][T15798]  ? get_pid_task+0xfc/0x250
[  797.229640][T15798]  ? bpf_lsm_file_permission+0x9/0x10
[  797.229652][T15798]  ? security_file_permission+0x76/0x210
[  797.229668][T15798]  ? rw_verify_area+0xce/0x6d0
[  797.229690][T15798]  vfs_write+0x6ac/0x1070
[  797.229702][T15798]  ? __pfx_sock_write_iter+0x10/0x10
[  797.229717][T15798]  ? __pfx_vfs_write+0x10/0x10
[  797.229727][T15798]  ? find_held_lock+0x2b/0x80
[  797.229746][T15798]  ksys_write+0x1f8/0x250
[  797.229758][T15798]  ? __pfx_ksys_write+0x10/0x10
[  797.229769][T15798]  ? __pfx_ksys_write+0x10/0x10
[  797.229783][T15798]  __do_fast_syscall_32+0xe3/0x8c0
[  797.229798][T15798]  do_fast_syscall_32+0x32/0x70
[  797.229811][T15798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  797.229826][T15798] RIP: 0023:0xf70bef6c
[  797.229836][T15798] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  797.229848][T15798] RSP: 002b:00000000f54ad50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  797.229860][T15798] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  797.229867][T15798] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000
[  797.229874][T15798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  797.229880][T15798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  797.229887][T15798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  797.229901][T15798]  </TASK>
[  797.391755][T15810] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.2651'.
[  797.405430][T15803] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  797.405437][T15811] binder: 15791:15811 ioctl c0046209 0 returned -22
[  797.474677][T15815] FAULT_INJECTION: forcing a failure.
[  797.474677][T15815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  797.479309][T15815] CPU: 1 UID: 0 PID: 15815 Comm: syz.4.2654 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  797.479332][T15815] Tainted: [L]=SOFTLOCKUP
[  797.479347][T15815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  797.479355][T15815] Call Trace:
[  797.479360][T15815]  <TASK>
[  797.479366][T15815]  dump_stack_lvl+0x100/0x190
[  797.479391][T15815]  should_fail_ex.cold+0x5/0xa
[  797.479407][T15815]  _copy_to_user+0x32/0xd0
[  797.479426][T15815]  simple_read_from_buffer+0xcb/0x170
[  797.479449][T15815]  proc_fail_nth_read+0x1af/0x230
[  797.479468][T15815]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  797.479484][T15815]  ? rw_verify_area+0xce/0x6d0
[  797.479501][T15815]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  797.479516][T15815]  vfs_read+0x1e4/0xb30
[  797.479529][T15815]  ? __pfx_vfs_read+0x10/0x10
[  797.479539][T15815]  ? find_held_lock+0x2b/0x80
[  797.479551][T15815]  ? __fget_files+0x215/0x3d0
[  797.479566][T15815]  ? __fget_files+0x21f/0x3d0
[  797.479581][T15815]  ksys_read+0x12a/0x250
[  797.479591][T15815]  ? __pfx_ksys_read+0x10/0x10
[  797.479606][T15815]  do_int80_emulation+0x141/0x6b0
[  797.479623][T15815]  asm_int80_emulation+0x1a/0x20
[  797.479635][T15815] RIP: 0023:0xf7105cab
[  797.479646][T15815] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  797.479657][T15815] RSP: 002b:00000000f53bd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  797.479669][T15815] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53bd5d0
[  797.479676][T15815] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  797.479682][T15815] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  797.479689][T15815] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  797.479696][T15815] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  797.479710][T15815]  </TASK>
[  797.644523][T15803] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  797.716762][T15803] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  797.744155][T15822] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2657'.
[  797.800227][T15803] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  797.801432][ T5947] block nbd5: Receive control failed (result -1)
[  797.877329][   T46] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  797.886952][   T46] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  797.894998][   T46] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  797.903297][   T46] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  798.364716][T15831] /dev/sr0: Can't open blockdev
[  798.568476][T15850] could not allocate digest TFM handle sha224-generic
[  799.103668][T15858] tmpfs: Bad value for 'mpol'
[  799.138927][T15858] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  799.187572][T15858] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  801.133803][T15908] could not allocate digest TFM handle sha224-generic
[  801.248087][ T7496] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  801.256747][   T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  801.330812][T15915] could not allocate digest TFM handle sha224-generic
[  801.782321][ T5994] IPVS: starting estimator thread 0...
[  801.888668][T15922] IPVS: using max 47 ests per chain, 112800 per kthread
[  802.385548][T15932] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2686'.
[  802.410749][T15936] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2687'.
[  802.462500][T15933] 
[  802.463407][T15933] ======================================================
[  802.466048][T15933] WARNING: possible circular locking dependency detected
[  802.468565][T15933] syzkaller #0 Tainted: G             L     
[  802.470803][T15933] ------------------------------------------------------
[  802.473367][T15933] syz.2.2685/15933 is trying to acquire lock:
[  802.475827][T15933] ffffffff8e9aa8a0 (fs_reclaim){+.+.}-{0:0}, at: __kmalloc_cache_noprof+0x4b/0x6f0
[  802.478947][T15933] 
[  802.478947][T15933] but task is already holding lock:
[  802.481397][T15933] ffff888070df2538 (&idev->mc_lock){+.+.}-{4:4}, at: __ipv6_dev_mc_inc+0x53/0xbc0
[  802.484469][T15933] 
[  802.484469][T15933] which lock already depends on the new lock.
[  802.484469][T15933] 
[  802.487912][T15933] 
[  802.487912][T15933] the existing dependency chain (in reverse order) is:
[  802.490974][T15933] 
[  802.490974][T15933] -> #7 (&idev->mc_lock){+.+.}-{4:4}:
[  802.493633][T15933]        __mutex_lock+0x1a2/0x1b90
[  802.495393][T15933]        __ipv6_dev_mc_inc+0x53/0xbc0
[  802.497276][T15933]        __ipv6_sock_mc_join+0x5b8/0x8e0
[  802.499266][T15933]        do_ipv6_mcast_group_source+0x21e/0x270
[  802.501350][T15933]        do_ipv6_setsockopt+0x1d89/0x4400
[  802.503343][T15933]        ipv6_setsockopt+0xcb/0x170
[  802.505079][T15933]        tcp_setsockopt+0xa7/0x100
[  802.506903][T15933]        do_sock_setsockopt+0xf3/0x1d0
[  802.508869][T15933]        __sys_setsockopt+0x119/0x190
[  802.510689][T15933]        __ia32_sys_setsockopt+0xbc/0x160
[  802.512610][T15933]        __do_fast_syscall_32+0xe3/0x8c0
[  802.514533][T15933]        do_fast_syscall_32+0x32/0x70
[  802.516364][T15933]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  802.518753][T15933] 
[  802.518753][T15933] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}:
[  802.521335][T15933]        lock_sock_nested+0x41/0xf0
[  802.523151][T15933]        inet_shutdown+0x67/0x410
[  802.525028][T15933]        nbd_mark_nsock_dead+0xae/0x5c0
[  802.527012][T15933]        recv_work+0x5fb/0x8c0
[  802.528691][T15933]        process_one_work+0xa23/0x19a0
[  802.530669][T15933]        worker_thread+0x5ef/0xe50
[  802.532408][T15933]        kthread+0x370/0x450
SYZFAIL: failed to recv rpc
[  802.534001][T15933]        ret_from_fork+0x754/0xd80
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  802.536200][T15933]        ret_from_fork_asm+0x1a/0x30
[  802.538392][T15933] 
[  802.538392][T15933] -> #5 (&nsock->tx_lock){+.+.}-{4:4}:
[  802.541558][T15933]        __mutex_lock+0x1a2/0x1b90
[  802.543744][T15933]        nbd_queue_rq+0x428/0x1080
[  802.545636][T15933]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  802.547747][T15933]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  802.549933][T15933]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  802.552002][T15933]        blk_mq_run_hw_queue+0x23c/0x670
[  802.553833][T15933]        blk_mq_dispatch_list+0x51d/0x1360
[  802.555714][T15933]        blk_mq_flush_plug_list+0x130/0x600
[  802.557587][T15933]        __blk_flush_plug+0x2c4/0x4b0
[  802.559353][T15933]        __submit_bio+0x584/0x6c0
[  802.560959][T15933]        submit_bio_noacct_nocheck+0x562/0xc10
[  802.563137][T15933]        submit_bio_noacct+0xd17/0x2010
[  802.565175][T15933]        submit_bh_wbc+0x59c/0x770
[  802.566852][T15933]        block_read_full_folio+0x264/0x8e0
[  802.568794][T15933]        filemap_read_folio+0xfc/0x3b0
[  802.570709][T15933]        do_read_cache_folio+0x2d7/0x6b0
[  802.572844][T15933]        read_part_sector+0xd1/0x370
[  802.574538][T15933]        adfspart_check_ICS+0x93/0x910
[  802.576266][T15933]        bdev_disk_changed+0x7f8/0xc80
[  802.578046][T15933]        blkdev_get_whole+0x187/0x290
[  802.579750][T15933]        bdev_open+0x2c7/0xe40
[  802.581290][T15933]        blkdev_open+0x34e/0x4f0
[  802.582916][T15933]        do_dentry_open+0x6d8/0x1660
[  802.584597][T15933]        vfs_open+0x82/0x3f0
[  802.586108][T15933]        path_openat+0x208c/0x31a0
[  802.587744][T15933]        do_file_open+0x20e/0x430
[  802.589343][T15933]        do_sys_openat2+0x10d/0x1e0
[  802.591002][T15933]        __x64_sys_openat+0x12d/0x210
[  802.592724][T15933]        do_syscall_64+0x106/0xf80
[  802.594372][T15933]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.596396][T15933] 
[  802.596396][T15933] -> #4 (&cmd->lock){+.+.}-{4:4}:
[  802.598682][T15933]        __mutex_lock+0x1a2/0x1b90
[  802.600391][T15933]        nbd_queue_rq+0xba/0x1080
[  802.602229][T15933]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  802.604385][T15933]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  802.606674][T15933]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  802.608784][T15933]        blk_mq_run_hw_queue+0x23c/0x670
[  802.610832][T15933]        blk_mq_dispatch_list+0x51d/0x1360
[  802.613017][T15933]        blk_mq_flush_plug_list+0x130/0x600
[  802.615062][T15933]        __blk_flush_plug+0x2c4/0x4b0
[  802.617164][T15933]        __submit_bio+0x584/0x6c0
[  802.619148][T15933]        submit_bio_noacct_nocheck+0x562/0xc10
[  802.621587][T15933]        submit_bio_noacct+0xd17/0x2010
[  802.623795][T15933]        submit_bh_wbc+0x59c/0x770
[  802.625790][T15933]        block_read_full_folio+0x264/0x8e0
[  802.628008][T15933]        filemap_read_folio+0xfc/0x3b0
[  802.630118][T15933]        do_read_cache_folio+0x2d7/0x6b0
[  802.632306][T15933]        read_part_sector+0xd1/0x370
[  802.634409][T15933]        adfspart_check_ICS+0x93/0x910
[  802.636554][T15933]        bdev_disk_changed+0x7f8/0xc80
[  802.638697][T15933]        blkdev_get_whole+0x187/0x290
[  802.640481][T15933]        bdev_open+0x2c7/0xe40
[  802.642048][T15933]        blkdev_open+0x34e/0x4f0
[  802.643688][T15933]        do_dentry_open+0x6d8/0x1660
[  802.645395][T15933]        vfs_open+0x82/0x3f0
[  802.646896][T15933]        path_openat+0x208c/0x31a0
[  802.648528][T15933]        do_file_open+0x20e/0x430
[  802.650165][T15933]        do_sys_openat2+0x10d/0x1e0
[  802.651829][T15933]        __x64_sys_openat+0x12d/0x210
[  802.653589][T15933]        do_syscall_64+0x106/0xf80
[  802.655322][T15933]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.657320][T15933] 
[  802.657320][T15933] -> #3 (set->srcu){.+.+}-{0:0}:
[  802.659617][T15933]        __synchronize_srcu+0xa2/0x300
[  802.661345][T15933]        blk_mq_quiesce_queue+0x149/0x1c0
[  802.663194][T15933]        elevator_switch+0x17b/0x7e0
[  802.664888][T15933]        elevator_change+0x352/0x530
[  802.666619][T15933]        elevator_set_default+0x29e/0x360
[  802.668453][T15933]        blk_register_queue+0x412/0x590
[  802.670251][T15933]        __add_disk+0x73f/0xe40
[  802.671818][T15933]        add_disk_fwnode+0x118/0x5c0
[  802.673528][T15933]        nbd_dev_add+0x77a/0xb10
[  802.675132][T15933]        nbd_init+0x291/0x2b0
[  802.676945][T15933]        do_one_initcall+0x11d/0x760
[  802.678751][T15933]        kernel_init_freeable+0x6e5/0x7a0
[  802.680687][T15933]        kernel_init+0x1f/0x1e0
[  802.682295][T15933]        ret_from_fork+0x754/0xd80
[  802.683941][T15933]        ret_from_fork_asm+0x1a/0x30
[  802.685643][T15933] 
[  802.685643][T15933] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[  802.688140][T15933]        __mutex_lock+0x1a2/0x1b90
[  802.689811][T15933]        elevator_change+0x1bc/0x530
[  802.691537][T15933]        elevator_set_none+0x92/0xf0
[  802.693321][T15933]        blk_mq_update_nr_hw_queues+0x4c1/0x15f0
[  802.695466][T15933]        nbd_start_device+0x1a6/0xbd0
[  802.697184][T15933]        nbd_genl_connect+0xff2/0x1a40
[  802.698951][T15933]        genl_family_rcv_msg_doit+0x214/0x300
[  802.701317][T15933]        genl_rcv_msg+0x560/0x800
[  802.703369][T15933]        netlink_rcv_skb+0x159/0x420
[  802.705328][T15933]        genl_rcv+0x28/0x40
[  802.706808][T15933]        netlink_unicast+0x5aa/0x870
[  802.708485][T15933]        netlink_sendmsg+0x8b0/0xda0
[  802.710290][T15933]        ____sys_sendmsg+0x9e1/0xb70
[  802.712066][T15933]        ___sys_sendmsg+0x190/0x1e0
[  802.713806][T15933]        __sys_sendmsg+0x170/0x220
[  802.715427][T15933]        __do_fast_syscall_32+0xe3/0x8c0
[  802.717208][T15933]        do_fast_syscall_32+0x32/0x70
[  802.718918][T15933]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  802.721114][T15933] 
[  802.721114][T15933] -> #1 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[  802.723957][T15933]        blk_alloc_queue+0x610/0x790
[  802.725601][T15933]        blk_mq_alloc_queue+0x174/0x290
[  802.727339][T15933]        __blk_mq_alloc_disk+0x29/0x120
[  802.729078][T15933]        nbd_dev_add+0x492/0xb10
[  802.730675][T15933]        nbd_init+0x291/0x2b0
[  802.732211][T15933]        do_one_initcall+0x11d/0x760
[  802.733946][T15933]        kernel_init_freeable+0x6e5/0x7a0
[  802.735751][T15933]        kernel_init+0x1f/0x1e0
[  802.737309][T15933]        ret_from_fork+0x754/0xd80
[  802.738945][T15933]        ret_from_fork_asm+0x1a/0x30
[  802.740663][T15933] 
[  802.740663][T15933] -> #0 (fs_reclaim){+.+.}-{0:0}:
[  802.743091][T15933]        __lock_acquire+0x14b8/0x2630
[  802.744919][T15933]        lock_acquire+0x1cf/0x380
[  802.746536][T15933]        fs_reclaim_acquire+0xc4/0x100
[  802.748256][T15933]        __kmalloc_cache_noprof+0x4b/0x6f0
[  802.750130][T15933]        __ipv6_dev_mc_inc+0x2f1/0xbc0
[  802.751861][T15933]        ipv6_add_dev+0xb78/0x1520
[  802.753523][T15933]        addrconf_notify+0x563/0x19d0
[  802.755279][T15933]        notifier_call_chain+0x99/0x420
[  802.757116][T15933]        call_netdevice_notifiers_info+0xbe/0x110
[  802.759238][T15933]        register_netdevice+0x16e6/0x2210
[  802.761036][T15933]        cfg80211_register_netdevice+0x149/0x310
[  802.763054][T15933]        ieee80211_if_add+0xcfe/0x1860
[  802.764829][T15933]        ieee80211_add_iface+0xaf/0x5d0
[  802.766645][T15933]        nl80211_new_interface+0x65f/0x11d0
[  802.768710][T15933]        genl_family_rcv_msg_doit+0x214/0x300
[  802.770946][T15933]        genl_rcv_msg+0x560/0x800
[  802.772608][T15933]        netlink_rcv_skb+0x159/0x420
[  802.774285][T15933]        genl_rcv+0x28/0x40
[  802.775735][T15933]        netlink_unicast+0x5aa/0x870
[  802.777401][T15933]        netlink_sendmsg+0x8b0/0xda0
[  802.779066][T15933]        ____sys_sendmsg+0x9e1/0xb70
[  802.780739][T15933]        ___sys_sendmsg+0x190/0x1e0
[  802.782430][T15933]        __sys_sendmsg+0x170/0x220
[  802.784043][T15933]        __do_fast_syscall_32+0xe3/0x8c0
[  802.785892][T15933]        do_fast_syscall_32+0x32/0x70
[  802.787595][T15933]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  802.789836][T15933] 
[  802.789836][T15933] other info that might help us debug this:
[  802.789836][T15933] 
[  802.793170][T15933] Chain exists of:
[  802.793170][T15933]   fs_reclaim --> sk_lock-AF_INET6 --> &idev->mc_lock
[  802.793170][T15933] 
[  802.797095][T15933]  Possible unsafe locking scenario:
[  802.797095][T15933] 
[  802.799414][T15933]        CPU0                    CPU1
[  802.801054][T15933]        ----                    ----
[  802.802798][T15933]   lock(&idev->mc_lock);
[  802.804234][T15933]                                lock(sk_lock-AF_INET6);
[  802.806482][T15933]                                lock(&idev->mc_lock);
[  802.808720][T15933]   lock(fs_reclaim);
[  802.810101][T15933] 
[  802.810101][T15933]  *** DEADLOCK ***
[  802.810101][T15933] 
[  802.812841][T15933] 4 locks held by syz.2.2685/15933:
[  802.814510][T15933]  #0: ffffffff906c3630 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  802.817062][T15933]  #1: ffffffff906172e8 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0xb4/0xae0
[  802.819938][T15933]  #2: ffff888078e50788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: nl80211_new_interface+0xac/0x11d0
[  802.823154][T15933]  #3: ffff888070df2538 (&idev->mc_lock){+.+.}-{4:4}, at: __ipv6_dev_mc_inc+0x53/0xbc0
[  802.826262][T15933] 
[  802.826262][T15933] stack backtrace:
[  802.828220][T15933] CPU: 0 UID: 0 PID: 15933 Comm: syz.2.2685 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  802.828239][T15933] Tainted: [L]=SOFTLOCKUP
[  802.828243][T15933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  802.828251][T15933] Call Trace:
[  802.828256][T15933]  <TASK>
[  802.828262][T15933]  dump_stack_lvl+0x100/0x190
[  802.828285][T15933]  print_circular_bug.cold+0x178/0x1c7
[  802.828307][T15933]  check_noncircular+0x146/0x160
[  802.828325][T15933]  __lock_acquire+0x14b8/0x2630
[  802.828341][T15933]  ? __ipv6_dev_mc_inc+0x53/0xbc0
[  802.828358][T15933]  ? __lock_acquire+0x4a5/0x2630
[  802.828374][T15933]  lock_acquire+0x1cf/0x380
[  802.828389][T15933]  ? __kmalloc_cache_noprof+0x4b/0x6f0
[  802.828408][T15933]  fs_reclaim_acquire+0xc4/0x100
[  802.828422][T15933]  ? __kmalloc_cache_noprof+0x4b/0x6f0
[  802.828438][T15933]  __kmalloc_cache_noprof+0x4b/0x6f0
[  802.828454][T15933]  ? __ipv6_dev_mc_inc+0x2f1/0xbc0
[  802.828473][T15933]  __ipv6_dev_mc_inc+0x2f1/0xbc0
[  802.828492][T15933]  ipv6_add_dev+0xb78/0x1520
[  802.828505][T15933]  addrconf_notify+0x563/0x19d0
[  802.828521][T15933]  ? ip6mr_device_event+0x1bc/0x230
[  802.828538][T15933]  notifier_call_chain+0x99/0x420
[  802.828557][T15933]  call_netdevice_notifiers_info+0xbe/0x110
[  802.828574][T15933]  register_netdevice+0x16e6/0x2210
[  802.828588][T15933]  ? __pfx_register_netdevice+0x10/0x10
[  802.828602][T15933]  cfg80211_register_netdevice+0x149/0x310
[  802.828625][T15933]  ieee80211_if_add+0xcfe/0x1860
[  802.828646][T15933]  ieee80211_add_iface+0xaf/0x5d0
[  802.828658][T15933]  ? __pfx_ieee80211_add_iface+0x10/0x10
[  802.828670][T15933]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  802.828685][T15933]  nl80211_new_interface+0x65f/0x11d0
[  802.828704][T15933]  ? __pfx_nl80211_new_interface+0x10/0x10
[  802.828723][T15933]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  802.828740][T15933]  ? nl80211_pre_doit+0x19a/0xae0
[  802.828757][T15933]  genl_family_rcv_msg_doit+0x214/0x300
[  802.828774][T15933]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  802.828789][T15933]  ? genl_get_cmd+0x3ef/0x720
[  802.828803][T15933]  ? bpf_lsm_capable+0x9/0x10
[  802.828817][T15933]  ? security_capable+0x80/0x260
[  802.828830][T15933]  ? ns_capable+0xd2/0xf0
[  802.828843][T15933]  genl_rcv_msg+0x560/0x800
[  802.828858][T15933]  ? __pfx_genl_rcv_msg+0x10/0x10
[  802.828872][T15933]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  802.828889][T15933]  ? __pfx_nl80211_new_interface+0x10/0x10
[  802.828905][T15933]  ? __pfx_nl80211_post_doit+0x10/0x10
[  802.828926][T15933]  netlink_rcv_skb+0x159/0x420
[  802.828939][T15933]  ? __pfx_genl_rcv_msg+0x10/0x10
[  802.828953][T15933]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  802.828968][T15933]  ? netlink_deliver_tap+0x1ae/0xcc0
[  802.828981][T15933]  genl_rcv+0x28/0x40
[  802.828994][T15933]  netlink_unicast+0x5aa/0x870
[  802.829007][T15933]  ? __pfx_netlink_unicast+0x10/0x10
[  802.829022][T15933]  netlink_sendmsg+0x8b0/0xda0
[  802.829035][T15933]  ? __pfx_netlink_sendmsg+0x10/0x10
[  802.829048][T15933]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  802.829062][T15933]  ____sys_sendmsg+0x9e1/0xb70
[  802.829076][T15933]  ? __pfx_netlink_sendmsg+0x10/0x10
[  802.829089][T15933]  ? __pfx_____sys_sendmsg+0x10/0x10
[  802.829105][T15933]  ? __pfx_futex_wake_mark+0x10/0x10
[  802.829174][T15933]  ___sys_sendmsg+0x190/0x1e0
[  802.829189][T15933]  ? __pfx____sys_sendmsg+0x10/0x10
[  802.829210][T15933]  __sys_sendmsg+0x170/0x220
[  802.829222][T15933]  ? __pfx___sys_sendmsg+0x10/0x10
[  802.829232][T15933]  ? __ia32_sys_futex_time32+0x2f4/0x470
[  802.829253][T15933]  __do_fast_syscall_32+0xe3/0x8c0
[  802.829268][T15933]  do_fast_syscall_32+0x32/0x70
[  802.829281][T15933]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  802.829314][T15933] RIP: 0023:0xf7f26f6c
[  802.829326][T15933] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  802.829338][T15933] RSP: 002b:00000000f53c550c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  802.829350][T15933] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  802.829357][T15933] RDX: 0000000024044884 RSI: 0000000000000000 RDI: 0000000000000000
[  802.829365][T15933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  802.829371][T15933] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  802.829378][T15933] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  802.829388][T15933]  </TASK>
[  803.316293][ T7496] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.452048][ T7496] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.507319][ T7496] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.643444][ T7496] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.712721][ T7496] bridge_slave_1: left allmulticast mode
[  803.715125][ T7496] bridge_slave_1: left promiscuous mode
[  803.718179][ T7496] bridge0: port 2(bridge_slave_1) entered disabled state
[  803.722796][ T7496] bridge_slave_0: left allmulticast mode
[  803.724733][ T7496] bridge_slave_0: left promiscuous mode
[  803.728757][ T7496] bridge0: port 1(bridge_slave_0) entered disabled state
[  803.840993][ T7496] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.846648][ T7496] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.851230][ T7496] bond0 (unregistering): Released all slaves
[  804.313354][ T7496] hsr_slave_0: left promiscuous mode
[  804.316246][ T7496] hsr_slave_1: left promiscuous mode
[  804.318913][ T7496] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  804.322061][ T7496] batman_adv: batadv0: Removing interface: batadv_slave_0
[  804.326844][ T7496] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  804.329953][ T7496] batman_adv: batadv0: Removing interface: batadv_slave_1
[  804.336768][ T7496] veth1_macvtap: left promiscuous mode
[  804.339297][ T7496] veth0_macvtap: left promiscuous mode
[  804.341738][ T7496] veth1_vlan: left promiscuous mode
[  804.343983][ T7496] veth0_vlan: left promiscuous mode
[  804.426103][ T7496] team0 (unregistering): Port device team_slave_1 removed
[  804.430908][ T7496] team0 (unregistering): Port device team_slave_0 removed
[  805.089185][ T7496] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.152123][ T7496] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.246332][ T7496] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.334225][ T7496] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.395619][ T7496] bridge_slave_1: left allmulticast mode
[  805.397664][ T7496] bridge_slave_1: left promiscuous mode
[  805.399770][ T7496] bridge0: port 2(bridge_slave_1) entered disabled state
[  805.406779][ T7496] bridge_slave_0: left allmulticast mode
[  805.409194][ T7496] bridge_slave_0: left promiscuous mode
[  805.411707][ T7496] bridge0: port 1(bridge_slave_0) entered disabled state
[  805.568155][ T7496] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  805.573433][ T7496] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  805.578764][ T7496] bond0 (unregistering): Released all slaves
[  805.890671][ T7496] hsr_slave_0: left promiscuous mode
[  805.893548][ T7496] hsr_slave_1: left promiscuous mode
[  805.896471][ T7496] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  805.899585][ T7496] batman_adv: batadv0: Removing interface: batadv_slave_0
[  805.903516][ T7496] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  805.906729][ T7496] batman_adv: batadv0: Removing interface: batadv_slave_1
[  805.913151][ T7496] veth1_macvtap: left promiscuous mode
[  805.915580][ T7496] veth0_macvtap: left promiscuous mode
[  805.918127][ T7496] veth1_vlan: left promiscuous mode
[  805.920384][ T7496] veth0_vlan: left promiscuous mode
[  806.018275][ T7496] team0 (unregistering): Port device team_slave_1 removed
[  806.023335][ T7496] team0 (unregistering): Port device team_slave_0 removed
[  806.477807][ T7496] IPVS: stop unused estimator thread 0...
[  806.572968][ T7496] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  806.626219][ T7496] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  806.689933][ T7496] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  806.752913][ T7496] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  806.837470][ T7496] bridge_slave_1: left allmulticast mode
[  806.839385][ T7496] bridge_slave_1: left promiscuous mode
[  806.841467][ T7496] bridge0: port 2(bridge_slave_1) entered disabled state
[  806.844719][ T7496] bridge_slave_0: left allmulticast mode
[  806.846893][ T7496] bridge_slave_0: left promiscuous mode
[  806.848961][ T7496] bridge0: port 1(bridge_slave_0) entered disabled state
[  806.962317][ T7496] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  806.966623][ T7496] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  806.970357][ T7496] bond0 (unregistering): Released all slaves
[  807.267628][ T7496] hsr_slave_0: left promiscuous mode
[  807.270174][ T7496] hsr_slave_1: left promiscuous mode
[  807.272179][ T7496] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  807.274606][ T7496] batman_adv: batadv0: Removing interface: batadv_slave_0
[  807.277514][ T7496] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  807.279877][ T7496] batman_adv: batadv0: Removing interface: batadv_slave_1
[  807.284487][ T7496] veth1_macvtap: left promiscuous mode
[  807.286828][ T7496] veth0_macvtap: left promiscuous mode
[  807.288732][ T7496] veth1_vlan: left promiscuous mode
[  807.290507][ T7496] veth0_vlan: left promiscuous mode
[  807.379738][ T7496] team0 (unregistering): Port device team_slave_1 removed
[  807.388481][ T7496] team0 (unregistering): Port device team_slave_0 removed