last executing test programs:

2m54.814747035s ago: executing program 1 (id=956):
fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

2m54.814281986s ago: executing program 1 (id=957):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r3, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), r2)
sendmsg$TIPC_CMD_SHOW_PORTS(r1, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r4, 0x20, 0x70bd27, 0x25dfdbfb, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004081}, 0x2000484a)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xb4, r3, 0x0, 0x70bd27, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_ADDR={0x44, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x401}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}]}, 0xb4}}, 0x4008010)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000180)={0x7, "ab2cd211119c07558139ede6dc06270ee04200"})
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x7fff, 0x800000000000007d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r7, 0x0, 0x484, &(0x7f00000001c0)=""/38, &(0x7f0000000280)=0x26)

2m53.912850102s ago: executing program 1 (id=966):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x78b})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)=@x86={0x6b, 0x4, 0x7, 0x0, 0x0, 0x0, 0x4, 0xa, 0xd, 0xa0, 0x8, 0x5, 0x0, 0x2, 0x9, 0x3, 0x3, 0x2e, 0x4, '\x00', 0x1, 0xffffffffffffff7f})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000340)="b9ff03076804268c989e14f088a8", 0x0, 0x40500, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
socket$nl_generic(0x10, 0x3, 0x10)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
ioctl$SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000080)=0x7)

2m52.965901073s ago: executing program 1 (id=976):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='stack\x00')
lseek(r0, 0xd7, 0x0) (fail_nth: 3)

2m52.893764354s ago: executing program 1 (id=977):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x3af4701e) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000008, 0x10, r0, 0x78c34000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mbind(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x4, 0x3) (async)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6(0xa, 0x80000, 0xf) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680)) (async)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x3b, 0x2}, &(0x7f0000000b80)) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) (async)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0) (async)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801) (async)
mmap(&(0x7f000039d000/0x4000)=nil, 0x4000, 0x300000c, 0x2010, 0xffffffffffffffff, 0x49cfb000) (async)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, 0x0, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x1}, &(0x7f0000000300)) (async)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) (async)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) (async)
r4 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3}) (async)
mq_timedsend(r1, 0x0, 0x0, 0xfffffffe, 0x0)
r5 = msgget(0x2, 0xf3478f8dded5609b)
msgsnd(r5, 0x0, 0x8, 0x0)
fadvise64(r3, 0x4, 0x6, 0x3) (async)
mq_timedsend(r4, 0x0, 0x64, 0x10a0000, 0x0) (async)
open_tree(r0, &(0x7f0000000080)='./file0\x00', 0x89901) (async)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x84000, 0x0)

2m52.815824252s ago: executing program 1 (id=978):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
timer_create(0x1, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
timer_getoverrun(r5)
timer_settime(r5, 0x1, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r8, r4, &(0x7f00000000c0)=0x58, 0x5)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8b04, &(0x7f00000000c0)={'wlan1\x00'})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r10 = syz_open_dev$I2C(&(0x7f00000001c0), 0xcda, 0x0)
ioctl$I2C_RETRIES(r10, 0x701, 0x80000001)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c000004004280"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)

2m37.479987142s ago: executing program 32 (id=978):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
timer_create(0x1, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
timer_getoverrun(r5)
timer_settime(r5, 0x1, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r8, r4, &(0x7f00000000c0)=0x58, 0x5)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8b04, &(0x7f00000000c0)={'wlan1\x00'})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r10 = syz_open_dev$I2C(&(0x7f00000001c0), 0xcda, 0x0)
ioctl$I2C_RETRIES(r10, 0x701, 0x80000001)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c000004004280"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)

11.768244009s ago: executing program 4 (id=1906):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x10000000000)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x167)
memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8aB\xef\xbe\xd3\xd2H\x05\x05n\xfas\x85;\xaa\x15\x00\xccf\x05-v\xa3\xa6\xce\xd7Uw\x00\xbc\t\x00\x00\x00\x00\x00\x00\x00a}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bC% \x9e\xdfe\xfe\v\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xc5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa4\xdf2\a\x99', 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000180)={0x48, 0x0, &(0x7f0000000940)=[@register_looper, @reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000001380)='\x00'})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r2, {0x7, 0x1f, 0x1000001, 0x5069f481, 0xfffe, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef10542a2201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42731b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c32768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e179100a0000000000000021e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90a14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9edb6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc83cccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x20, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r3, &(0x7f00000000c0)='!', 0xb7f40, 0x407f0b00}])

8.412290806s ago: executing program 2 (id=1918):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x88}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
syz_io_uring_setup(0x3713, &(0x7f0000000100)={0x0, 0x141a, 0x4000, 0x1, 0x3ad}, 0x0, &(0x7f00000001c0), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x5)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x5)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x400000000000284, 0xf00)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)

8.28167981s ago: executing program 4 (id=1919):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000140)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r1, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0x1000, 0x101c, 0x10, 0x4, 0x8, 0x100, 0xa, 0x0, 0x52, 0x43, 0x7e9, 0x401, 0x9aa5, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000980), 0x0, 0x5, 0x0, 0x0, r3})
r4 = openat$btrfs_control(0xffffff9c, &(0x7f0000000200), 0x103, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000097c0)={0x11, 0x0, <r5=>0x0}, &(0x7f0000009800)=0x14)
sendmsg$nl_route(r4, &(0x7f00000098c0)={&(0x7f0000009780)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000009880)={&(0x7f0000009840)=ANY=[@ANYBLOB="24000000680008002cbd7000fbdbdf25020004001800000008000500", @ANYRES32=r5, @ANYBLOB="04060b00"], 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x40000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="b1db2000000000000000060000000c00018008000300"], 0x20}}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r4, &(0x7f0000009bc0)={&(0x7f0000009900)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x14)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000046000701feffffff790ea77c06e0c949"], 0x14}, 0x1, 0x0, 0x0, 0x48808}, 0xc850)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'multiq3\x00', [0x100, 0xb, 0xcd, 0x7, 0x1, 0x104, 0x0, 0x20000000, 0x1008, 0x100000b, 0xffffffff, 0xb51, 0x200009, 0x403, 0x3, 0x3, 0x0, 0x6, 0xff9, 0xfffffffd, 0x6, 0x3, 0x4, 0x9, 0x4c, 0x10001, 0x8006, 0x6a77, 0x8, 0x2, 0x28a, 0x5]})
r9 = syz_open_procfs(0x0, &(0x7f0000000240)='net/vlan/vlan0\x00')
preadv(r9, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/196, 0xc4}], 0x1, 0xa3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_int(r10, &(0x7f00000002c0)='blkio.throttle.write_bps_device\x00', 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f00000000c0)=ANY=[], 0x6a)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_INFO(r12, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x14}}, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/cgroup\x00')
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000c0000000400000001000084010000000a000000030000000000000000000000000000016e659ca54089b436000000000000000300000000020000000200000000000000006100302e616161610061"], 0x0, 0x64}, 0x28)

8.207312586s ago: executing program 4 (id=1921):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x1)
fsetxattr$security_ima(r0, &(0x7f0000000140), 0xffffffffffffffff, 0x0, 0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x1, 0x3, 0x4, 0x100, 0x6, {}, {0x1, 0xc, 0x9, 0x8, 0x6, 0x8c, "09b6b27e"}, 0x1, 0x1, {&(0x7f0000000200)=[{0x6, 0x2, {0xfffffff9}, 0x1}, {0x2, 0x2, {0x9}, 0x8}]}, 0x4})
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_int(r1, 0x6, 0x11, 0x0, &(0x7f0000000040))
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x6}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x24, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xfff3}, {}, {0x7, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x810}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732"], 0xa8}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000002060108000000000000000005000003050005000a000000050001000700000005000400000000000900020073797a310000000014000300686173683a69702c706f72742c69700014000780080006400000020008000840"], 0x60}, 0x1, 0x0, 0x0, 0x90}, 0x40c0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

7.070629994s ago: executing program 4 (id=1923):
socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@broadcast, @random="6c7621d7cc94", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "fec000", 0x34, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "98a350", 0x0, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2}, @private1, [], "fafb17c1"}}}}}}}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="8b2298140000001000010000000000000000000000000a58000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000211c0011800a0001006d617463680000000c0800024000000002140000001000010000000000000000000000000a0000"], 0x80}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="020000000400f3ff6d6246c801005311000080000080c96c2239efd3af267fad237cc8c0811a5e13515952c028", @ANYRES32=0x0, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f00000009c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x3ff}}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000026c0)={0x0, &(0x7f0000002600)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000600)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[{}], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0], 0x1, 0x5, 0x4})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r3, 0x11b, 0x7, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x8, 0x3, 0x4ec, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x548)
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, 0x0)
close(0xffffffffffffffff)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f00000005c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a11820fffff5bab4e210fff000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000002100001000a0c10000000e6ff224e0000", 0x58}], 0x1)

7.027870446s ago: executing program 2 (id=1924):
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x310)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x100000000000000})

6.461186553s ago: executing program 3 (id=1926):
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='pvfs2\x00', 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x4})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0xffffffffffffffff, 0x2, &(0x7f0000000000))
write$tun(r0, &(0x7f0000000380)=ANY=[], 0xfdef)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r1, 0x0, 0x2)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TLS_RX(r5, 0x11a, 0x2, 0x0, 0x0)
setpgid(r4, r4)
setpgid(0x0, r4)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000180)={0x1, 0x0, [{0x17b}]})
fchdir(r3)
llistxattr(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000400), 0x8002)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r9, 0x403c5404, &(0x7f0000000040)={{0x1, 0x0, 0x400006, 0x3}, 0x0, 0x0, 'id0\x00', 'timer0\x00', 0x0, 0x7})

5.866310619s ago: executing program 4 (id=1927):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockname(r1, 0x0, &(0x7f0000000200))
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0xc048aec8, &(0x7f0000000240)={0x4, 0x0, @ioapic={0xf000, 0x1, 0x7, 0x8001, 0x0, [{0x0, 0x7f, 0xa, '\x00', 0x2f}, {0x5, 0x0, 0xf6, '\x00', 0x2}, {0x75, 0x4, 0x3, '\x00', 0x76}, {0xc, 0x1, 0x4, '\x00', 0x96}, {0x1, 0x4, 0x4, '\x00', 0x77}, {0x4, 0x3, 0x6, '\x00', 0xf}, {0x2, 0x9, 0xe1, '\x00', 0x4}, {0x3, 0x3, 0xff, '\x00', 0x38}, {0x9, 0x6, 0x40, '\x00', 0x2}, {0xf, 0xf, 0xb, '\x00', 0xfb}, {0xff, 0x3, 0xa1, '\x00', 0x52}, {0x4, 0x1, 0x4, '\x00', 0xc0}, {0x1, 0x0, 0x0, '\x00', 0x2}, {0x4, 0x2, 0x7f, '\x00', 0x8}, {0x9f, 0x8, 0x7}, {0x40, 0xb, 0xa, '\x00', 0xb2}, {0x5, 0x80, 0x70, '\x00', 0x9}, {0x6, 0xff, 0x7, '\x00', 0x9}, {0x8, 0x8, 0xa, '\x00', 0x5}, {0x1, 0x9, 0x80, '\x00', 0x4a}, {0x6, 0x4, 0xff, '\x00', 0x6a}, {0x1, 0x7f, 0x8, '\x00', 0x80}, {0x42, 0x56, 0x4, '\x00', 0x6}, {0x7d, 0x5, 0x4, '\x00', 0x58}]}})
syz_open_dev$evdev(0x0, 0x66, 0x20900)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x759, 0x7, 0x7d, 0x7, 0x8000, 0x4, 0x2}, 0x0, &(0x7f0000000080)={0x3fc, 0x6, 0xffffffffffffffff, 0x2000000000000003, 0x6, 0xf, 0x80000006}, 0x0, 0x0)

5.664853955s ago: executing program 3 (id=1928):
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x310)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000010000000f00000008000300", @ANYRES32=r5, @ANYBLOB="0500330001000000080034"], 0x2c}}, 0x200048c0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r8, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000000000800010015000800050025000000000008000400000000000c002e"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r4, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xfa66}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r8}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x44)

2.96110178s ago: executing program 4 (id=1931):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f00000014c0)={0xc, {"a2e3ad2109c752f91b5a470987f70e06d038e7ff7fc6e5539b3245078b089b3208336d060890e0878f0e1ac6e70a9b3368959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b38070d095d0936cd3b78130daa61f8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90d56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002495104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b790bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3f51edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa452eff104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee6100040000378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6cb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000f2ffffff3811fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb960900000000000000f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3060c2cb10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100e55119d7cd2d74e7367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599af0f565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eafdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r4 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000e40)=ANY=[], 0x20}}, 0x1)
r5 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newsa={0x184, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x3c}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {}, {0x0, 0x0, 0x8000000, 0x200}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0xa, 0x0, 0x0, 0x6d}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x18}}]}, 0x184}}, 0x800)
ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000080)={0xf0f014, 0x1})
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000540)=""/152, 0x98, 0x1, 0x0}, &(0x7f0000000180)=0x40)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
r7 = openat$mice(0xffffff9c, &(0x7f0000000540), 0x100)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r8 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_ep_write(r8, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
syz_usb_control_io(r8, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000340)={0x40, 0x6, 0x1, '\v'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r9, &(0x7f0000000480)=""/74, 0x49)
pipe(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000005fc0)={0x6, 0x12, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0xe9}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@call={0x85, 0x0, 0x0, 0x5a}, @map_val={0x18, 0x2, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000640)='syzkaller\x00', 0xd78e, 0x0, 0x0, 0x41100, 0x15, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x5, 0x10, 0x2, 0x5}, 0x10, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000840)=[{0x5, 0x5, 0x8, 0x4}, {0x0, 0x5, 0x6, 0xa}, {0x0, 0x2, 0x2, 0x7}, {0x2, 0x4, 0x10}, {0x1, 0x5, 0xd, 0x7}], 0x10, 0x80000001}, 0x94)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$OCFS2_IOC_INFO(r2, 0x80106f05, &(0x7f0000005f80)={&(0x7f0000005dc0)=[&(0x7f0000000080)=@label={{0x4f32494e, 0x4, 0x10, 0x40000001}}, &(0x7f0000000100)=@blocksize={{0x4f32494e, 0x2, 0x10, 0xc0000000}}, &(0x7f0000000140)=@uuid={{0x4f32494e, 0x5, 0x10, 0x40000000}}, &(0x7f0000000180)=@maxslots={{0x4f32494e, 0x3, 0x10, 0xa0000001}}, &(0x7f00000001c0)=@uuid={{0x4f32494e, 0x5, 0x10, 0x80000000}}, &(0x7f0000000280)=@freefrag={{0x4f32494e, 0x9, 0x10, 0x1}}, &(0x7f0000000480)=@maxslots={{0x4f32494e, 0x3, 0x10, 0x40000000}}, &(0x7f0000000a80)=@freeinode={{0x4f32494e, 0x8, 0x10, 0x40000000}, [{0x9, 0x1}, {0x800, 0x10001}, {0x8, 0xfffffffffffffffd}, {0xab, 0xffffffffffffffff}, {0x8, 0x80000000}, {0x2, 0xfffffffffffbfeff}, {0x8, 0x9}, {0x7, 0x9}, {0xfffffffffffffffe, 0x4}, {0x9bf7, 0x100}, {0x9f, 0x7}, {0x4, 0x1}, {0x80000000, 0xfffffffffffffffe}, {0x4fc, 0x7}, {0x101, 0x1}, {0x5, 0x6}, {0x101, 0x100000001}, {0x100000000, 0x1507}, {0x8, 0x7fff}, {0x8, 0x5}, {0xffffffff, 0x4}, {0x0, 0x4}, {0x7fff, 0xfffffffffffffff8}, {0x5, 0x19}, {0x3, 0x8}, {0x5, 0x9}, {0x9, 0xffff0000000000}, {0xa0, 0xfffffffffffffff9}, {0x823, 0x3}, {0x8, 0x4}, {0x1, 0x400}, {0x43}, {0x4d7, 0x800}, {0xeeb2, 0x1}, {0x2, 0xffffffffffffffff}, {0xdc, 0x8000}, {0xfb, 0x2}, {0x4, 0x5}, {0x3, 0x7fff}, {0x9, 0x9b}, {0xa9c0, 0x1}, {0xfffffffffffff800, 0x81}, {0xff, 0x9}, {0x0, 0x20000000003}, {0x800, 0x2}, {0xe, 0x8000000000000000}, {0x2, 0x5}, {0x9, 0x9}, {0x7fff, 0x8}, {0xe655, 0x81}, {0x8000000000000001, 0xffffffffffffffff}, {0x8000, 0x1}, {0xfffffffffffffc00, 0x852d}, {0x0, 0x1}, {0x5, 0x8}, {0x5, 0xfffffffffffffff7}, {0x100000001, 0xffffffffffffffff}, {0xffffffffffffff80, 0xee3}, {0x0, 0xfffffffffffffc00}, {0x5, 0x100000000}, {0x3, 0x5}, {0x1, 0x1}, {0x4, 0xa}, {0x5, 0x2}, {0x2, 0x3a}, {0x2, 0x6}, {0x4cc, 0x8}, {0x5, 0x6}, {0x1, 0x4}, {0x3, 0xc}, {0x800, 0x3}, {0xbf, 0x6}, {0xffffffffffffffff, 0x8}, {}, {0xed6c, 0x9}, {0xc39, 0x9}, {0x9f2, 0x7}, {0x171e3d46}, {0x4, 0x80}, {0x6, 0x4}, {0xb, 0x9}, {0x1, 0x3}, {0x7fffffffffffffff}, {0x1ff, 0x7e6}, {0x6, 0xfffffffffffffff8}, {0xd}, {0x2, 0xfff}, {0xd35, 0x3}, {0x7, 0x4ef9}, {0x2}, {0x3, 0x8}, {0x3, 0x9e6}, {0x7, 0x2e}, {0x10000, 0x6}, {0x4, 0x9}, {0x6, 0x8}, {0x400, 0x9}, {0xffffffffffffffff, 0xf}, {0x9, 0x7}, {0x100000001, 0x7}, {0x9, 0x4}, {0x40, 0x8}, {0x3, 0x6}, {0x7fffffff, 0x40000000000}, {0x4, 0x5}, {0x8000000000000001, 0x100000000}, {0x9, 0x8}, {0x6, 0x51}, {0x6, 0x55}, {0x8, 0x6}, {0xa0, 0x9}, {0x1, 0x7fff}, {0x5, 0x27d}, {0x9, 0x9}, {0x1, 0x6f0}, {0x8}, {0x9, 0xac}, {0x19, 0xc98}, {0xffff, 0x10000}, {0x3, 0xb8a}, {0x6, 0x9e9}, {0x6ef9, 0x1}, {0x7fff, 0x6}, {0x7, 0x8}, {0xc, 0x3}, {0x0, 0x2}, {0x8, 0x7}, {0x5, 0xffffffff}, {0x62fd, 0x4}, {0x1000, 0xffff}, {0x7f, 0xfffffffffffffffc}, {0x80000000, 0x1}, {0x6962, 0x8}, {0x8fca, 0x8000000000000001}, {0x2, 0x10ae}, {0xfff, 0x800}, {0x8, 0x100}, {0x0, 0xa}, {0xa, 0x3}, {0x3ff, 0x4}, {0x1, 0x5}, {0x5, 0xa917}, {0x7, 0xfc0}, {0x401, 0xa7c}, {0x8001, 0xffffffffffffffff}, {0x4, 0x101}, {0x2c, 0x58538634}, {0x3a9, 0x7}, {0x101, 0x6b}, {0x5, 0x3}, {0x5, 0x8}, {0x8}, {0x7, 0x5}, {0x6, 0x9d89}, {0xb42, 0xc0}, {0x7, 0x7}, {0x4, 0x8}, {0x7, 0x7}, {0x400, 0x81}, {0x9, 0x8}, {0x0, 0x7}, {0x7, 0x2e88}, {0xc5c, 0x1d}, {0x794b, 0x5547}, {0x5, 0xffffffffffff24c4}, {0xc000000000000000, 0xcb4}, {0x6, 0x3}, {0x64ce098d, 0xf}, {0x6, 0xff}, {0x3000000000, 0x311d2d210000000}, {0x6, 0xf}, {0x4, 0x9}, {0x4, 0x2}, {0x3, 0x5d}, {0x4, 0x7}, {0x3, 0x81}, {0x0, 0x2}, {0x3, 0xe8d7}, {0x5, 0x2}, {0xd7c, 0xa}, {0x680, 0x5bc4}, {0x6, 0x7}, {0x0, 0xfffffffffffffffd}, {0x400, 0x5}, {0x4, 0x228}, {0x8, 0x2}, {0x2, 0x7fffffff}, {0x9, 0x81}, {0x101}, {0x1ff, 0x5}, {0x7fff, 0x6}, {0x9, 0xfffffffffffffff8}, {0x2, 0x10001}, {0x7, 0x800}, {0xd, 0x7}, {0x3d1f, 0x38c}, {0x1fffffffe000, 0x2}, {0x80, 0x6}, {0xffffffffffffab78, 0x3}, {0x31, 0x9}, {0x7e, 0xfffffffffffffffb}, {0xb, 0x6f}, {0x4, 0x14e9}, {0x4, 0x7}, {0x4, 0xf8f}, {0x33d4, 0x10001}, {0x800, 0x5466}, {0x5, 0x80000001}, {0xfffffffffffffffd, 0x173b04b9}, {0x7f, 0x2}, {0x8, 0x8}, {0x9, 0x7fffffff}, {0x7e, 0x7}, {0x4, 0x7}, {0x570, 0x2a}, {0x6, 0xd}, {0x6, 0x9}, {0x1, 0xebc}, {0x1ff, 0x3}, {0x1}, {0x400, 0x9}, {0x5, 0x6}, {0x9084, 0x8}, {0x8000, 0x2}, {0x1, 0x8000}, {0x81, 0xa3}, {0x5, 0x8}, {0x6, 0x10}, {0x7, 0xff}, {0x2, 0x4f}, {0x65d0f4c8, 0x1}, {0x5, 0x8001}, {0x10000, 0x5}, {0x8, 0x10001}, {0x7, 0x7}, {0xfffffffffffffffe, 0xffffffffffff8aaf}, {0x7fffffff, 0x4}, {0x35f4, 0x8}, {0x9, 0x8}, {0x3, 0xe}, {0x6, 0x4}, {0x3, 0x7}, {0xffffffffffffffb1, 0xffffffffffffff00}, {0x4, 0x8}, {0x8, 0xf}, {0x2, 0x80000000000}, {0x4, 0x9}, {0x100, 0x6}, {0x80000000, 0x2}, {0x8, 0xbe}, {0x8000, 0x1}, {0x8, 0x1655dd0}, {0xf1f, 0x3}, {0x9, 0x9}, {0x6d22, 0x1}]}, 0x0, &(0x7f0000001b00)=@blocksize={{0x4f32494e, 0x2, 0x10}}, &(0x7f0000001b40)=@freeinode={{0x4f32494e, 0x8, 0x10, 0x80000001}, [{0xff, 0x6}, {0xff, 0xffff}, {0x8df3, 0x5d98}, {0x8, 0x1}, {0x2277, 0xfffffffffffffff9}, {0x9, 0x99}, {0x4, 0x2}, {0xffffffffffffffff, 0x7}, {0xffffffffffffff1e, 0x4}, {0x6, 0x8}, {0xffffffffffffffff, 0x81}, {0x1, 0x8001}, {0x8, 0x8}, {0xfffffffffffffffb, 0x9}, {0x189, 0xfffffffffffffffb}, {0x9, 0x3ff}, {0x8000000000000000, 0x4}, {0x1, 0x6}, {0x3}, {0x9, 0x6a6b}, {0x7fffffffffffffff, 0x5}, {0x0, 0x5}, {0xe, 0x4}, {0x9, 0xf}, {0x7, 0x800}, {0x1ff, 0xffffffffffff11a6}, {0x8}, {0xc, 0x6}, {0x80000001, 0x2}, {0x8, 0x9c5}, {0x1f, 0xfffffffffffff422}, {0x6, 0x8}, {0x1f, 0xe12c}, {0x4, 0x8}, {0xb, 0xfffffffffffffff2}, {0x0, 0x9}, {0xc5, 0x8}, {0x2, 0x7f87}, {0x4, 0x7}, {0x7}, {0x8, 0x29e}, {0x7, 0x9}, {0x6cbb, 0x3}, {0xfa, 0x7}, {0x5, 0x10001}, {0xfffffffffffffff8, 0x7}, {0x8000000000000000, 0x3}, {0xffffffffffffff97, 0x100}, {0x63dc, 0x4e8e}, {0x7, 0x8}, {0x81, 0xf}, {0xe79f, 0x223e1302}, {0xfffffffffffffff7, 0x8}, {0xd2a, 0x80000000002}, {0x2, 0x3da5}, {0x7, 0x7}, {0x0, 0xe}, {0x8, 0x8000000000000001}, {0x3, 0xd}, {0x6, 0x40}, {0x4, 0x142}, {0x1d3, 0xfffffffffffffff7}, {0x0, 0x2}, {0x5, 0x9}, {0x6, 0xfffffffffffffffd}, {0xffffffffffff7638, 0x4f}, {0xffffffff, 0x5}, {0xe00000000, 0x2}, {0x9, 0x1}, {0x7, 0x4}, {0x976, 0x7}, {0x7f, 0x63}, {0x4, 0x1000}, {0x8, 0x7f}, {0x19c, 0x2}, {0x18, 0x6}, {0x19}, {0x7, 0x80000000}, {0x8}, {0xffffffffffff0ed7, 0x9}, {0x8, 0x8000000000000000}, {0x4, 0x8}, {0x1, 0x40}, {0x800, 0x7}, {0x0, 0x4}, {0x4, 0x3}, {0x7, 0x3}, {0x2, 0x1}, {0xe86a, 0xffff}, {0x7, 0x4b66}, {0x4, 0x4}, {0x2, 0x5}, {0xad, 0x785}, {0x7, 0x2}, {0x3, 0x9}, {0x1, 0x47}, {0xc, 0x100000001}, {0xf000000000000, 0x1}, {0x5, 0xffffffff}, {0x2de9, 0x23}, {0x2, 0xb01}, {0x8000, 0x80000000}, {0x3, 0x9}, {0x5, 0x8000000000000000}, {0x3}, {0x5, 0xfffffffffffff8d8}, {0xc, 0x6}, {0x0, 0x2}, {0x9, 0xa4}, {0xd, 0xc5}, {0x5, 0x1}, {0x4, 0x9}, {0x91, 0xc}, {0x0, 0x6b4}, {0x9, 0x3}, {0x140000000000000, 0x8}, {0x40}, {0x2, 0x6}, {0x5, 0x4}, {0xf, 0x5}, {0x5, 0x8}, {0x7, 0x6}, {0x1, 0x9}, {0x6, 0x101}, {0x4, 0x7}, {0x9, 0x80000001}, {0x6, 0x1}, {0x3, 0x9645}, {0x3, 0x100000000}, {0x5, 0xfffffffffffffffc}, {0x0, 0xe}, {0x4, 0x7}, {0x40, 0x10000}, {0xa, 0x80c5}, {0x2, 0x5}, {0x7ff, 0xe26}, {0x896, 0x2}, {0x800000000000000, 0x7fffffff}, {0x8000000000000001, 0x5a46}, {0x4, 0x64c8}, {0x45, 0x3}, {0x10, 0x1}, {0x3, 0x1}, {0x14, 0x4}, {0x2, 0x4}, {0x5, 0x336b}, {0x7, 0x6}, {0x1, 0x2}, {0x3fbc, 0x60}, {0x7, 0x7}, {0x1, 0x6}, {0x7, 0xa1a5}, {0x4, 0xa}, {0x2, 0x13a}, {0x7, 0x6a}, {0x2, 0xa}, {0x9, 0x80000000}, {0xffffffffffff2d7c, 0x5c}, {0x2, 0x1}, {0x6, 0x3}, {0x400, 0xfc}, {0xfff, 0x6}, {0x7, 0xa}, {0x9, 0x7}, {0x56, 0x8515}, {0x7, 0x5}, {0xf, 0x401}, {0x1, 0x7}, {0x2, 0x6}, {0x2, 0x4}, {0x1, 0x7000000000}, {0xa72b, 0x100000000}, {0xd24b, 0x1}, {0x97, 0x7fffffff}, {0x6, 0xe72c}, {0x1, 0x4}, {0x2, 0x5}, {0x80000001, 0x91}, {0x200, 0x7}, {0x2}, {0xffffffffffff5ab9}, {0x6}, {0x6, 0x3}, {0x3, 0x3}, {0x7}, {0x7, 0x6}, {0x2, 0x6}, {0xffffffffffffffff, 0xb506}, {0x3000000000000000, 0x2}, {0x3, 0x9}, {0xa, 0x1}, {0x7fffffff, 0xfc00000000000000}, {0x1, 0x5}, {0xffffffffffff0001, 0x8da}, {0x7fffffff, 0x5}, {0x7fa, 0xad}, {0x4, 0x80000000}, {0x4, 0x8f7}, {0x6, 0x3}, {0x2ea, 0x3}, {0x91, 0x6}, {0x2, 0x5}, {0xfffffffffffffffe, 0x7d}, {0xff, 0x3}, {0x7, 0xd5f}, {0x7f}, {0x9, 0x6}, {0x4, 0x7}, {0x8, 0x63b5063b}, {0x7fff, 0x6}, {0x100, 0x3ff}, {0x800, 0x8}, {0x4, 0x8}, {0x10001, 0x5}, {0xe7a, 0x1}, {0xc618, 0x4}, {0x4, 0x9}, {0x0, 0xad2d}, {0x2, 0x80}, {0xc, 0x2}, {0x80000001, 0x3}, {0xc9e, 0x57}, {0x2, 0xffffffffffffff00}, {0x5, 0x8}, {0x3}, {0x40, 0x1}, {0x1ce, 0x2}, {0x1ff}, {0x51c7b01f, 0x4}, {0x3, 0x7a20}, {0x8, 0x3130cb6a}, {0x5da0, 0xfffffffffffff4f3}, {0x6, 0xb2a1}, {0x5, 0xf129}, {0x4, 0x61}, {0x7, 0x3d7f}, {0x0, 0x5}, {0x0, 0x18}, {0x74, 0x8000000000000000}, {0x7fff, 0x100}, {0x7, 0x398}, {0x7, 0x2}, {}, {0x7fffffffffffffff, 0x4}, {0x8, 0x1}, {0xffffffffffffff7f, 0x6682}, {0x5, 0x8}, {0x5ae8, 0xb5}, {0x12f, 0x7f}, {0x100000000, 0x9}, {0x144, 0x7fffffff}, {0xa0, 0x800}, {0x1, 0xfffffffffffffc01}, {0x2, 0x33}, {0x7, 0x1}]}, &(0x7f0000002b80)=@blocksize={{0x4f32494e, 0x2, 0x10, 0xc0000001}}, &(0x7f0000002bc0)=@features={{0x4f32494e, 0x6, 0x10, 0x80000000}}, &(0x7f0000002c00)=@freeinode={{0x4f32494e, 0x8, 0x10, 0xc0000000}, [{0x400, 0x3}, {0x9, 0x7}, {0xb, 0xd415}, {0x7f, 0x1}, {0x1, 0xc9}, {0x4, 0x7fffffff}, {0x4, 0x10000}, {0x8, 0x6}, {0xca3, 0x6}, {0x7, 0x6}, {0x1ff, 0x10}, {0x592f, 0x8000000000000000}, {0x5, 0x7}, {0x5, 0x7}, {0x3, 0x2}, {0x8, 0xf}, {0x0, 0x1}, {0x4, 0x3}, {0x9, 0x16}, {0x9, 0xc1c8}, {0x2, 0x8}, {0x7ff, 0xfffffffeffffffff}, {0x9, 0x80000000}, {0x7627a8c7, 0x6d71}, {0x6, 0x7fffffffffffffff}, {}, {0x9, 0x7}, {0x7, 0x1}, {0x1, 0x7}, {0x7, 0x3}, {0x7, 0x9}, {0x4, 0xbca}, {0x7, 0x3}, {0xfff, 0x78}, {0x4, 0x8001}, {0xfffffffffffffff8, 0xe0000000000000}, {0x0, 0x74ed}, {0x80000001, 0x338}, {0x8, 0xfffffffffffffff3}, {0x7ff, 0x9}, {0x4, 0x1ff}, {0x0, 0x4}, {0x80, 0x7ff}, {0x4, 0xcf41}, {0x1, 0x6}, {0x7, 0x10000}, {0x7, 0xf716}, {0xfffffffffffffffa, 0x8}, {0x3, 0x5}, {0x643, 0x3}, {0xff, 0x7}, {0xe5, 0x7}, {0x0, 0x1000}, {0x6, 0x2}, {0x7f, 0x3eb242fe}, {0x6218, 0xcda2}, {0x7a849a81, 0x1}, {0x0, 0x9}, {0x9, 0xb9}, {0x2}, {0x3, 0xb70}, {0x6, 0x10000}, {0x5, 0x6}, {0x400, 0x4}, {0x5, 0x8}, {0xe, 0xa}, {0x5, 0x9}, {0x11d4eea9, 0x5}, {0x3ff, 0x2}, {0x2, 0x100000000}, {0x1, 0xd}, {0x1, 0x4}, {0x5, 0x2}, {0x8, 0x5}, {0x8, 0x6}, {0x1e, 0xc}, {0x100000001, 0x9}, {0x8, 0x8}, {0x0, 0x9}, {0x200}, {0x5, 0x91}, {0x8d80, 0x7aa6}, {0x9, 0x800}, {0x2, 0x4}, {0x1, 0xa}, {0x0, 0x8}, {0xba76, 0x2}, {0x1, 0x4}, {0x3, 0x1c}, {0x1, 0x3}, {0xe, 0x4}, {0x7, 0x3}, {0x100000001, 0x8000000000000000}, {0x7, 0x105}, {0x8001, 0x2}, {0x14c800, 0x1}, {0x9, 0x80000001}, {0x2, 0x5}, {0xb, 0x7fffffff}, {0x3, 0xd}, {0x2}, {0x1, 0xffffffffffffffff}, {0x81, 0x9c}, {0x5, 0x8}, {0x5, 0x6}, {0xe7e, 0x9c}, {0x4, 0x7}, {0x8, 0x2}, {0xfffffffffffffffd, 0x7}, {0x0, 0x5}, {0x1, 0x8000}, {0x43, 0x9}, {0x6, 0x7fffffffffffffff}, {0x9, 0xffff}, {}, {0xffffffff7fffffff, 0x2}, {0x9, 0x8001}, {0x4, 0x1}, {0x8, 0x5}, {0xc, 0x8}, {0x1, 0x4}, {0x5, 0x1}, {0xf, 0xbb8}, {0x6, 0x9}, {0x97b, 0x8}, {0xf, 0x7}, {0x8, 0x6}, {0xc00000, 0x8}, {0x42, 0x4}, {0xffffffffec01b36d, 0xfffffffffffffff7}, {0x8000000000000001, 0x7}, {0x49, 0x5b}, {0xf, 0x6}, {0x7ff, 0xd}, {0xfff, 0x100}, {0x401, 0x7}, {0x10001}, {0x0, 0x1}, {0x5366, 0x1}, {0x1, 0xb4}, {0x6, 0x4}, {0x9460c60, 0x9}, {0x7, 0x6857}, {0x9, 0x2}, {0x8000000000000001, 0x7}, {0x6, 0xff}, {0x8, 0x3}, {0xffffffffffffffff, 0x5}, {0x3ff, 0xb}, {0xffffffffffffff01, 0x3}, {0x7, 0x1}, {0x400, 0x40}, {0x80000001, 0x8001}, {0x55b, 0x8}, {0xfffffffffffff001}, {0x1, 0x4}, {0x101, 0x7f}, {0x5213, 0xff}, {0x6d, 0x2}, {0xffffffffffff46c1}, {0x7, 0x7}, {0x9, 0x800}, {0x9, 0x400}, {0x400}, {0x2, 0xe731}, {0x5, 0x7fff}, {0x10001, 0x1}, {0x4, 0x1}, {0x9, 0x1000}, {0xaa, 0x66}, {0x6, 0xff}, {0x6, 0xfff}, {0xffffffff917e4744, 0xe}, {0x9, 0x10}, {0x8ef, 0x7}, {0x1, 0x9}, {0x1ff, 0x81}, {0x4, 0x77b234f4}, {0x6da, 0x3}, {0x5, 0x7}, {0x8}, {0x6, 0x79}, {0x4, 0x2}, {0x5, 0x5}, {0x9}, {0x5, 0x6ef9}, {0xf9, 0x7}, {0xd, 0x3}, {0x3, 0x6}, {0xffffffffffffff81, 0x2641}, {0xffff, 0x1}, {0x3, 0x7f}, {0x7fffffff, 0x2}, {0x7ff, 0x3}, {0x3, 0xfe}, {0x6, 0x5ac}, {0x1, 0x1}, {0x5, 0x895c}, {0x7fffffffffffffff, 0x100000000}, {0x8, 0x400}, {0x287, 0x3}, {0xfffffffffffffffc, 0x7}, {0x7eb1, 0x10}, {0x2, 0xf}, {0x3, 0x1}, {0x7, 0x4}, {0x1, 0x8}, {0x3ff, 0x7fffffffffffffff}, {0xfff, 0x5}, {0xc130, 0x6}, {0x6, 0x8}, {0x1, 0x9}, {0x9, 0x5}, {0x100000000, 0x9}, {0x5, 0x5}, {0x80000000, 0x1}, {0x7f, 0x8}, {0x6a}, {0xf2c, 0x8}, {0x5, 0x10d8}, {0x3, 0xe5}, {0x3, 0x1}, {0xfffffffffffffff7, 0x8}, {0x10001, 0x9}, {0xffffffffffffff86, 0x101}, {0x6, 0xfffffffffffff469}, {0xffffffffffffffc0, 0x7}, {0x1, 0x7}, {0x9, 0x7ff}, {0x7fffffffffffffff, 0x3}, {0x58bd, 0x7f}, {0xe3, 0xf7f}, {0x1, 0x3}, {0x7f, 0x8}, {0x100000001, 0x800}, {0x6}, {0x592, 0x94}, {0x92, 0x1}, {0x6, 0xffffffffffffffff}, {0xa, 0x8}, {0x4, 0x3}, {0x4, 0xa2}, {0x6, 0x4}, {0x0, 0x100000001}, {0x1, 0x2}, {0x5, 0x1}, {0x2}, {0x401}, {0x4, 0x8}, {0x9, 0x5}, {0x8, 0x7fffffffffffffff}, {0xb, 0x8}, {0xffffffffffffffca, 0x10001}, {0x1000, 0x42a}, {0xffff, 0x100000000}]}, &(0x7f0000003c40)=@blocksize={{0x4f32494e, 0x2, 0x10, 0x40000000}}, &(0x7f0000003c80)=@journal={{0x4f32494e, 0x7, 0x10, 0x40000000}}, &(0x7f0000003cc0)=@freefrag={{0x4f32494e, 0x9, 0x10, 0xc0000001}, {}, 0x57}, &(0x7f0000003e00)=@label={{0x4f32494e, 0x4, 0x10, 0x40000000}}, &(0x7f0000003e80)=@label={{0x4f32494e, 0x4, 0x10, 0x1}}, &(0x7f0000003f00)=@uuid={{0x4f32494e, 0x5, 0x10, 0xe0000001}}, &(0x7f0000003f40)=@maxslots={{0x4f32494e, 0x3, 0x10, 0x963d37ca6035b0e0}}, &(0x7f0000003f80)=@journal={{0x4f32494e, 0x7, 0x10}}, &(0x7f0000003fc0)=@maxslots={{0x4f32494e, 0x3, 0x10, 0xc0000002}}, &(0x7f0000004000)=@label={{0x4f32494e, 0x4, 0x10, 0x585c49cce1e0e575}}, &(0x7f0000004080)=@clustersize={{0x4f32494e, 0x1, 0x10, 0x80000000}}, &(0x7f00000040c0)=@clustersize={{0x4f32494e, 0x1, 0x10, 0x80000000}}, &(0x7f0000004100)=@label={{0x4f32494e, 0x4, 0x10, 0x1}}, 0x0, &(0x7f00000041c0)=@freefrag={{0x4f32494e, 0x9, 0x10, 0x40000001}, {}, 0x6}, 0x0, &(0x7f0000004440)=@label={{0x4f32494e, 0x4, 0x10, 0xc0000001}}, 0x0, &(0x7f0000005500)=@freefrag={{0x4f32494e, 0x9, 0x10, 0x1}, {}, 0x26c}, 0x0, 0x0, 0x0, &(0x7f0000005800)=@blocksize={{0x4f32494e, 0x2, 0x10, 0x80000001}}, &(0x7f0000005840)=@clustersize={{0x4f32494e, 0x1, 0x10}}, &(0x7f0000005880)=@clustersize={{0x4f32494e, 0x1, 0x10, 0x1}}, &(0x7f00000058c0)=@features={{0x4f32494e, 0x6, 0x10, 0x80000000}}, 0x0, &(0x7f0000005a40)=@journal={{0x4f32494e, 0x7, 0x10, 0x40000001}}, &(0x7f0000005a80)=@maxslots={{0x4f32494e, 0x3, 0x10, 0xc0000001}}, &(0x7f0000005ac0)=@blocksize={{0x4f32494e, 0x2, 0x10}}, &(0x7f0000005b00)=@blocksize={{0x4f32494e, 0x2, 0x10, 0x1}}, &(0x7f0000005b40)=@freefrag={{0x4f32494e, 0x9, 0x10, 0x40000000}, {}, 0x80000000}, &(0x7f0000005c80)=@label={{0x4f32494e, 0x4, 0x10, 0x40000000}}, &(0x7f0000005d00)=@journal={{0x4f32494e, 0x7, 0x10, 0x80000000}}, &(0x7f0000005d40)=@journal={{0x4f32494e, 0x7, 0x10, 0x40000000}}, 0x0], 0x32})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0)
r11 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r11, 0x6, 0x1, &(0x7f00000001c0)=0x8, 0x4)

2.820494031s ago: executing program 2 (id=1932):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001400030500008000ffdbdf2502075bff", @ANYRES32=r4, @ANYBLOB="080002007f00000108000400ac1e00"], 0x3c}, 0x1, 0x0, 0x0, 0xc090}, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
r9 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r9, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r9, 0x7a0, &(0x7f0000000000)={@local, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r9, 0x7a8, 0x0)
r10 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r10, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r10, 0x7a0, &(0x7f0000000400)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r10, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}]]}, 0x3c}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x4, [{0x2, 0x1}, {0xb, 0x1}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x32)
getsockname(r5, 0x0, &(0x7f0000000240))
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}})
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000070961c40e90f55dbfb690102c9030902120001000000000904"], 0x0)
r11 = syz_open_dev$I2C(&(0x7f0000000040), 0x2, 0x20002)
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x451, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x2, 0x40, 0x6, "", [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x7, 0x1, 0x2, 0x3, "", {{{0x9, 0x5, 0x1, 0x2, 0x420, 0x1b, 0x7, 0x8}}, [{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x6, 0x4, 0x2}}]}}}]}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x300, 0x1, 0xb, 0x5, 0xff, 0x5}, 0x3b, &(0x7f00000001c0)={0x5, 0xf, 0x3b, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0xff, 0x34, 0x8000}, @ss_container_id={0x14, 0x10, 0x4, 0xb, "d3e88df92c84501e69af9bc2ae9b1258"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x5, 0x7, 0x800}, @wireless={0xb, 0x10, 0x1, 0x8, 0x4, 0x8, 0xe, 0xb627, 0xbe}, @ptm_cap={0x3}]}, 0x1, [{0xeb, &(0x7f0000000240)=@string={0xeb, 0x3, "bafca07debed69b150072263f80e28448bb77984b79cf169c0e82498f9ffd4370d5bbdf0555f4652ad5341c20b4f4ce1610b603ad6023921380766607dacbf0afc4845f5d5d0cfdd04e72d5a82c5e31f72d8e7a79e94590de84947a5fed8f08ab83e8a3ee7f4e3d600ee1bb646342d3d106368b609557cbc4f697c08f1c24daa3d8297295abb829a2598dda9f125cf1668d690116fb9de209dc7e40092f3123554501517860a429455443837df7156fe46667d9a79e71815bfb5e49674db3a54476ca6333bcb7d3d3bb4339f919f43e166718ea8aa9451256ade4e507a41e09f3cd006a3f4c5719598"}}]})
pread64(r11, 0x0, 0x3b, 0x101)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbmod={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x4}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0x2, 0xffff0000, 0x2, 0x10000, 0xe}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x4000810)
ioctl$EVIOCGKEYCODE(0xffffffffffffffff, 0x80084504, &(0x7f0000000380)=""/6)

2.222286744s ago: executing program 3 (id=1934):
openat$kvm(0xffffffffffffff9c, 0x0, 0x2400, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
getgid()
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@getstats={0x1c, 0x5e, 0x8, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4004811)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='cdg', 0x3)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=r3, @ANYBLOB="08001a00", @ANYRES32=0x0, @ANYBLOB="08001b", @ANYRES32=0x0, @ANYBLOB='\f'], 0x18c0}, 0x1, 0x0, 0x0, 0x880}, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)

2.221643119s ago: executing program 0 (id=1935):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800110001000000", 0x24)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f0000000080)={0x8, 0x1, 0xfff, 0x84, 0x5, 0xfe, 0x95, "e758cae9ffed00000000b24000", "39e80000000000000000e30300"})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x19)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
sendmmsg(r2, &(0x7f0000005640)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000043c0)=[{0x208, 0x1, 0x1, "9971e2676adb6ede1e0b299676522627b5f5ab2d995ffbe13d225370a8070d619b65fe5b9571c6bb5d4b41de8005d238f4ac3244d342bde87dee24095104818d6dd2a2c502bb6a0f0a60a8f2d1727c47b1d6206b457e576dc2bf5fbcbad62180fdae56944a956240729b75eb7bcdaf920adac4324865e83ff5033a91de0152190520c36adefc6f7ecd2f9cf67b1b0f96220d312f30425d71fddf0817c3a6252e39287fee4ff45f9efdd0d961e7c6408e06150c09380117bd836d92579de0bc14762ee1c11786a1ac468a011d219c026ad67b8b3120b09462331acbf15033a19387ea95875b6867c9700ae202de90fae72639320d2141d1862efa77c0d8698ca93d8378aebcbf26d58a3396dba5ea7f0191a79e1ab23ae1db81d8740b81d608029ba7a3615769ac45b743c17bb87dca4ddaae09080b9fccee27d2071076b784dab1a4c27b61967f2591fc2502061513cfc40dad56778aee87dc841a75d2d434f6bdbf9c6a4e632f1eda32b50f0713fc3b60a89e16ebe988fdd1ffdaccb47e5561e815913e133f42ca1c78af963dbc58133c04206d08103eff2e215735577823e6fee6498332a1ccf22dd53a5d89d1f50f54093ca491478ccb70e476af563315bed868a983b243e8ac34d38f26381b112522948ea97dde78bd4068bcf7b7bd77ac97dcfdb061567ab285910bfc3c2f301ccfe478a4aaa2db043504d0"}], 0x208}}], 0x2, 0x40840)
socket$packet(0x11, 0x3, 0x300)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef91", 0x12)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@bridge_delvlan={0x30, 0x71, 0x8, 0x5070bd28, 0x7f, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0xc1, 0x1}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x2, 0x1}}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000001}, 0x4040010)
write$binfmt_script(r3, &(0x7f00000000c0), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r3, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1.928427115s ago: executing program 0 (id=1936):
socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@broadcast, @random="6c7621d7cc94", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "fec000", 0x34, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "98a350", 0x0, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2}, @private1, [], "fafb17c1"}}}}}}}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="8b2298140000001000010000000000000000000000000a58000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000211c0011800a0001006d617463680000000c0800024000000002140000001000010000000000000000000000000a00"], 0x80}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="020000000400f3ff6d6246c801005311000080000080c96c2239efd3af267fad237cc8c0811a5e13515952c028", @ANYRES32=0x0, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f00000009c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x3ff}}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000026c0)={0x0, &(0x7f0000002600)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000600)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[{}], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0], 0x1, 0x5, 0x4})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r3, 0x11b, 0x7, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x8, 0x3, 0x4ec, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x548)
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, 0x0)
close(0xffffffffffffffff)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f00000005c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a11820fffff5bab4e210fff000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000002100001000a0c10000000e6ff224e0000", 0x58}], 0x1)

1.448884103s ago: executing program 3 (id=1937):
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
kcmp(r0, r0, 0x0, r2, r1)
r3 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000380)={<r5=>0x0, @in6={{0xa, 0x4e22, 0x9, @mcast1, 0xfffffffd}}, 0x8008, 0x3, 0x7, 0x0, 0x8}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f0000000100)={r5, 0x21, "bc7ba197e447b540aa93c2b7d97a705a7e2f4b5c17563ca0cefee592167bc8901f"}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f0000000080)=0x7)
read$msr(r6, 0x0, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r7, 0x1, 0x9, &(0x7f0000000080)=0x114c, 0x4)
setsockopt$inet_int(r7, 0x0, 0x13, &(0x7f0000000000)=0xffffff7e, 0x4)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x10)
ioctl$NILFS_IOCTL_GET_CPSTAT(0xffffffffffffffff, 0x80186e83, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001f80)={0x0, 0x0, 0x0}, 0x0)
r8 = fsmount(r3, 0x0, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000040)={[{0x2b, 'cpuset'}]}, 0x8)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000015c0)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a", @ANYRESOCT], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
getpid()
madvise(&(0x7f0000338000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x2)

1.399152453s ago: executing program 2 (id=1938):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000023000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d0000009700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd01797bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7ec6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492aba0883783d2831210e00d2bfea3bf97ff8836d000000000000946bdb747e416b3064edb4f5aea06eba207ddab9f9baf98bc5192f23d95d33357fc55f92e5937e10995059f3348f69667b9260d504ba96446e1437af6fa875d9d32fdaaae01e6c74f192a23572ef582b7dd867c163c8cedaa2a2c5baceb37d4a40244c9bdca541cc7e65e20f5b5b735e2f33df9bd0614431d7dc5e47bb31c5b827d51733b64ddad4de1cdadce076d19d62e821b435619fb89fc07f81938200b4ebce83db"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth0_macvtap\x00', <r0=>0x0})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r0, {0x0, 0xffff}, {0xfff2, 0xb}, {0x0, 0xfffe}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x4, [0x0, 0x0, 0x10, 0x0, 0x0, 0x5, 0x5], 0x0, [0x1, 0x2, 0x7, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5c4, 0x8000, 0x8, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r2, 0xfffffffc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0200000004000000080000000100f9003029153155800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000980)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xfffff7dd}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000001b00)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=@framed={{}, [@printk={@lli, {}, {0x7, 0x1, 0x4}, {}, {}, {}, {0x85, 0x0, 0x0, 0x99}}]}, &(0x7f0000000000)='syzkaller\x00', 0xa, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x90)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
socket$alg(0x26, 0x5, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r7, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r4, 0x1, 0x70bd2c, 0x1000000, {0x1, 0x0, 0xff07}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x37}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x2000000)

1.306639949s ago: executing program 0 (id=1939):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x16)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
read$FUSE(r2, &(0x7f0000000040)={0x2020}, 0x229)

1.209043279s ago: executing program 2 (id=1940):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x65, &(0x7f0000000080)=0x2, 0x4)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8982, &(0x7f00000000c0)={0x7, 'veth0_vlan\x00', {0xffffffff}, 0x6})
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r1, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(0xffffffffffffffff, 0x3b70, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=0xffffffffffffffff, 0x12)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r4 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
r5 = openat$binfmt(0xffffffffffffff9c, r4, 0x41, 0x1ff)
fcntl$setlease(r5, 0x400, 0x1)
r6 = landlock_create_ruleset(&(0x7f0000000040)={0x4000, 0x3}, 0x18, 0x0)
landlock_restrict_self(r6, 0x0)
r7 = socket$xdp(0x2c, 0x3, 0x0)
bind$xdp(r7, &(0x7f0000000240)={0x2c, 0x1}, 0x10)
landlock_restrict_self(r6, 0x0)
landlock_restrict_self(r6, 0x3)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x20000000}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0x4040880}, 0x0)

906.601497ms ago: executing program 2 (id=1941):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001400030500008000ffdbdf2502075bff", @ANYRES32=r4, @ANYBLOB="080002007f00000108000400ac1e00"], 0x3c}, 0x1, 0x0, 0x0, 0xc090}, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
r9 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r9, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r9, 0x7a0, &(0x7f0000000000)={@local, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r9, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x4, 0x8})
r10 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r10, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r10, 0x7a0, &(0x7f0000000400)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r10, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}]]}, 0x3c}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x4, [{0x2, 0x1}, {0xb, 0x1}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x32)
getsockname(r5, 0x0, &(0x7f0000000240))
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}})
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000070961c40e90f55dbfb690102c9030902120001000000000904"], 0x0)
r11 = syz_open_dev$I2C(&(0x7f0000000040), 0x2, 0x20002)
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x451, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x2, 0x40, 0x6, "", [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x7, 0x1, 0x2, 0x3, "", {{{0x9, 0x5, 0x1, 0x2, 0x420, 0x1b, 0x7, 0x8}}, [{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x6, 0x4, 0x2}}]}}}]}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x300, 0x1, 0xb, 0x5, 0xff, 0x5}, 0x3b, &(0x7f00000001c0)={0x5, 0xf, 0x3b, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0xff, 0x34, 0x8000}, @ss_container_id={0x14, 0x10, 0x4, 0xb, "d3e88df92c84501e69af9bc2ae9b1258"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x5, 0x7, 0x800}, @wireless={0xb, 0x10, 0x1, 0x8, 0x4, 0x8, 0xe, 0xb627, 0xbe}, @ptm_cap={0x3}]}, 0x1, [{0xeb, &(0x7f0000000240)=@string={0xeb, 0x3, "bafca07debed69b150072263f80e28448bb77984b79cf169c0e82498f9ffd4370d5bbdf0555f4652ad5341c20b4f4ce1610b603ad6023921380766607dacbf0afc4845f5d5d0cfdd04e72d5a82c5e31f72d8e7a79e94590de84947a5fed8f08ab83e8a3ee7f4e3d600ee1bb646342d3d106368b609557cbc4f697c08f1c24daa3d8297295abb829a2598dda9f125cf1668d690116fb9de209dc7e40092f3123554501517860a429455443837df7156fe46667d9a79e71815bfb5e49674db3a54476ca6333bcb7d3d3bb4339f919f43e166718ea8aa9451256ade4e507a41e09f3cd006a3f4c5719598"}}]})
pread64(r11, 0x0, 0x3b, 0x101)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbmod={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x4}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0x2, 0xffff0000, 0x2, 0x10000, 0xe}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x4000810)
ioctl$EVIOCGKEYCODE(0xffffffffffffffff, 0x80084504, &(0x7f0000000380)=""/6)

801.382226ms ago: executing program 0 (id=1942):
r0 = socket(0x10, 0x80002, 0x2)
socket$inet6(0xa, 0x5, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0xd9, 0x6, 0x0, @private=0xa210104, @local}, {{0x0, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x80, 0x1000}}}}}}, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000040), 0x17)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r2, 0x0, 0x484, &(0x7f0000001e00)=""/218, &(0x7f0000001f00)=0xda)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
clock_nanosleep(0xb, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_dev$video4linux(&(0x7f0000000300), 0xd4, 0x101a82)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x9, 0x4}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000200)={0x2, &(0x7f0000000100)=[{0x6, 0x6, 0x7, 0x6}, {0x4, 0x5, 0xe1}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)

787.141406ms ago: executing program 3 (id=1943):
close(0x4)
r0 = syz_open_procfs$namespace(0x0, 0x0)
unshare(0x6a040000)
unshare(0x40080)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000440)=0x4)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r3, 0xc0684113, &(0x7f0000000080)={0x1, 0xfffff800, 0x1, 0xa, 0x8, 0x3, 0x500, 0xe, 0x9, 0x40, 0xffffffff, 0x1})
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f0000000140)={{&(0x7f00006e2000/0x3000)=nil, 0x3000}, 0x1})
ioctl$DVB_DEMUX_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000040)={0x6, 0x0, <r5=>r0})
syz_io_uring_setup(0x38fa, &(0x7f0000000200)={0x0, 0x9943, 0x800, 0x0, 0x359, 0x0, r5}, &(0x7f00000002c0), &(0x7f0000ff4000), &(0x7f0000000000))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x0)
close_range(r4, r4, 0x0)
setsockopt$MRT_ASSERT(0xffffffffffffffff, 0x0, 0xcf, 0x0, 0x0)

612.639108ms ago: executing program 0 (id=1944):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000001c0)=0x9f, 0x4)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000005c0)='scalable', 0x8)
syz_clone(0x84862cd1, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = memfd_create(&(0x7f0000000380)='%\x00#D)\xdeA\x02\n,\x06\x89\x96\x8f\xd3F\x9fe\xf7\x9f\x9f\x0f\xeb\v\xc3\x86c\xe7\xc6\x88\xce%0\x05\x9d4M\tH\x89m\x14>4\xe4\xb4m\fF\xaf\x9d&\x05\xcf\xc1HZ\x9a\xa3X\xaa;t\x12\'\xf5\x18PvY\xbe\xd1J6\xd9\xa6\xec\xde\xd4\xb9I5\x1a\xc79\x9d\x19\x10\x8c\xb2\xe0` >D\x11*V\xb9\xcfi\x03FnU\t|b\xbe\x10\xc4\xd4\x01\xb2=\x11%\xd0`-\xe2\x1d\x8e\x7f\xd1\x15\x03\xa5(\x1e\x05H\xe8\'[0\xc2\vO\xdc\xf8?QT[8:f\xe9f\x9b\xd3\xe2:\xa2b\xa3\x89\n\x9d\n\xe2\xb7\xf6\xa6\xbe\x82]YF\x90\x8e\xde\xbd\xb1w\xf7\x15\xed\xd8\xea\xa8\xef\xfbM\x82oX\x80~\xe3\x1fH\xf4\x99\xa4\xd2E\'@\xab\x13\x94\xc2\xef\x81R\xbd\xaah\xd2D\xce\x1f\'\x8b9\xa5\x88\xf1C\x1a\a!\x95\x165RS1\x9e[\xf4\xa9v\xfah\xb7\xd8\x9c&\x85\xcbs\xad\x14\xf5\xd5\xd7M\x06\x15\x9d\xa2\xfb\xfc\x9c\x94`x\xdfma\xa6\x04\x06\xcb\xeb\vC{b\xceW3l\x8a\x9cO\"\xb5\xeb#\x03k\xe4\x99\xeb\xe3\x9d\xba\xd0\xb5\x0fh\xf2\xdc\x01\x81\xb48\xea\xaf\xd0*\x9c\x1d\xba,;\x17\xfb\x94M1\xea\x1f\xbf', 0x4)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mount$tmpfs(0x0, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000500), 0x1120021, &(0x7f0000000580)=ANY=[@ANYRESOCT=r0])
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000600)=ANY=[@ANYBLOB="ff0ff79a91c4fd104969326300007e1e634ab2d37d9eb3e207a3c1c74aa96f13377240b2619fa7245293d45dc79590f97cd281519ef28a99c700000000746ef72faaa24c3bf8ab6953cd156e9cce3a28866b4a", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0xaa)
ioctl$FS_IOC_RESVSP(r2, 0x402c5828, &(0x7f0000000180)={0x0, 0x2, 0x80000, 0xb3})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000180)={'wg1\x00', <r6=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0)={0x1d, 0x0, 0x2, {0x2, 0xf0, 0x3}, 0xff}, 0x18)
r7 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r7, &(0x7f0000000540)={0x2, 0xfffc, @loopback}, 0xffffffffffffffbf)
sendmsg(r7, &(0x7f00000004c0)={&(0x7f0000000040)=@in={0x2, 0x0, @multicast1}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYRES16=r1], 0x10}, 0x4000080)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000002c0)=0x14)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000006c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027bd7000fcdbdf250c0000002c000180080003000300000008000100", @ANYRES32=r6, @ANYBLOB="08000100a4c5ead86fe6b96c4d4c8a7367fda798ab5dbabf1f6138d8359dc674be5864954c7da7495debbabad103c8cf16c8caf94a11935c88b204dfab42199f4271b36181435f3dc5381a2b21c62177e33fdb418c111fae99cca2d79d9b46bd1a63a455a5f76f8b70a68dcb8d50d4c5614a0aa1de9d5191bf70f53f5139e752c2e346c2fb3f67c2e9a231957f09a58a12f5cdfd5b59526b3d8ac574a163b0541e793476c3582e0256cf4b0c2f831866c12ab2a8f1363d6cb039c7f4571e8509abbe3387b6fb61da8c39051e75ed182220440ffa57", @ANYRES32, @ANYBLOB="080003000300000008000100", @ANYRES32=0x0, @ANYBLOB="180001801400020076657468305f746f5f626f6e64000000"], 0x58}, 0x1, 0x0, 0x0, 0x40004}, 0x0)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="280100002f00012000000000fcdbdf250801f2800c00180008ac0f000010000014000100fc00000000000000000000000000000008004400", @ANYRES32=r0, @ANYBLOB="d90062802400328008004100b20000000800ca00ac1e000108003d00fcffffff0400c58004008a800800a18004000f80c073bf8f025953f538087c2947af34d793a12e66cd988ba2df542272ddf8f3b0634ff9883b7914bc9c92aafa8bb7b0c0552ff62f4a9716d08229fbc0558c09235f84d6771d08666d8b337ac75c741e4e77f4a9bc443c6a07af22469f8689554aa0e81e897ed6146a5b6cb1adf5cecbe76fb07a1c2610d17b8d3c80cfe639ce824597e338c1bb6a7d118257e8e8ac7e1f1c03054e4ec9bce7dfd5f3620229ab929fb9ebb5658776ab26000000100002800c0001"], 0x128}], 0x1, 0x0, 0x0, 0x1}, 0x10)

405.775857ms ago: executing program 0 (id=1945):
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet(0x2, 0x4000000000000001, 0x100)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
futex(&(0x7f0000000200)=0x1, 0x6, 0x0, &(0x7f0000000240)={0x77359400}, 0x0, 0x1)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000004c40)=@mangle={'mangle\x00', 0x64, 0x6, 0x50c, 0x190, 0x358, 0x258, 0x258, 0x258, 0x444, 0x444, 0x444, 0x444, 0x444, 0x6, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0xfc}, @private1, [], [], 'team_slave_0\x00', 'veth1_vlan\x00', {}, {}, 0x33}, 0x0, 0xa4, 0xc8, 0x0, {0x0, 0x3a010000}}, @HL={0x24}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0x190}}, {{@ipv6={@private0, @remote, [], [], 'veth0_to_team\x00', 'tunl0\x00', {}, {}, 0x11, 0x1, 0x1, 0x44}, 0x0, 0xa4, 0xc3}, @unspec=@CHECKSUM={0x24}}, {{@ipv6={@local, @private0={0xfc, 0x0, '\x00', 0x1}, [0xff000000, 0xff000000, 0xff], [0xff, 0x0, 0xffffffff, 0xff000000], 'dvmrp0\x00', 'ip6gretap0\x00', {}, {0xff}, 0x3c, 0x6, 0x7, 0x40}, 0x0, 0xa4, 0x100}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv6=@private0, [0xffffff00, 0xff], 0x4e23, 0x4e22, 0x4e22, 0x4e22, 0x4, 0x0, 0xfffffffb, 0xe, 0x1}}}, {{@ipv6={@loopback, @empty, [0x0, 0x0, 0xff000000], [0x0, 0x0, 0x0, 0xff], 'syzkaller1\x00', 'veth0_to_batadv\x00'}, 0x0, 0xa4, 0xec}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x568)
kexec_load(0xd0ffbf, 0x0, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000600)={{{@in6=@remote, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0xfffffffffffffffe, 0x1, 0x4, 0x100000000, 0x5, 0x0, 0xe}, {0x0, 0xffffffff, 0x400000003, 0xfffffffffffffffc}, 0xfffffffc, 0x1, 0x1, 0x0, 0x6}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x4, 0x3c}, 0x0, @in=@multicast2, 0x0, 0x0, 0x0, 0xb7, 0x7, 0xfffffffe}}, 0xe8)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)

0s ago: executing program 3 (id=1946):
r0 = socket(0x2b, 0x1, 0x1)
r1 = syz_open_procfs$namespace(0x0, 0x0)
unshare(0x6a040000)
unshare(0x40080)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
connect$inet6(r0, 0x0, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000440)=0x4)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0)
r4 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r4, 0xc0684113, &(0x7f0000000080)={0x1, 0xfffff800, 0x1, 0xa, 0x8, 0x3, 0x500, 0xe, 0x9, 0x40, 0xffffffff, 0x1})
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r5, 0xc018aa06, &(0x7f0000000140)={{&(0x7f00006e2000/0x3000)=nil, 0x3000}, 0x1})
ioctl$DVB_DEMUX_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000040)={0x6, 0x0, <r6=>r1})
syz_io_uring_setup(0x38fa, &(0x7f0000000200)={0x0, 0x9943, 0x800, 0x0, 0x359, 0x0, r6}, &(0x7f00000002c0), &(0x7f0000ff4000), &(0x7f0000000000))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x0)
close_range(r5, r5, 0x0)
setsockopt$MRT_ASSERT(r0, 0x0, 0xcf, 0x0, 0x0)

kernel console output (not intermixed with test programs):

confined pid=10875 comm="syz.2.1448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  339.190348][   T40] audit: type=1326 audit(1780508598.889:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10875 comm="syz.2.1448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  339.220719][   T40] audit: type=1326 audit(1780508598.889:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10875 comm="syz.2.1448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  339.231403][   T40] audit: type=1326 audit(1780508598.889:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10875 comm="syz.2.1448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  339.241542][   T40] audit: type=1326 audit(1780508598.908:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10875 comm="syz.2.1448" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  339.271293][T10876] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  339.275424][T10876] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  339.352283][ T5761] Bluetooth: hci4: command 0x0c1a tx timeout
[  339.403899][T10876] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  339.514658][T10857] vhci_hcd: connection reset by peer
[  339.525402][ T1240] vhci_hcd vhci_hcd.0: stop threads
[  339.527634][ T1240] vhci_hcd vhci_hcd.0: release socket
[  339.534884][ T1240] vhci_hcd vhci_hcd.0: disconnect device
[  339.543430][ T5852] usb 5-1: USB disconnect, device number 26
[  339.551382][ T5852] usblp0: removed
[  339.694397][T10904] netlink: 'syz.3.1455': attribute type 1 has an invalid length.
[  339.698068][T10904] netlink: 'syz.3.1455': attribute type 1 has an invalid length.
[  339.714494][T10910] IPVS: length: 218 != 24
[  340.229311][T10948] FAULT_INJECTION: forcing a failure.
[  340.229311][T10948] name failslab, interval 1, probability 0, space 0, times 0
[  340.233845][T10948] CPU: 0 UID: 0 PID: 10948 Comm: syz.3.1471 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  340.233863][T10948] Tainted: [L]=SOFTLOCKUP
[  340.233867][T10948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  340.233874][T10948] Call Trace:
[  340.233879][T10948]  <TASK>
[  340.233883][T10948]  dump_stack_lvl+0x100/0x190
[  340.233899][T10948]  should_fail_ex.cold+0x5/0xa
[  340.233913][T10948]  should_failslab+0xc2/0x120
[  340.233927][T10948]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  340.233945][T10948]  ? sock_alloc_inode+0x26/0x290
[  340.233958][T10948]  ? finish_task_switch.isra.0+0x2c6/0x1010
[  340.233974][T10948]  ? __pfx_sock_alloc_inode+0x10/0x10
[  340.233988][T10948]  sock_alloc_inode+0x26/0x290
[  340.234001][T10948]  ? __pfx_sock_alloc_inode+0x10/0x10
[  340.234014][T10948]  alloc_inode+0x68/0x250
[  340.234032][T10948]  sock_alloc+0x44/0x280
[  340.234043][T10948]  ? security_socket_create+0x7f/0x250
[  340.234055][T10948]  __sock_create+0xc2/0x860
[  340.234075][T10948]  ? find_held_lock+0x2b/0x80
[  340.234091][T10948]  udp_sock_create6+0xc7/0x6a0
[  340.234104][T10948]  ? __pfx_udp_sock_create6+0x10/0x10
[  340.234119][T10948]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  340.234139][T10948]  rxe_setup_udp_tunnel.constprop.0+0x1e9/0x760
[  340.234155][T10948]  ? __pfx_rxe_setup_udp_tunnel.constprop.0+0x10/0x10
[  340.234176][T10948]  ? rxe_ns_pernet_sk6+0xd0/0x270
[  340.234194][T10948]  rxe_net_init+0x1c2/0x2a0
[  340.234208][T10948]  rxe_newlink+0x6d/0x160
[  340.234219][T10948]  nldev_newlink+0x3b0/0x620
[  340.234230][T10948]  ? __pfx_nldev_newlink+0x10/0x10
[  340.234280][T10948]  ? __pfx___might_resched+0x10/0x10
[  340.234297][T10948]  ? security_capable+0x80/0x260
[  340.234308][T10948]  ? ns_capable+0xd2/0xf0
[  340.234320][T10948]  ? __pfx_nldev_newlink+0x10/0x10
[  340.234330][T10948]  rdma_nl_rcv_msg+0x392/0x6f0
[  340.234348][T10948]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  340.234367][T10948]  ? __lock_acquire+0x4a5/0x2630
[  340.234387][T10948]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2cb/0x410
[  340.234408][T10948]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  340.234431][T10948]  ? netlink_deliver_tap+0x1ae/0xcc0
[  340.234448][T10948]  netlink_unicast+0x585/0x850
[  340.234466][T10948]  ? __pfx_netlink_unicast+0x10/0x10
[  340.234484][T10948]  netlink_sendmsg+0x8b0/0xda0
[  340.234501][T10948]  ? __pfx_netlink_sendmsg+0x10/0x10
[  340.234517][T10948]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  340.234531][T10948]  ____sys_sendmsg+0x9e1/0xb70
[  340.234544][T10948]  ? __pfx_netlink_sendmsg+0x10/0x10
[  340.234560][T10948]  ? __pfx_____sys_sendmsg+0x10/0x10
[  340.234583][T10948]  ___sys_sendmsg+0x190/0x1e0
[  340.234600][T10948]  ? __pfx____sys_sendmsg+0x10/0x10
[  340.234621][T10948]  ? find_held_lock+0x2b/0x80
[  340.234643][T10948]  __sys_sendmsg+0x170/0x220
[  340.234655][T10948]  ? __pfx___sys_sendmsg+0x10/0x10
[  340.234665][T10948]  ? __fget_files+0x21f/0x3d0
[  340.234682][T10948]  ? ksys_write+0x1ac/0x250
[  340.234695][T10948]  ? rcu_is_watching+0x12/0xc0
[  340.234710][T10948]  __do_fast_syscall_32+0xe7/0x970
[  340.234726][T10948]  ? lockdep_hardirqs_on+0x78/0x100
[  340.234742][T10948]  do_fast_syscall_32+0x32/0x70
[  340.234759][T10948]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  340.234775][T10948] RIP: 0023:0xf708ef7c
[  340.234784][T10948] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  340.234795][T10948] RSP: 002b:00000000f547d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  340.234806][T10948] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001780
[  340.234813][T10948] RDX: 0000000000040800 RSI: 0000000000000000 RDI: 0000000000000000
[  340.234819][T10948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  340.234825][T10948] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  340.234832][T10948] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  340.234845][T10948]  </TASK>
[  340.234852][T10948] socket: no more sockets
[  340.235133][T10946] netlink: 'syz.4.1467': attribute type 1 has an invalid length.
[  340.240164][T10948] rdma_rxe: Failed to create IPv6 UDP tunnel
[  340.317270][T10953] FAULT_INJECTION: forcing a failure.
[  340.317270][T10953] name failslab, interval 1, probability 0, space 0, times 0
[  340.321230][T10946] netlink: 'syz.4.1467': attribute type 1 has an invalid length.
[  340.323210][T10953] CPU: 1 UID: 0 PID: 10953 Comm: syz.0.1469 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  340.323233][T10953] Tainted: [L]=SOFTLOCKUP
[  340.323238][T10953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  340.323246][T10953] Call Trace:
[  340.323252][T10953]  <TASK>
[  340.323259][T10953]  dump_stack_lvl+0x100/0x190
[  340.323277][T10953]  should_fail_ex.cold+0x5/0xa
[  340.323295][T10953]  should_failslab+0xc2/0x120
[  340.323313][T10953]  __kmalloc_cache_noprof+0x7a/0x6f0
[  340.323333][T10953]  ? fuse_alloc_inode+0xf7/0x1e0
[  340.323352][T10953]  ? lockdep_init_map_type+0x5c/0x250
[  340.323376][T10953]  ? __pfx_fuse_inode_eq+0x10/0x10
[  340.323393][T10953]  ? __pfx_fuse_inode_set+0x10/0x10
[  340.323409][T10953]  fuse_alloc_inode+0xf7/0x1e0
[  340.323426][T10953]  ? kasan_quarantine_put+0x104/0x240
[  340.323439][T10953]  ? __pfx_fuse_alloc_inode+0x10/0x10
[  340.323458][T10953]  alloc_inode+0x68/0x250
[  340.323481][T10953]  iget5_locked+0x5f/0xa0
[  340.323505][T10953]  fuse_iget+0x200/0x930
[  340.323528][T10953]  ? __pfx_fuse_iget+0x10/0x10
[  340.323549][T10953]  ? __fuse_simple_request+0x58e/0xf00
[  340.323566][T10953]  ? __asan_memset+0x23/0x50
[  340.323590][T10953]  fuse_lookup_name+0x481/0x760
[  340.323613][T10953]  ? __pfx_fuse_lookup_name+0x10/0x10
[  340.323634][T10953]  ? __pfx___mutex_lock+0x10/0x10
[  340.323670][T10953]  fuse_lookup+0x209/0x550
[  340.323691][T10953]  ? __pfx_fuse_lookup+0x10/0x10
[  340.323721][T10953]  ? lockdep_init_map_type+0x5c/0x250
[  340.323747][T10953]  __lookup_slow+0x251/0x460
[  340.323770][T10953]  ? __pfx___lookup_slow+0x10/0x10
[  340.323806][T10953]  lookup_slow+0x50/0x70
[  340.323828][T10953]  path_lookupat+0x5e8/0xc40
[  340.323846][T10953]  filename_lookup+0x202/0x590
[  340.323861][T10953]  ? kasan_save_stack+0x30/0x50
[  340.323876][T10953]  ? __pfx_filename_lookup+0x10/0x10
[  340.323912][T10953]  filename_linkat+0x145/0x640
[  340.323968][T10953]  ? __pfx_filename_linkat+0x10/0x10
[  340.324000][T10953]  ? do_getname+0x191/0x390
[  340.324023][T10953]  __ia32_sys_link+0x80/0xb0
[  340.324048][T10953]  __do_fast_syscall_32+0xe7/0x970
[  340.324068][T10953]  ? lockdep_hardirqs_on+0x78/0x100
[  340.324090][T10953]  do_fast_syscall_32+0x32/0x70
[  340.324111][T10953]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  340.324129][T10953] RIP: 0023:0xf7f95f7c
[  340.324141][T10953] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  340.324154][T10953] RSP: 002b:00000000f543550c EFLAGS: 00000292 ORIG_RAX: 0000000000000009
[  340.324167][T10953] RAX: ffffffffffffffda RBX: 0000000080000280 RCX: 0000000080000400
[  340.324176][T10953] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  340.324184][T10953] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  340.324191][T10953] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  340.324199][T10953] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  340.324216][T10953]  </TASK>
[  341.574837][ T5761] Bluetooth: hci4: command 0x0c1a tx timeout
[  341.957347][T10989] __nla_validate_parse: 1 callbacks suppressed
[  341.957364][T10989] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1484'.
[  341.977083][T10989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  342.113639][ T5510] usb 38-1: device descriptor read/8, error -110
[  342.477363][T10999] netlink: 'syz.2.1487': attribute type 21 has an invalid length.
[  342.480026][T10999] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1487'.
[  342.483880][T10999] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1487'.
[  342.514916][ T5852] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  343.007742][ T5153] block nbd0: Possible stuck request ffff888027abe000: control (read@0,1024B). Runtime 270 seconds
[  343.011368][ T5153] block nbd0: Possible stuck request ffff888027abe1c0: control (read@1024,1024B). Runtime 270 seconds
[  343.014543][ T5153] block nbd0: Possible stuck request ffff888027abe380: control (read@2048,1024B). Runtime 270 seconds
[  343.018759][ T5153] block nbd0: Possible stuck request ffff888027abe540: control (read@3072,1024B). Runtime 270 seconds
[  343.066561][T11012] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1490'.
[  343.095597][T11012] erspan0: left allmulticast mode
[  343.097424][T11012] erspan0: left promiscuous mode
[  343.099386][T11012] bridge2: port 1(erspan0) entered disabled state
[  343.110649][T11012] bridge3: port 1(erspan0) entered blocking state
[  343.117390][T11012] bridge3: port 1(erspan0) entered disabled state
[  343.120183][T11012] erspan0: entered allmulticast mode
[  343.123485][T11012] erspan0: entered promiscuous mode
[  343.128138][T11012] bridge3: port 1(erspan0) entered blocking state
[  343.131607][T11012] bridge3: port 1(erspan0) entered forwarding state
[  343.145279][T11012] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1490'.
[  343.161459][ T6231] bridge3: entered promiscuous mode
[  343.190399][ T5852] usb 5-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  343.194822][ T5852] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  343.197523][ T5852] usb 5-1: Product: syz
[  343.199685][ T5852] usb 5-1: Manufacturer: syz
[  343.201461][ T5852] usb 5-1: SerialNumber: syz
[  343.215803][ T5852] usb 5-1: config 0 descriptor??
[  343.226140][ T5852] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  343.230990][ T5852] dvb-usb: bulk message failed: -22 (2/0)
[  343.258866][ T5852] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  343.264456][ T5852] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  343.267811][ T5852] usb 5-1: media controller created
[  343.286981][ T5852] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  343.424519][ T5510] usb usb38-port1: attempt power cycle
[  343.469094][T10989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.483621][T10989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.504568][T10989] dvb-usb: bulk message failed: -22 (4/0)
[  343.512379][T10989] cxusb: i2c read failed
[  343.520903][ T5852] cxusb: set interface failed
[  343.528341][ T5852] dvb-usb: bulk message failed: -22 (1/0)
[  343.622574][ T5852] DVB: Unable to find symbol mt352_attach()
[  343.629388][ T5852] dvb-usb: bulk message failed: -22 (5/0)
[  343.636063][ T5852] zl10353_read_register: readreg error (reg=127, ret==-121)
[  343.645281][ T5852] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  343.765792][ T5852] rc_core: IR keymap rc-dvico-mce not found
[  343.774596][ T5852] Registered IR keymap rc-empty
[  343.784490][ T5852] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  343.787135][ T5761] Bluetooth: hci4: command 0x0c1a tx timeout
[  343.804850][ T5852] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input60
[  343.810660][ T5852] dvb-usb: schedule remote query interval to 100 msecs.
[  343.813117][ T5852] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  343.841540][ T5852] usb 5-1: USB disconnect, device number 27
[  344.034897][ T5510] usb usb38-port1: unable to enumerate USB device
[  344.078130][ T5852] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  344.151277][   T54] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  344.396767][   T54] usb 9-1: Using ep0 maxpacket: 32
[  344.401170][   T54] usb 9-1: config 0 has no interfaces?
[  344.406903][   T54] usb 9-1: New USB device found, idVendor=08ca, idProduct=2060, bcdDevice=c6.58
[  344.411352][   T54] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.414875][   T54] usb 9-1: Product: syz
[  344.416809][   T54] usb 9-1: Manufacturer: syz
[  344.419061][   T54] usb 9-1: SerialNumber: syz
[  344.439520][   T54] usb 9-1: config 0 descriptor??
[  344.482500][T11031] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  344.798236][T11039] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1495'.
[  344.818935][T11039] vxlan0: entered promiscuous mode
[  344.834945][  T404] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  344.837782][  T404] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  344.841001][  T404] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  344.843983][  T404] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  346.392810][T11067] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1506'.
[  346.422519][T11067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  346.706233][ T5830] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  346.874672][ T5830] usb 5-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  346.881230][ T5830] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  346.884772][ T5830] usb 5-1: Product: syz
[  346.886656][ T5830] usb 5-1: Manufacturer: syz
[  346.892755][ T5830] usb 5-1: SerialNumber: syz
[  346.899991][ T5830] usb 5-1: config 0 descriptor??
[  346.906982][ T5830] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  346.912453][ T5830] dvb-usb: bulk message failed: -22 (2/0)
[  346.923185][ T5830] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  346.935967][ T5830] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  346.941454][ T5830] usb 5-1: media controller created
[  346.961402][ T5830] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  347.087379][ T6768] usb 9-1: USB disconnect, device number 6
[  347.224702][T11067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.234456][T11067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.365855][T11067] dvb-usb: bulk message failed: -22 (4/0)
[  347.368731][T11067] cxusb: i2c read failed
[  347.374984][ T5830] cxusb: set interface failed
[  347.749053][ T5830] dvb-usb: bulk message failed: -22 (1/0)
[  347.990464][ T5830] DVB: Unable to find symbol mt352_attach()
[  347.992976][ T5830] dvb-usb: bulk message failed: -22 (5/0)
[  348.009018][ T5830] zl10353_read_register: readreg error (reg=127, ret==-121)
[  348.020082][ T5830] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  348.096304][ T5830] rc_core: IR keymap rc-dvico-mce not found
[  348.100519][ T5830] Registered IR keymap rc-empty
[  348.103316][ T5830] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  348.108580][ T5830] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input61
[  348.152822][ T5830] dvb-usb: schedule remote query interval to 100 msecs.
[  348.155348][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  348.164930][ T5830] usb 5-1: USB disconnect, device number 28
[  348.207372][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  348.430851][T11108] overlayfs: failed to resolve './file1': -2
[  349.015102][ T5948] block nbd3: Possible stuck request ffff888027c0e000: control (read@0,1024B). Runtime 270 seconds
[  349.018835][ T5948] block nbd3: Possible stuck request ffff888027c0e1c0: control (read@1024,1024B). Runtime 270 seconds
[  349.023051][ T5948] block nbd3: Possible stuck request ffff888027c0e380: control (read@2048,1024B). Runtime 270 seconds
[  349.026902][ T5948] block nbd3: Possible stuck request ffff888027c0e540: control (read@3072,1024B). Runtime 270 seconds
[  349.104656][T11121] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1522'.
[  349.117216][T11121] netlink: 'syz.2.1522': attribute type 1 has an invalid length.
[  349.120667][T11121] netlink: 'syz.2.1522': attribute type 1 has an invalid length.
[  349.747981][T11141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1529'.
[  351.266597][T11171] team0: left allmulticast mode
[  351.268764][T11171] team_slave_0: left allmulticast mode
[  351.271227][T11171] team_slave_1: left allmulticast mode
[  351.273785][T11171] team0: left promiscuous mode
[  351.276112][T11171] team_slave_0: left promiscuous mode
[  351.278818][T11171] team_slave_1: left promiscuous mode
[  352.154707][T11187] fuse: fd is not a fuse device
[  352.449260][T11189] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  352.596961][T11198] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1545'.
[  352.614450][T11198] erspan0: left allmulticast mode
[  352.617109][T11198] erspan0: left promiscuous mode
[  352.620407][T11198] bridge6: port 1(erspan0) entered disabled state
[  352.628621][T11198] bridge7: port 1(erspan0) entered blocking state
[  352.631682][T11198] bridge7: port 1(erspan0) entered disabled state
[  352.634639][T11198] erspan0: entered allmulticast mode
[  352.638542][T11198] erspan0: entered promiscuous mode
[  352.644173][T11198] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1545'.
[  352.829429][T11205] rdma_rxe: rxe_newlink: failed to add lo
[  353.320779][T11225] IPVS: length: 218 != 24
[  353.402780][T11228] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1555'.
[  353.590801][T11230] erspan0: left allmulticast mode
[  353.599493][T11230] erspan0: left promiscuous mode
[  353.617451][T11230] bridge2: port 1(erspan0) entered disabled state
[  353.641730][T11228] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1555'.
[  353.673418][T11230] bridge3: port 1(erspan0) entered blocking state
[  353.714930][T11230] bridge3: port 1(erspan0) entered disabled state
[  353.717305][T11230] erspan0: entered allmulticast mode
[  353.721694][T11230] erspan0: entered promiscuous mode
[  354.088453][T11237] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1558'.
[  354.112141][T11237] erspan0: left allmulticast mode
[  354.114693][T11237] erspan0: left promiscuous mode
[  354.119402][T11237] bridge3: port 1(erspan0) entered disabled state
[  354.210145][T11241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1558'.
[  354.250940][T11237] bridge4: port 1(erspan0) entered blocking state
[  354.264365][T11237] bridge4: port 1(erspan0) entered disabled state
[  354.277371][T11237] erspan0: entered allmulticast mode
[  354.287148][T11237] erspan0: entered promiscuous mode
[  354.329106][ T6768] bridge4: entered promiscuous mode
[  355.111246][T11264] IPVS: length: 218 != 24
[  355.362636][T11271] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1567'.
[  355.384551][T11271] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  355.653889][ T5830] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  355.843777][ T5830] usb 8-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  355.848595][ T5830] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  355.851967][ T5830] usb 8-1: Product: syz
[  355.853811][ T5830] usb 8-1: Manufacturer: syz
[  355.855882][ T5830] usb 8-1: SerialNumber: syz
[  355.864803][ T5830] usb 8-1: config 0 descriptor??
[  355.874032][ T5830] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  355.877408][ T5830] dvb-usb: bulk message failed: -22 (2/0)
[  355.883051][ T5830] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  355.888315][ T5830] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  355.893275][ T5830] usb 8-1: media controller created
[  355.911674][ T5830] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  356.103769][T11271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  356.107669][T11271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  356.112138][T11271] dvb-usb: bulk message failed: -22 (4/0)
[  356.116834][T11271] cxusb: i2c read failed
[  356.121028][ T5830] cxusb: set interface failed
[  356.127392][ T5830] dvb-usb: bulk message failed: -22 (1/0)
[  356.145000][T11283] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1571'.
[  356.154948][ T5830] DVB: Unable to find symbol mt352_attach()
[  356.158978][ T5830] dvb-usb: bulk message failed: -22 (5/0)
[  356.161397][ T5830] zl10353_read_register: readreg error (reg=127, ret==-121)
[  356.164342][ T5830] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  356.189417][T11283] erspan0: left allmulticast mode
[  356.191562][T11283] erspan0: left promiscuous mode
[  356.194606][T11283] bridge7: port 1(erspan0) entered disabled state
[  356.203961][T11283] bridge8: port 1(erspan0) entered blocking state
[  356.207231][T11283] bridge8: port 1(erspan0) entered disabled state
[  356.210714][T11283] erspan0: entered allmulticast mode
[  356.220116][T11283] erspan0: entered promiscuous mode
[  356.233774][ T5830] rc_core: IR keymap rc-dvico-mce not found
[  356.236186][ T5830] Registered IR keymap rc-empty
[  356.242603][ T5830] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0
[  356.249248][T11283] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1571'.
[  356.251327][ T5830] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input62
[  356.261495][ T5830] dvb-usb: schedule remote query interval to 100 msecs.
[  356.265858][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  356.275980][ T5830] usb 8-1: USB disconnect, device number 34
[  356.357713][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  356.569682][T11287] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  356.576197][T11287] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  357.262683][T11303] IPVS: length: 218 != 24
[  358.385889][ T5510] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  358.592159][T11327] FAULT_INJECTION: forcing a failure.
[  358.592159][T11327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.598832][T11327] CPU: 2 UID: 0 PID: 11327 Comm: syz.0.1583 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  358.598876][T11327] Tainted: [L]=SOFTLOCKUP
[  358.598881][T11327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  358.598890][T11327] Call Trace:
[  358.598898][T11327]  <TASK>
[  358.598904][T11327]  dump_stack_lvl+0x100/0x190
[  358.598922][T11327]  should_fail_ex.cold+0x5/0xa
[  358.598941][T11327]  _copy_from_user+0x2e/0xd0
[  358.598960][T11327]  io_uring_setup+0xc0/0x160
[  358.598986][T11327]  ? __pfx_io_uring_setup+0x10/0x10
[  358.599010][T11327]  ? __pfx___schedule+0x10/0x10
[  358.599030][T11327]  ? preempt_schedule_irq+0x7b/0x90
[  358.599063][T11327]  __ia32_sys_io_uring_setup+0xc2/0x170
[  358.599085][T11327]  __do_fast_syscall_32+0xe7/0x970
[  358.599105][T11327]  ? lockdep_hardirqs_on+0x78/0x100
[  358.599124][T11327]  do_fast_syscall_32+0x32/0x70
[  358.599144][T11327]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.599161][T11327] RIP: 0023:0xf7f95f7c
[  358.599173][T11327] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  358.599186][T11327] RSP: 002b:00000000f541443c EFLAGS: 00000286 ORIG_RAX: 00000000000001a9
[  358.599200][T11327] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000808
[  358.599209][T11327] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  358.599217][T11327] RBP: 00000000f54144fc R08: 0000000000000000 R09: 0000000000000000
[  358.599225][T11327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  358.599233][T11327] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.599255][T11327]  </TASK>
[  358.727730][ T5510] usb 8-1: Using ep0 maxpacket: 32
[  358.786023][ T5510] usb 8-1: unable to get BOS descriptor or descriptor too short
[  358.805577][ T5510] usb 8-1: config 251 has an invalid interface number: 188 but max is 1
[  358.809643][ T5510] usb 8-1: config 251 has 1 interface, different from the descriptor's value: 2
[  358.813560][ T5510] usb 8-1: config 251 has no interface number 0
[  358.816300][ T5510] usb 8-1: config 251 interface 188 has no altsetting 0
[  358.838283][ T5510] usb 8-1: string descriptor 0 read error: -22
[  358.841539][ T5510] usb 8-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  358.847919][ T5510] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.869117][ T5510] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  358.873487][ T5510] dw2102: su3000_power_ctrl: 1, initialized 0
[  358.876240][ T5510] dvb-usb: bulk message failed: -22 (2/0)
[  358.905125][ T5510] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  358.931124][ T5510] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  358.939952][ T5510] usb 8-1: media controller created
[  358.943850][ T5510] dvb-usb: bulk message failed: -22 (6/0)
[  358.947991][ T5510] dw2102: i2c transfer failed.
[  358.950780][ T5510] dvb-usb: bulk message failed: -22 (6/0)
[  358.953181][ T5510] dw2102: i2c transfer failed.
[  358.955302][ T5510] dvb-usb: bulk message failed: -22 (6/0)
[  358.958580][ T5510] dw2102: i2c transfer failed.
[  358.961792][ T5510] dvb-usb: bulk message failed: -22 (6/0)
[  358.965854][ T5510] dw2102: i2c transfer failed.
[  358.974886][ T5510] dvb-usb: bulk message failed: -22 (6/0)
[  358.977556][ T5510] dw2102: i2c transfer failed.
[  358.981963][ T5510] dvb-usb: bulk message failed: -22 (6/0)
[  358.984880][ T5510] dw2102: i2c transfer failed.
[  358.987109][ T5510] dvb-usb: MAC address: 02:02:02:02:02:02
[  359.031243][ T5510] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  359.073735][T11335] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1585'.
[  359.106899][ T5510] dvb-usb: bulk message failed: -22 (3/0)
[  359.110706][ T5510] dw2102: command 0x0e transfer failed.
[  359.113459][ T5510] dvb-usb: bulk message failed: -22 (3/0)
[  359.116029][ T5510] dw2102: command 0x0e transfer failed.
[  359.265108][T11335] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  359.436357][T11343] IPVS: length: 218 != 24
[  359.455576][ T5510] dvb-usb: bulk message failed: -22 (3/0)
[  359.457388][ T5510] dw2102: command 0x0e transfer failed.
[  359.459802][ T5510] dvb-usb: bulk message failed: -22 (3/0)
[  359.461683][ T5510] dw2102: command 0x0e transfer failed.
[  359.463507][ T5510] dvb-usb: bulk message failed: -22 (1/0)
[  359.465369][ T5510] dw2102: command 0x51 transfer failed.
[  359.490128][ T5510] DVB: Unable to find symbol ds3000_attach()
[  359.496669][ T5510] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  359.556629][ T5830] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  359.566360][ T5510] rc_core: IR keymap rc-su3000 not found
[  359.568302][ T5510] Registered IR keymap rc-empty
[  359.581606][ T5510] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0
[  359.596087][ T5510] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input63
[  359.613818][ T5510] dvb-usb: schedule remote query interval to 150 msecs.
[  359.618735][ T5510] dw2102: su3000_power_ctrl: 0, initialized 1
[  359.622468][ T5510] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  359.635772][ T5510] usb 8-1: USB disconnect, device number 35
[  359.684275][ T5510] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  359.722924][ T5830] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  359.732703][ T5830] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  359.735280][ T5830] usb 7-1: Product: syz
[  359.736624][ T5830] usb 7-1: Manufacturer: syz
[  359.738803][ T5830] usb 7-1: SerialNumber: syz
[  359.745323][ T5830] usb 7-1: config 0 descriptor??
[  359.747008][T11350] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  359.751115][ T5830] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  359.751155][ T5830] dvb-usb: bulk message failed: -22 (2/0)
[  359.762288][T11350] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  359.822059][ T5830] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  359.826293][ T5830] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  359.829187][ T5830] usb 7-1: media controller created
[  359.839152][ T5830] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  359.967105][T11335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  359.973012][T11335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  359.976343][T11335] dvb-usb: bulk message failed: -22 (4/0)
[  359.981085][T11335] cxusb: i2c read failed
[  359.986353][ T5830] cxusb: set interface failed
[  359.988904][ T5830] dvb-usb: bulk message failed: -22 (1/0)
[  360.027128][ T5830] DVB: Unable to find symbol mt352_attach()
[  360.029437][ T5830] dvb-usb: bulk message failed: -22 (5/0)
[  360.031829][ T5830] zl10353_read_register: readreg error (reg=127, ret==-121)
[  360.034371][ T5830] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  360.119755][ T5830] rc_core: IR keymap rc-dvico-mce not found
[  360.122031][ T5830] Registered IR keymap rc-empty
[  360.132367][ T5830] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  360.151342][ T5830] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input64
[  360.168381][ T5830] dvb-usb: schedule remote query interval to 100 msecs.
[  360.170739][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  360.178802][ T5830] usb 7-1: USB disconnect, device number 21
[  360.220027][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  360.233060][T11374] IPVS: length: 218 != 24
[  360.256854][T11376] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1597'.
[  360.333998][T11379] FAULT_INJECTION: forcing a failure.
[  360.333998][T11379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  360.339489][T11379] CPU: 3 UID: 0 PID: 11379 Comm: syz.3.1598 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  360.339516][T11379] Tainted: [L]=SOFTLOCKUP
[  360.339522][T11379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  360.339531][T11379] Call Trace:
[  360.339537][T11379]  <TASK>
[  360.339545][T11379]  dump_stack_lvl+0x100/0x190
[  360.339569][T11379]  should_fail_ex.cold+0x5/0xa
[  360.339619][T11379]  _copy_from_iter+0x1f4/0x1690
[  360.339665][T11379]  ? rcu_is_watching+0x12/0xc0
[  360.339692][T11379]  ? trace_kmem_cache_alloc+0xd5/0x100
[  360.339709][T11379]  ? __kasan_slab_alloc+0x89/0x90
[  360.339724][T11379]  ? __pfx__copy_from_iter+0x10/0x10
[  360.339743][T11379]  ? __asan_memset+0x23/0x50
[  360.339764][T11379]  ? __build_skb_around+0x278/0x390
[  360.339785][T11379]  ? is_vmalloc_addr+0x86/0xa0
[  360.339808][T11379]  netlink_sendmsg+0x808/0xda0
[  360.339831][T11379]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.339851][T11379]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  360.339869][T11379]  ____sys_sendmsg+0x9e1/0xb70
[  360.339887][T11379]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.339906][T11379]  ? __pfx_____sys_sendmsg+0x10/0x10
[  360.339932][T11379]  ___sys_sendmsg+0x190/0x1e0
[  360.339952][T11379]  ? __pfx____sys_sendmsg+0x10/0x10
[  360.339979][T11379]  ? find_held_lock+0x2b/0x80
[  360.340008][T11379]  __sys_sendmsg+0x170/0x220
[  360.340023][T11379]  ? __pfx___sys_sendmsg+0x10/0x10
[  360.340036][T11379]  ? __fget_files+0x21f/0x3d0
[  360.340058][T11379]  ? ksys_write+0x1ac/0x250
[  360.340075][T11379]  ? rcu_is_watching+0x12/0xc0
[  360.340093][T11379]  __do_fast_syscall_32+0xe7/0x970
[  360.340114][T11379]  ? lockdep_hardirqs_on+0x78/0x100
[  360.340134][T11379]  do_fast_syscall_32+0x32/0x70
[  360.340155][T11379]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  360.340174][T11379] RIP: 0023:0xf708ef7c
[  360.340186][T11379] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  360.340200][T11379] RSP: 002b:00000000f547d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  360.340215][T11379] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[  360.340224][T11379] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  360.340232][T11379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  360.340240][T11379] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  360.340248][T11379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  360.340266][T11379]  </TASK>
[  360.443338][   T39] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  360.565661][T11384] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  360.570838][T11384] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  360.614642][   T39] usb 9-1: Using ep0 maxpacket: 8
[  360.620355][   T39] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  360.628134][   T39] usb 9-1: config 0 has no interface number 0
[  360.636031][   T39] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  360.642376][   T39] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  360.647824][   T39] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.656663][   T39] usb 9-1: config 0 descriptor??
[  360.668442][   T39] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  361.810320][ T5852] libceph: connect (1)[c::]:6789 error -101
[  361.812804][ T5852] libceph: mon0 (1)[c::]:6789 connect error
[  361.941140][T11409] ceph: No mds server is up or the cluster is laggy
[  361.977217][T11409] binder: 11408:11409 ioctl c00c620f 80000000 returned -22
[  362.002889][T11415] IPVS: length: 218 != 24
[  362.105579][T11420] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1609'.
[  362.118734][T11420] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  362.271155][ T5103] Bluetooth: hci4: command 0x0c1a tx timeout
[  362.388775][   T54] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[  362.544110][T11426] fuse: Bad value for 'fd'
[  362.567794][   T54] usb 8-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  362.572623][   T54] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  362.576273][   T54] usb 8-1: Product: syz
[  362.578032][   T54] usb 8-1: Manufacturer: syz
[  362.581007][   T54] usb 8-1: SerialNumber: syz
[  362.608731][   T54] usb 8-1: config 0 descriptor??
[  362.629781][   T54] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  362.635634][   T54] dvb-usb: bulk message failed: -22 (2/0)
[  362.679683][   T54] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  362.685192][   T54] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  362.688903][   T54] usb 8-1: media controller created
[  362.729633][   T54] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  362.844324][T11420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  362.849241][T11420] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  362.857799][T11420] dvb-usb: bulk message failed: -22 (4/0)
[  362.860847][T11420] cxusb: i2c read failed
[  362.864087][   T54] cxusb: set interface failed
[  362.869821][   T54] dvb-usb: bulk message failed: -22 (1/0)
[  362.898103][   T54] DVB: Unable to find symbol mt352_attach()
[  362.900724][   T54] dvb-usb: bulk message failed: -22 (5/0)
[  362.903187][   T54] zl10353_read_register: readreg error (reg=127, ret==-121)
[  362.907253][   T54] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  362.976768][   T54] rc_core: IR keymap rc-dvico-mce not found
[  362.979276][   T54] Registered IR keymap rc-empty
[  362.988080][   T54] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0
[  363.001577][   T54] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input65
[  363.021757][   T54] dvb-usb: schedule remote query interval to 100 msecs.
[  363.026380][   T54] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  363.044999][   T54] usb 8-1: USB disconnect, device number 36
[  363.208038][   T54] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  363.451901][ T6768] usb 9-1: USB disconnect, device number 7
[  364.020711][T11441] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1615'.
[  364.055944][T11441] erspan0: left allmulticast mode
[  364.062898][T11441] erspan0: left promiscuous mode
[  364.066229][T11441] bridge8: port 1(erspan0) entered disabled state
[  364.083994][T11441] bridge9: port 1(erspan0) entered blocking state
[  364.090233][T11441] bridge9: port 1(erspan0) entered disabled state
[  364.095037][T11441] erspan0: entered allmulticast mode
[  364.101928][T11441] erspan0: entered promiscuous mode
[  364.111340][T11442] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1615'.
[  364.134582][   T34] bridge9: entered promiscuous mode
[  365.745366][T11460] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1621'.
[  365.784883][T11460] netlink: 'syz.3.1621': attribute type 1 has an invalid length.
[  365.816894][T11460] netlink: 'syz.3.1621': attribute type 1 has an invalid length.
[  366.201219][   T40] kauditd_printk_skb: 54 callbacks suppressed
[  366.201232][   T40] audit: type=1326 audit(1780508624.444:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11464 comm="syz.0.1622" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f95f7c code=0x0
[  366.547394][ T6768] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  366.718568][ T6768] usb 5-1: Using ep0 maxpacket: 32
[  366.723654][ T6768] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  366.728977][ T6768] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  366.738309][ T6768] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  366.747427][ T6768] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  366.752736][ T6768] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  366.757053][ T6768] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  366.764219][ T6768] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  366.770776][ T6768] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.784126][T11474] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1625'.
[  366.814011][ T6768] usb 5-1: config 0 descriptor??
[  366.882942][T11476] IPVS: length: 218 != 24
[  366.997348][T11479] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  367.051340][T11481] overlayfs: failed to resolve './file1': -2
[  367.235474][T11487] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1631'.
[  367.614988][T11500] overlayfs: failed to resolve './file1': -2
[  368.271659][T11504] netlink: 'syz.3.1633': attribute type 29 has an invalid length.
[  368.284001][T11504] netlink: 'syz.3.1633': attribute type 29 has an invalid length.
[  368.484109][T11512] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1637'.
[  368.578865][T11516] IPVS: length: 218 != 24
[  369.697046][ T6768] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 29 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  369.738604][ T6768] usb 5-1: USB disconnect, device number 29
[  369.781175][ T6768] usblp0: removed
[  370.017512][T11541] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1648'.
[  370.041516][T11541] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  370.502933][ T5853] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  370.592728][T11551] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  370.607461][T11551] kvm: pic: level sensitive irq not supported
[  370.607884][T11551] kvm: pic: non byte read
[  370.613946][T11551] kvm: pic: level sensitive irq not supported
[  370.614284][T11551] kvm: pic: non byte read
[  370.619772][T11551] kvm: pic: level sensitive irq not supported
[  370.620045][T11551] kvm: pic: non byte read
[  370.625399][T11551] kvm: pic: level sensitive irq not supported
[  370.625943][T11551] kvm: pic: non byte read
[  370.631326][T11551] kvm: pic: level sensitive irq not supported
[  370.631679][T11551] kvm: pic: non byte read
[  370.635998][T11551] kvm: pic: level sensitive irq not supported
[  370.636312][T11551] kvm: pic: non byte read
[  370.640989][T11551] kvm: pic: level sensitive irq not supported
[  370.641535][T11551] kvm: pic: non byte read
[  370.646682][T11551] kvm: pic: level sensitive irq not supported
[  370.646960][T11551] kvm: pic: non byte read
[  370.651345][T11551] kvm: pic: level sensitive irq not supported
[  370.651677][T11551] kvm: pic: non byte read
[  370.689702][ T5853] usb 5-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  370.693283][ T5853] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  370.696855][ T5853] usb 5-1: Product: syz
[  370.698559][ T5853] usb 5-1: Manufacturer: syz
[  370.700437][ T5853] usb 5-1: SerialNumber: syz
[  370.703658][ T5853] usb 5-1: config 0 descriptor??
[  370.707752][ T5853] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  370.710328][ T5853] dvb-usb: bulk message failed: -22 (2/0)
[  370.714045][ T5853] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  370.718399][ T5853] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  370.721506][ T5853] usb 5-1: media controller created
[  370.728873][ T5853] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  370.903581][ T5153] block nbd2: Possible stuck request ffff888027b95080: control (read@0,1024B). Runtime 300 seconds
[  370.907628][ T5153] block nbd2: Possible stuck request ffff888027b95240: control (read@1024,1024B). Runtime 300 seconds
[  370.911942][ T5153] block nbd2: Possible stuck request ffff888027b95400: control (read@2048,1024B). Runtime 300 seconds
[  370.915612][ T5153] block nbd2: Possible stuck request ffff888027b955c0: control (read@3072,1024B). Runtime 300 seconds
[  370.932222][T11541] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  370.937014][T11541] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  370.943956][T11541] dvb-usb: bulk message failed: -22 (4/0)
[  370.946258][T11541] cxusb: i2c read failed
[  370.955828][ T5853] cxusb: set interface failed
[  370.957402][ T5853] dvb-usb: bulk message failed: -22 (1/0)
[  370.989988][ T5853] DVB: Unable to find symbol mt352_attach()
[  370.991918][ T5853] dvb-usb: bulk message failed: -22 (5/0)
[  370.994237][ T5853] zl10353_read_register: readreg error (reg=127, ret==-121)
[  371.002189][ T5853] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  371.139170][ T5853] rc_core: IR keymap rc-dvico-mce not found
[  371.141008][ T5853] Registered IR keymap rc-empty
[  371.152340][ T5853] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  371.163058][ T5853] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input66
[  371.179260][ T5853] dvb-usb: schedule remote query interval to 100 msecs.
[  371.184230][ T5853] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  371.197292][ T5853] usb 5-1: USB disconnect, device number 30
[  371.834169][ T5853] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  372.022617][T11583] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1659'.
[  372.041960][T11583] netlink: 'syz.0.1659': attribute type 1 has an invalid length.
[  372.052818][T11583] netlink: 'syz.0.1659': attribute type 1 has an invalid length.
[  372.834856][T11612] FAULT_INJECTION: forcing a failure.
[  372.834856][T11612] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.841135][T11612] CPU: 2 UID: 0 PID: 11612 Comm: syz.3.1666 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  372.841155][T11612] Tainted: [L]=SOFTLOCKUP
[  372.841160][T11612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  372.841167][T11612] Call Trace:
[  372.841172][T11612]  <TASK>
[  372.841177][T11612]  dump_stack_lvl+0x100/0x190
[  372.841197][T11612]  should_fail_ex.cold+0x5/0xa
[  372.841217][T11612]  _copy_to_user+0x32/0xd0
[  372.841241][T11612]  simple_read_from_buffer+0xcb/0x170
[  372.841266][T11612]  proc_fail_nth_read+0x1af/0x230
[  372.841293][T11612]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.841321][T11612]  ? rw_verify_area+0xce/0x6d0
[  372.841339][T11612]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.841367][T11612]  vfs_read+0x1e4/0xb30
[  372.841390][T11612]  ? __pfx_vfs_read+0x10/0x10
[  372.841407][T11612]  ? find_held_lock+0x2b/0x80
[  372.841429][T11612]  ? __fget_files+0x215/0x3d0
[  372.841454][T11612]  ? __fget_files+0x21f/0x3d0
[  372.841480][T11612]  ksys_read+0x12a/0x250
[  372.841505][T11612]  ? __pfx_ksys_read+0x10/0x10
[  372.841525][T11612]  ? rcu_is_watching+0x12/0xc0
[  372.841545][T11612]  ? rcu_is_watching+0x12/0xc0
[  372.841567][T11612]  do_int80_emulation+0x14b/0x720
[  372.841596][T11612]  asm_int80_emulation+0x1a/0x20
[  372.841613][T11612] RIP: 0023:0xf71c61ab
[  372.841627][T11612] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  372.841642][T11612] RSP: 002b:00000000f545c4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  372.841660][T11612] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f545c5d0
[  372.841671][T11612] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  372.841697][T11612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  372.841707][T11612] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  372.841717][T11612] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  372.841741][T11612]  </TASK>
[  374.152034][   T40] audit: type=1326 audit(1780508631.880:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.179783][   T40] audit: type=1326 audit(1780508631.890:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.193561][   T40] audit: type=1326 audit(1780508631.890:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.202598][   T40] audit: type=1326 audit(1780508631.890:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.210569][   T40] audit: type=1326 audit(1780508631.890:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.217572][   T40] audit: type=1326 audit(1780508631.899:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.226750][   T40] audit: type=1326 audit(1780508631.899:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.236078][   T40] audit: type=1326 audit(1780508631.899:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.244238][   T40] audit: type=1326 audit(1780508631.899:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  374.251589][   T40] audit: type=1326 audit(1780508631.899:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.4.1677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000
[  376.000074][ T5153] block nbd0: Possible stuck request ffff888027abe000: control (read@0,1024B). Runtime 300 seconds
[  376.003650][ T5153] block nbd0: Possible stuck request ffff888027abe1c0: control (read@1024,1024B). Runtime 300 seconds
[  376.007136][ T5153] block nbd0: Possible stuck request ffff888027abe380: control (read@2048,1024B). Runtime 300 seconds
[  376.010854][ T5153] block nbd0: Possible stuck request ffff888027abe540: control (read@3072,1024B). Runtime 300 seconds
[  376.342398][T11665] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1683'.
[  376.393061][T11665] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  376.595657][T11676] IPVS: length: 218 != 24
[  376.672574][ T5830] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[  377.954949][ T5830] usb 8-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  378.379207][ T5830] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  378.384497][ T5830] usb 8-1: Product: syz
[  378.386345][ T5830] usb 8-1: Manufacturer: syz
[  378.388392][ T5830] usb 8-1: SerialNumber: syz
[  378.394067][ T5830] usb 8-1: config 0 descriptor??
[  378.398155][ T5830] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  378.400818][ T5830] dvb-usb: bulk message failed: -22 (2/0)
[  378.423938][ T5830] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  378.437641][ T5830] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  378.443838][ T5830] usb 8-1: media controller created
[  378.452685][ T5830] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  378.617853][T11665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  378.625791][T11665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  378.630169][T11665] dvb-usb: bulk message failed: -22 (4/0)
[  378.633383][T11665] cxusb: i2c read failed
[  378.641953][ T5830] cxusb: set interface failed
[  378.650257][ T5830] dvb-usb: bulk message failed: -22 (1/0)
[  378.684375][ T5830] DVB: Unable to find symbol mt352_attach()
[  378.686972][ T5830] dvb-usb: bulk message failed: -22 (5/0)
[  378.703165][ T5830] zl10353_read_register: readreg error (reg=127, ret==-121)
[  378.709258][ T5830] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  378.724624][T11708] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1699'.
[  378.753186][T11708] erspan0: left allmulticast mode
[  378.754813][T11708] erspan0: left promiscuous mode
[  378.756732][T11708] bridge9: port 1(erspan0) entered disabled state
[  378.774479][T11708] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1699'.
[  378.782446][ T5510] bridge10: entered promiscuous mode
[  378.788742][ T5830] rc_core: IR keymap rc-dvico-mce not found
[  378.791182][ T5830] Registered IR keymap rc-empty
[  378.803929][ T5830] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0
[  378.810546][ T5830] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input67
[  378.817008][ T5830] dvb-usb: schedule remote query interval to 100 msecs.
[  378.820399][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  378.833394][ T5830] usb 8-1: USB disconnect, device number 37
[  378.928730][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  379.025904][T11719] overlayfs: failed to resolve './file1': -2
[  379.429580][   T34] usb 7-1: new full-speed USB device number 22 using dummy_hcd
[  379.606547][   T34] usb 7-1: unable to read config index 0 descriptor/start: -61
[  379.613838][   T34] usb 7-1: can't read configurations, error -61
[  379.672253][T11732] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1707'.
[  379.691900][T11732] erspan0: left allmulticast mode
[  379.694292][T11732] erspan0: left promiscuous mode
[  379.696641][T11732] bridge4: port 1(erspan0) entered disabled state
[  379.713367][T11732] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1707'.
[  379.723242][   T50] bridge5: entered promiscuous mode
[  379.762420][   T34] usb 7-1: new full-speed USB device number 23 using dummy_hcd
[  379.945057][   T34] usb 7-1: unable to read config index 0 descriptor/start: -61
[  379.952731][   T34] usb 7-1: can't read configurations, error -61
[  379.961933][   T34] usb usb7-port1: attempt power cycle
[  380.327641][   T34] usb 7-1: new full-speed USB device number 24 using dummy_hcd
[  380.351987][   T34] usb 7-1: unable to read config index 0 descriptor/start: -61
[  380.355055][   T34] usb 7-1: can't read configurations, error -61
[  380.364504][T11742] FAULT_INJECTION: forcing a failure.
[  380.364504][T11742] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.368535][T11742] CPU: 3 UID: 0 PID: 11742 Comm: syz.0.1711 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  380.368554][T11742] Tainted: [L]=SOFTLOCKUP
[  380.368558][T11742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  380.368565][T11742] Call Trace:
[  380.368570][T11742]  <TASK>
[  380.368575][T11742]  dump_stack_lvl+0x100/0x190
[  380.368591][T11742]  should_fail_ex.cold+0x5/0xa
[  380.368606][T11742]  _copy_from_user+0x2e/0xd0
[  380.368623][T11742]  move_addr_to_kernel+0x65/0x170
[  380.368641][T11742]  __sys_bind+0x11d/0x260
[  380.368657][T11742]  ? __pfx___sys_bind+0x10/0x10
[  380.368678][T11742]  ? ksys_write+0x1ac/0x250
[  380.368693][T11742]  __ia32_sys_bind+0x71/0xb0
[  380.368709][T11742]  ? lockdep_hardirqs_on+0x78/0x100
[  380.368726][T11742]  __do_fast_syscall_32+0xe7/0x970
[  380.368743][T11742]  ? lockdep_hardirqs_on+0x78/0x100
[  380.368759][T11742]  do_fast_syscall_32+0x32/0x70
[  380.368776][T11742]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  380.368791][T11742] RIP: 0023:0xf7f95f7c
[  380.368801][T11742] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  380.368812][T11742] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000169
[  380.368823][T11742] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000080
[  380.368831][T11742] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  380.368837][T11742] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  380.368843][T11742] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  380.368850][T11742] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  380.368863][T11742]  </TASK>
[  380.520021][   T34] usb 7-1: new full-speed USB device number 25 using dummy_hcd
[  380.544712][   T34] usb 7-1: unable to read config index 0 descriptor/start: -61
[  380.547938][   T34] usb 7-1: can't read configurations, error -61
[  380.550332][   T34] usb usb7-port1: unable to enumerate USB device
[  380.608892][T11750] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1713'.
[  380.620857][T11750] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  380.895537][ T5853] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  381.063125][ T5853] usb 9-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  381.067582][ T5853] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  381.071439][ T5853] usb 9-1: Product: syz
[  381.073532][ T5853] usb 9-1: Manufacturer: syz
[  381.075542][ T5853] usb 9-1: SerialNumber: syz
[  381.080944][ T5853] usb 9-1: config 0 descriptor??
[  381.087882][ T5853] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  381.091205][ T5853] dvb-usb: bulk message failed: -22 (2/0)
[  381.096700][ T5853] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  381.101453][ T5853] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  381.105720][ T5853] usb 9-1: media controller created
[  381.113151][ T5853] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  381.161788][ T5948] block nbd3: Possible stuck request ffff888027c0e000: control (read@0,1024B). Runtime 300 seconds
[  381.165592][ T5948] block nbd3: Possible stuck request ffff888027c0e1c0: control (read@1024,1024B). Runtime 300 seconds
[  381.169647][ T5948] block nbd3: Possible stuck request ffff888027c0e380: control (read@2048,1024B). Runtime 300 seconds
[  381.174148][ T5948] block nbd3: Possible stuck request ffff888027c0e540: control (read@3072,1024B). Runtime 300 seconds
[  381.303261][T11750] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  381.309547][T11750] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  381.313121][T11750] dvb-usb: bulk message failed: -22 (4/0)
[  381.314915][T11750] cxusb: i2c read failed
[  381.318149][ T5853] cxusb: set interface failed
[  381.319725][ T5853] dvb-usb: bulk message failed: -22 (1/0)
[  381.340522][ T5853] DVB: Unable to find symbol mt352_attach()
[  381.342547][ T5853] dvb-usb: bulk message failed: -22 (5/0)
[  381.344775][ T5853] zl10353_read_register: readreg error (reg=127, ret==-121)
[  381.347325][ T5853] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  381.407410][ T5853] rc_core: IR keymap rc-dvico-mce not found
[  381.409765][ T5853] Registered IR keymap rc-empty
[  381.412425][ T5853] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0
[  381.417161][ T5853] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input68
[  381.422373][ T5853] dvb-usb: schedule remote query interval to 100 msecs.
[  381.424602][ T5853] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  381.430863][ T5853] usb 9-1: USB disconnect, device number 8
[  381.464046][ T5853] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  381.985518][T11770] FAULT_INJECTION: forcing a failure.
[  381.985518][T11770] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  381.991069][T11770] CPU: 1 UID: 0 PID: 11770 Comm: syz.4.1719 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  381.991100][T11770] Tainted: [L]=SOFTLOCKUP
[  381.991107][T11770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  381.991118][T11770] Call Trace:
[  381.991126][T11770]  <TASK>
[  381.991133][T11770]  dump_stack_lvl+0x100/0x190
[  381.991158][T11770]  should_fail_ex.cold+0x5/0xa
[  381.991183][T11770]  _copy_from_user+0x2e/0xd0
[  381.991209][T11770]  cmsghdr_from_user_compat_to_kern+0x354/0x7d0
[  381.991240][T11770]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  381.991261][T11770]  ? __import_iovec+0x1d2/0x640
[  381.991295][T11770]  ____sys_sendmsg+0x607/0xb70
[  381.991322][T11770]  ? __pfx_____sys_sendmsg+0x10/0x10
[  381.991378][T11770]  ? _kstrtoull+0x13c/0x1f0
[  381.991402][T11770]  ? __pfx__kstrtoull+0x10/0x10
[  381.991422][T11770]  ___sys_sendmsg+0x190/0x1e0
[  381.991449][T11770]  ? __pfx____sys_sendmsg+0x10/0x10
[  381.991475][T11770]  ? __lock_acquire+0x4a5/0x2630
[  381.991533][T11770]  __sys_sendmmsg+0x2ff/0x430
[  381.991556][T11770]  ? __pfx___sys_sendmmsg+0x10/0x10
[  381.991585][T11770]  ? __fget_files+0x215/0x3d0
[  381.991619][T11770]  ? fput+0x79/0x100
[  381.991643][T11770]  ? ksys_write+0x1ac/0x250
[  381.991666][T11770]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  381.991687][T11770]  ? lockdep_hardirqs_on+0x78/0x100
[  381.991711][T11770]  __do_fast_syscall_32+0xe7/0x970
[  381.991735][T11770]  ? lockdep_hardirqs_on+0x78/0x100
[  381.991761][T11770]  do_fast_syscall_32+0x32/0x70
[  381.991787][T11770]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  381.991809][T11770] RIP: 0023:0xf703ef7c
[  381.991823][T11770] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  381.991840][T11770] RSP: 002b:00000000f542d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  381.991857][T11770] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008000d6c0
[  381.991868][T11770] RDX: 0000000000000001 RSI: 0000000004000000 RDI: 0000000000000000
[  381.991879][T11770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  381.991892][T11770] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  381.991901][T11770] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  381.991925][T11770]  </TASK>
[  382.204560][ T5458] veth0_vlan: left promiscuous mode
[  382.212742][ T5458] veth0_vlan: entered promiscuous mode
[  382.229736][T11778] netlink: 'syz.4.1720': attribute type 29 has an invalid length.
[  383.342990][T11800] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1726'.
[  383.422863][T11800] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1726'.
[  383.455749][ T5510] bridge11: entered promiscuous mode
[  383.864290][T11809] FAULT_INJECTION: forcing a failure.
[  383.864290][T11809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.873024][T11809] CPU: 1 UID: 0 PID: 11809 Comm: syz.4.1729 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  383.873054][T11809] Tainted: [L]=SOFTLOCKUP
[  383.873060][T11809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  383.873070][T11809] Call Trace:
[  383.873076][T11809]  <TASK>
[  383.873083][T11809]  dump_stack_lvl+0x100/0x190
[  383.873102][T11809]  should_fail_ex.cold+0x5/0xa
[  383.873116][T11809]  _copy_from_user+0x2e/0xd0
[  383.873133][T11809]  cmsghdr_from_user_compat_to_kern+0x354/0x7d0
[  383.873152][T11809]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  383.873165][T11809]  ? __import_iovec+0x1d2/0x640
[  383.873185][T11809]  ____sys_sendmsg+0x607/0xb70
[  383.873201][T11809]  ? __pfx_____sys_sendmsg+0x10/0x10
[  383.873219][T11809]  ? _kstrtoull+0x13c/0x1f0
[  383.873235][T11809]  ? __pfx__kstrtoull+0x10/0x10
[  383.873252][T11809]  ___sys_sendmsg+0x190/0x1e0
[  383.873273][T11809]  ? __pfx____sys_sendmsg+0x10/0x10
[  383.873296][T11809]  ? __lock_acquire+0x4a5/0x2630
[  383.873341][T11809]  __sys_sendmmsg+0x2ff/0x430
[  383.873354][T11809]  ? __pfx___sys_sendmmsg+0x10/0x10
[  383.873371][T11809]  ? __fget_files+0x215/0x3d0
[  383.873390][T11809]  ? fput+0x79/0x100
[  383.873405][T11809]  ? ksys_write+0x1ac/0x250
[  383.873420][T11809]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  383.873433][T11809]  ? lockdep_hardirqs_on+0x78/0x100
[  383.873449][T11809]  __do_fast_syscall_32+0xe7/0x970
[  383.873466][T11809]  ? lockdep_hardirqs_on+0x78/0x100
[  383.873482][T11809]  do_fast_syscall_32+0x32/0x70
[  383.873500][T11809]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  383.873514][T11809] RIP: 0023:0xf703ef7c
[  383.873524][T11809] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  383.873534][T11809] RSP: 002b:00000000f542d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  383.873545][T11809] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008000d6c0
[  383.873552][T11809] RDX: 0000000000000001 RSI: 0000000004000000 RDI: 0000000000000000
[  383.873559][T11809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  383.873565][T11809] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  383.873571][T11809] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  383.873584][T11809]  </TASK>
[  384.714068][T11827] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1735'.
[  384.736368][T11827] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1735'.
[  384.748600][ T5853] bridge2: entered promiscuous mode
[  384.911568][T11836] binder_alloc: 11832: binder_alloc_buf, no vma
[  385.035637][T11828] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1732'.
[  385.469429][T11843] lo speed is unknown, defaulting to 1000
[  385.479707][T11843] lo speed is unknown, defaulting to 1000
[  385.946610][T11853] ubi: mtd0 is already attached to ubi31
[  386.246533][T11864] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1748'.
[  386.274503][T11859] FAULT_INJECTION: forcing a failure.
[  386.274503][T11859] name failslab, interval 1, probability 0, space 0, times 0
[  386.284501][T11859] CPU: 2 UID: 0 PID: 11859 Comm: syz.2.1746 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  386.284543][T11859] Tainted: [L]=SOFTLOCKUP
[  386.284549][T11859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  386.284560][T11859] Call Trace:
[  386.284568][T11859]  <TASK>
[  386.284578][T11859]  dump_stack_lvl+0x100/0x190
[  386.284606][T11859]  should_fail_ex.cold+0x5/0xa
[  386.284631][T11859]  ? tomoyo_encode2+0xfb/0x3c0
[  386.284656][T11859]  should_failslab+0xc2/0x120
[  386.284679][T11859]  __kmalloc_noprof+0xe0/0x850
[  386.284702][T11859]  tomoyo_encode2+0xfb/0x3c0
[  386.284731][T11859]  tomoyo_encode+0x29/0x50
[  386.284755][T11859]  tomoyo_mount_acl+0x388/0x8b0
[  386.284777][T11859]  ? is_bpf_text_address+0x8a/0x1a0
[  386.284801][T11859]  ? is_bpf_text_address+0x8a/0x1a0
[  386.284827][T11859]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  386.284854][T11859]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  386.284877][T11859]  ? kernel_text_address+0x8d/0x100
[  386.284896][T11859]  ? __lock_acquire+0x4a5/0x2630
[  386.284924][T11859]  ? unwind_get_return_address+0x59/0xa0
[  386.284949][T11859]  ? arch_stack_walk+0xa6/0xf0
[  386.284992][T11859]  ? tomoyo_domain+0xb2/0x150
[  386.285008][T11859]  ? tomoyo_profile+0x47/0x60
[  386.285087][T11859]  tomoyo_mount_permission+0x214/0x460
[  386.285111][T11859]  ? tomoyo_mount_permission+0x1f6/0x460
[  386.285137][T11859]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  386.285175][T11859]  security_sb_mount+0xdd/0x270
[  386.285198][T11859]  path_mount+0x158/0x23d0
[  386.285229][T11859]  ? __pfx_path_mount+0x10/0x10
[  386.285253][T11859]  ? lockdep_hardirqs_on+0x78/0x100
[  386.285284][T11859]  ? putname+0xb1/0x110
[  386.285307][T11859]  ? kmem_cache_free+0x127/0x6c0
[  386.285342][T11859]  ? __ia32_sys_mount+0x292/0x310
[  386.285366][T11859]  __ia32_sys_mount+0x292/0x310
[  386.285392][T11859]  ? __pfx___ia32_sys_mount+0x10/0x10
[  386.285416][T11859]  ? ksys_write+0x1ac/0x250
[  386.285438][T11859]  ? rcu_is_watching+0x12/0xc0
[  386.285464][T11859]  __do_fast_syscall_32+0xe7/0x970
[  386.285491][T11859]  ? lockdep_hardirqs_on+0x78/0x100
[  386.285517][T11859]  do_fast_syscall_32+0x32/0x70
[  386.285601][T11859]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  386.285627][T11859] RIP: 0023:0xf6ffef7c
[  386.285642][T11859] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  386.285660][T11859] RSP: 002b:00000000f53ed50c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  386.285680][T11859] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000300
[  386.285692][T11859] RDX: 0000000080000000 RSI: 0000000000000004 RDI: 00000000800001c0
[  386.285702][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  386.285712][T11859] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  386.285722][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  386.285747][T11859]  </TASK>
[  386.312433][T11864] erspan0: left allmulticast mode
[  386.368456][T11869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1748'.
[  386.369909][T11864] erspan0: left promiscuous mode
[  386.433474][T11864] bridge1: port 1(erspan0) entered disabled state
[  386.472251][T11864] bridge3: port 1(erspan0) entered blocking state
[  386.475560][T11873] IPVS: length: 218 != 24
[  386.482310][T11864] bridge3: port 1(erspan0) entered disabled state
[  386.486168][T11864] erspan0: entered allmulticast mode
[  386.490075][T11864] erspan0: entered promiscuous mode
[  386.512136][ T5510] bridge3: entered promiscuous mode
[  387.134242][T11894] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1758'.
[  387.242381][T11894] 8021q: adding VLAN 0 to HW filter on device bond3
[  387.251458][   T40] kauditd_printk_skb: 38 callbacks suppressed
[  387.251473][   T40] audit: type=1326 audit(1780508644.134:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.0.1758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95f7c code=0x7ffc0000
[  387.261429][   T40] audit: type=1326 audit(1780508644.153:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.0.1758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95f7c code=0x7ffc0000
[  387.269095][   T40] audit: type=1326 audit(1780508644.153:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.0.1758" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f95f7c code=0x7ffc0000
[  387.277064][   T40] audit: type=1326 audit(1780508644.153:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.0.1758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95f7c code=0x7ffc0000
[  387.283535][   T40] audit: type=1326 audit(1780508644.153:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.0.1758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95f7c code=0x7ffc0000
[  387.330042][T11894] bond3 (unregistering): Released all slaves
[  387.528776][T11904] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1761'.
[  387.681600][T11910] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1762'.
[  387.701492][T11910] bridge12: port 1(erspan0) entered blocking state
[  387.703799][T11910] bridge12: port 1(erspan0) entered disabled state
[  387.708074][T11910] erspan0: entered allmulticast mode
[  387.712016][T11910] erspan0: entered promiscuous mode
[  387.724922][   T24] bridge12: entered promiscuous mode
[  388.104026][T11921] IPVS: length: 218 != 24
[  388.894491][T11933] FAULT_INJECTION: forcing a failure.
[  388.894491][T11933] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.899183][T11933] CPU: 3 UID: 0 PID: 11933 Comm: syz.0.1770 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  388.899207][T11933] Tainted: [L]=SOFTLOCKUP
[  388.899212][T11933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  388.899219][T11933] Call Trace:
[  388.899225][T11933]  <TASK>
[  388.899230][T11933]  dump_stack_lvl+0x100/0x190
[  388.899283][T11933]  should_fail_ex.cold+0x5/0xa
[  388.899303][T11933]  _copy_from_iter+0x1f4/0x1690
[  388.899323][T11933]  ? _copy_from_iter+0x270/0x1690
[  388.899340][T11933]  ? __pfx__copy_from_iter+0x10/0x10
[  388.899359][T11933]  ? __pfx__copy_from_iter+0x10/0x10
[  388.899379][T11933]  ? _copy_from_iter+0x270/0x1690
[  388.899408][T11933]  copy_page_from_iter+0x238/0x300
[  388.899438][T11933]  skb_copy_datagram_from_iter+0x399/0x720
[  388.899473][T11933]  tun_get_user+0x1889/0x3c20
[  388.899507][T11933]  ? __pfx_tun_get_user+0x10/0x10
[  388.899528][T11933]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  388.899549][T11933]  ? find_held_lock+0x2b/0x80
[  388.899565][T11933]  ? tun_get+0x191/0x370
[  388.899575][T11933]  ? tun_get+0x191/0x370
[  388.899591][T11933]  tun_chr_write_iter+0xdc/0x200
[  388.899605][T11933]  vfs_write+0x6ac/0x1070
[  388.899620][T11933]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  388.899635][T11933]  ? __pfx_vfs_write+0x10/0x10
[  388.899647][T11933]  ? find_held_lock+0x2b/0x80
[  388.899671][T11933]  ksys_write+0x12a/0x250
[  388.899685][T11933]  ? __pfx_ksys_write+0x10/0x10
[  388.899699][T11933]  ? ksys_write+0x1ac/0x250
[  388.899719][T11933]  ? rcu_is_watching+0x12/0xc0
[  388.899735][T11933]  __do_fast_syscall_32+0xe7/0x970
[  388.899754][T11933]  ? lockdep_hardirqs_on+0x78/0x100
[  388.899773][T11933]  do_fast_syscall_32+0x32/0x70
[  388.899793][T11933]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  388.899810][T11933] RIP: 0023:0xf7f95f7c
[  388.899821][T11933] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  388.899833][T11933] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  388.899846][T11933] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  388.899854][T11933] RDX: 000000000000fd6c RSI: 0000000000000000 RDI: 0000000000000000
[  388.899861][T11933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  388.899868][T11933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  388.899875][T11933] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  388.899890][T11933]  </TASK>
[  389.185475][T11938] cgroup: Invalid name
[  389.191434][T11935] veth0_vlan: left promiscuous mode
[  390.069448][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  390.142308][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  390.366187][T11956] evm: overlay not supported
[  390.938636][T11972] binder: 11971:11972 ioctl 4018620d 0 returned -22
[  391.081176][T11974] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  391.083767][T11974] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  391.087182][T11974] vhci_hcd vhci_hcd.0: Device attached
[  391.094676][T11974] netlink: 'syz.0.1782': attribute type 12 has an invalid length.
[  391.382776][ T5830] usb 38-1: SetAddress Request (14) to port 0
[  391.386133][ T5830] usb 38-1: new SuperSpeed USB device number 14 using vhci_hcd
[  391.867926][T11975] vhci_hcd: connection reset by peer
[  391.899259][T10820] vhci_hcd vhci_hcd.0: stop threads
[  391.901167][T10820] vhci_hcd vhci_hcd.0: release socket
[  391.924387][T10820] vhci_hcd vhci_hcd.0: disconnect device
[  392.097610][T11979] syzkaller1: entered promiscuous mode
[  392.106324][T11979] syzkaller1: entered allmulticast mode
[  393.034137][T12001] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  393.815270][T12015] Cannot find add_set index 2 as target
[  394.366014][T12010] bridge3: port 1(erspan0) entered disabled state
[  394.447732][T12010] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.451080][T12010] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.613098][T12010] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  394.626207][T12010] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  394.998674][T12038] __nla_validate_parse: 1 callbacks suppressed
[  394.998695][T12038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1797'.
[  395.080800][ T1240] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  395.084690][ T1240] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  395.088566][ T1240] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  395.093977][ T1240] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  395.099785][ T1240] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  395.105209][ T1240] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  395.114228][ T1240] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  395.123536][ T1240] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  395.137486][T12024] lo speed is unknown, defaulting to 1000
[  395.148128][T12024] lo speed is unknown, defaulting to 1000
[  396.744000][T12065] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1806'.
[  396.758309][T12074] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1809'.
[  396.762668][T12074] FAULT_INJECTION: forcing a failure.
[  396.762668][T12074] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.776000][T12074] CPU: 2 UID: 0 PID: 12074 Comm: syz.3.1809 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  396.776021][T12074] Tainted: [L]=SOFTLOCKUP
[  396.776025][T12074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  396.776032][T12074] Call Trace:
[  396.776037][T12074]  <TASK>
[  396.776042][T12074]  dump_stack_lvl+0x100/0x190
[  396.776059][T12074]  should_fail_ex.cold+0x5/0xa
[  396.776079][T12074]  _copy_to_user+0x32/0xd0
[  396.776097][T12074]  simple_read_from_buffer+0xcb/0x170
[  396.776112][T12074]  proc_fail_nth_read+0x1af/0x230
[  396.776131][T12074]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  396.776150][T12074]  ? rw_verify_area+0xce/0x6d0
[  396.776162][T12074]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  396.776179][T12074]  vfs_read+0x1e4/0xb30
[  396.776194][T12074]  ? __pfx_vfs_read+0x10/0x10
[  396.776206][T12074]  ? find_held_lock+0x2b/0x80
[  396.776221][T12074]  ? __fget_files+0x215/0x3d0
[  396.776238][T12074]  ? __fget_files+0x21f/0x3d0
[  396.776254][T12074]  ksys_read+0x12a/0x250
[  396.776267][T12074]  ? __pfx_ksys_read+0x10/0x10
[  396.776280][T12074]  ? rcu_is_watching+0x12/0xc0
[  396.776294][T12074]  ? rcu_is_watching+0x12/0xc0
[  396.776308][T12074]  do_int80_emulation+0x14b/0x720
[  396.776327][T12074]  asm_int80_emulation+0x1a/0x20
[  396.776339][T12074] RIP: 0023:0xf71c61ab
[  396.776349][T12074] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  396.776360][T12074] RSP: 002b:00000000f547d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  396.776371][T12074] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f547d5d0
[  396.776378][T12074] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  396.776385][T12074] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  396.776391][T12074] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  396.776398][T12074] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  396.776412][T12074]  </TASK>
[  396.848250][ T5830] usb 38-1: device descriptor read/8, error -110
[  396.857304][T12076] erspan0: left allmulticast mode
[  396.859204][T12076] erspan0: left promiscuous mode
[  396.861071][T12076] bridge3: port 1(erspan0) entered disabled state
[  396.897636][T12078] FAULT_INJECTION: forcing a failure.
[  396.897636][T12078] name failslab, interval 1, probability 0, space 0, times 0
[  396.899947][T12076] bridge4: port 1(erspan0) entered blocking state
[  396.905502][T12078] CPU: 2 UID: 0 PID: 12078 Comm: syz.3.1810 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  396.905522][T12078] Tainted: [L]=SOFTLOCKUP
[  396.905526][T12078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  396.905533][T12078] Call Trace:
[  396.905537][T12078]  <TASK>
[  396.905542][T12078]  dump_stack_lvl+0x100/0x190
[  396.905562][T12078]  should_fail_ex.cold+0x5/0xa
[  396.905577][T12078]  should_failslab+0xc2/0x120
[  396.905592][T12078]  __kmalloc_cache_noprof+0x7a/0x6f0
[  396.905609][T12078]  ? proc_self_get_link+0xf9/0x1f0
[  396.905625][T12078]  proc_self_get_link+0xf9/0x1f0
[  396.905638][T12078]  pick_link+0xd17/0x13c0
[  396.905649][T12078]  ? __pfx_proc_self_get_link+0x10/0x10
[  396.905664][T12078]  step_into_slowpath+0x9ba/0xf90
[  396.905675][T12078]  ? __d_lookup+0x25c/0x4a0
[  396.905686][T12078]  ? __d_lookup+0x25c/0x4a0
[  396.905698][T12078]  ? __pfx_step_into_slowpath+0x10/0x10
[  396.905710][T12078]  ? __d_lookup+0x266/0x4a0
[  396.905722][T12078]  ? lookup_fast+0x2da/0x600
[  396.905720][T12076] bridge4: port 1(erspan0) entered disabled state
[  396.905731][T12078]  ? inode_permission+0x374/0x620
[  396.905751][T12078]  link_path_walk+0xf28/0x1cc0
[  396.905767][T12078]  path_openat+0x1be/0x31a0
[  396.905783][T12078]  ? do_fast_syscall_32+0x1/0x70
[  396.905802][T12078]  ? __pfx_path_openat+0x10/0x10
[  396.905820][T12078]  do_file_open+0x20e/0x430
[  396.905836][T12078]  ? __pfx_do_file_open+0x10/0x10
[  396.905855][T12078]  ? __pfx_proc_put_link+0x10/0x10
[  396.905871][T12078]  ? _raw_spin_unlock+0x28/0x50
[  396.905885][T12078]  ? alloc_fd+0x476/0x790
[  396.905902][T12078]  do_sys_openat2+0x10d/0x1e0
[  396.905920][T12078]  ? __pfx_do_sys_openat2+0x10/0x10
[  396.905937][T12078]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  396.905958][T12078]  __ia32_compat_sys_openat+0x12d/0x210
[  396.905977][T12078]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  396.905995][T12078]  ? fput+0x79/0x100
[  396.906010][T12078]  ? ksys_write+0x1ac/0x250
[  396.906023][T12078]  ? rcu_is_watching+0x12/0xc0
[  396.906038][T12078]  __do_fast_syscall_32+0xe7/0x970
[  396.906055][T12078]  ? lockdep_hardirqs_on+0x78/0x100
[  396.906072][T12078]  do_fast_syscall_32+0x32/0x70
[  396.906089][T12078]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  396.906104][T12078] RIP: 0023:0xf708ef7c
[  396.906114][T12078] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  396.906125][T12078] RSP: 002b:00000000f547d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000127
[  396.906137][T12078] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040
[  396.906144][T12078] RDX: 000000000000275a RSI: 0000000000000000 RDI: 0000000000000000
[  396.906150][T12078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  396.906156][T12078] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  396.906163][T12078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  396.906176][T12078]  </TASK>
[  396.911006][T12065] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1806'.
[  396.923023][T12076] erspan0: entered allmulticast mode
[  397.112279][T12076] erspan0: entered promiscuous mode
[  397.129200][ T5510] bridge4: entered promiscuous mode
[  397.153929][T12088] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1813'.
[  397.284066][ T5830] usb usb38-port1: attempt power cycle
[  397.394016][T12095] netlink: 'syz.2.1815': attribute type 11 has an invalid length.
[  397.883625][ T5830] usb usb38-port1: unable to enumerate USB device
[  398.704281][T12128] nbd4: detected capacity change from 0 to 63
[  398.709178][T12129] block nbd4: NBD_DISCONNECT
[  398.711431][T12129] block nbd4: Disconnected due to user request.
[  398.720686][T12129] block nbd4: shutting down sockets
[  398.733859][    C3] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.736914][    C3] buffer_io_error: 4086 callbacks suppressed
[  398.736925][    C3] Buffer I/O error on dev nbd4, logical block 0, async page read
[  398.742781][    C3] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.745694][    C3] Buffer I/O error on dev nbd4, logical block 1, async page read
[  398.751063][    C3] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.754478][    C3] Buffer I/O error on dev nbd4, logical block 2, async page read
[  398.756966][    C3] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.759904][    C3] Buffer I/O error on dev nbd4, logical block 3, async page read
[  398.762775][ T6136] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.768087][ T6136] Buffer I/O error on dev nbd4, logical block 0, async page read
[  398.771250][ T6136] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.774522][ T6136] Buffer I/O error on dev nbd4, logical block 1, async page read
[  398.777467][ T6136] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.780619][ T6136] Buffer I/O error on dev nbd4, logical block 2, async page read
[  398.783352][ T6136] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.786391][ T6136] Buffer I/O error on dev nbd4, logical block 3, async page read
[  398.789265][ T6136] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.792666][ T6136] Buffer I/O error on dev nbd4, logical block 0, async page read
[  398.795412][ T6136] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  398.798198][ T6136] Buffer I/O error on dev nbd4, logical block 1, async page read
[  398.803609][ T6136] ldm_validate_partition_table(): Disk read failed.
[  398.807160][ T6136] Dev nbd4: unable to read RDB block 0
[  398.810033][ T6136]  nbd4: unable to read partition table
[  398.822019][T12129] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1824'.
[  398.830762][ T6136] ldm_validate_partition_table(): Disk read failed.
[  398.833883][ T6136] Dev nbd4: unable to read RDB block 0
[  398.838677][ T6136]  nbd4: unable to read partition table
[  399.651812][T12141] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0)
[  399.987441][T12129] lo speed is unknown, defaulting to 1000
[  399.991353][T12129] lo speed is unknown, defaulting to 1000
[  402.254910][T12171] FAULT_INJECTION: forcing a failure.
[  402.254910][T12171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.262839][T12171] CPU: 0 UID: 0 PID: 12171 Comm: syz.3.1839 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  402.262862][T12171] Tainted: [L]=SOFTLOCKUP
[  402.262867][T12171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  402.262874][T12171] Call Trace:
[  402.262879][T12171]  <TASK>
[  402.262884][T12171]  dump_stack_lvl+0x100/0x190
[  402.262902][T12171]  should_fail_ex.cold+0x5/0xa
[  402.262919][T12171]  _copy_from_user+0x2e/0xd0
[  402.262937][T12171]  compat_do_replace+0x417/0x500
[  402.262958][T12171]  ? __pfx_compat_do_replace+0x10/0x10
[  402.262976][T12171]  ? lockdep_hardirqs_on+0x78/0x100
[  402.263006][T12171]  ? bpf_lsm_capable+0x9/0x10
[  402.263020][T12171]  ? security_capable+0x80/0x260
[  402.263034][T12171]  do_ip6t_set_ctl+0x562/0xb00
[  402.263089][T12171]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  402.263117][T12171]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  402.263145][T12171]  ? __pfx___might_resched+0x10/0x10
[  402.263163][T12171]  ? nf_sockopt_find.isra.0+0x222/0x290
[  402.263185][T12171]  nf_setsockopt+0x8d/0xf0
[  402.263205][T12171]  ipv6_setsockopt+0x135/0x170
[  402.263226][T12171]  udpv6_setsockopt+0x64/0xb0
[  402.263238][T12171]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  402.263257][T12171]  do_sock_setsockopt+0xf3/0x1d0
[  402.263274][T12171]  __sys_setsockopt+0x119/0x190
[  402.263289][T12171]  __ia32_sys_setsockopt+0xbc/0x160
[  402.263315][T12171]  ? __do_fast_syscall_32+0x98/0x970
[  402.263335][T12171]  ? lockdep_hardirqs_on+0x78/0x100
[  402.263353][T12171]  __do_fast_syscall_32+0xe7/0x970
[  402.263371][T12171]  ? lockdep_hardirqs_on+0x78/0x100
[  402.263390][T12171]  do_fast_syscall_32+0x32/0x70
[  402.263409][T12171]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  402.263426][T12171] RIP: 0023:0xf708ef7c
[  402.263437][T12171] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  402.263450][T12171] RSP: 002b:00000000f547d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  402.263463][T12171] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  402.263471][T12171] RDX: 0000000000000040 RSI: 0000000080000440 RDI: 0000000000000450
[  402.263479][T12171] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  402.263486][T12171] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  402.263493][T12171] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  402.263513][T12171]  </TASK>
[  403.067960][ T5153] block nbd2: Possible stuck request ffff888027b95080: control (read@0,1024B). Runtime 330 seconds
[  403.073772][ T5153] block nbd2: Possible stuck request ffff888027b95240: control (read@1024,1024B). Runtime 330 seconds
[  403.080439][ T5153] block nbd2: Possible stuck request ffff888027b95400: control (read@2048,1024B). Runtime 330 seconds
[  403.085177][ T5153] block nbd2: Possible stuck request ffff888027b955c0: control (read@3072,1024B). Runtime 330 seconds
[  403.684815][T12191] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1845'.
[  403.726622][T12194] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1844'.
[  403.781219][T12194] bond3: (slave geneve4): Enslaving as an active interface with an up link
[  403.787684][ T1162] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  403.791183][ T1162] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  403.795642][ T1162] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  403.798741][ T1162] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  403.842205][T12194] bond3 (unregistering): (slave geneve4): Releasing backup interface
[  403.860896][T12194] bond3 (unregistering): Released all slaves
[  403.883299][ T1162] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 20004 - 0
[  403.887833][ T1162] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 20004 - 0
[  403.892164][ T1162] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 20004 - 0
[  403.895936][ T1162] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 20004 - 0
[  404.286401][T12202] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1846'.
[  404.289895][T12202] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1846'.
[  404.300984][T12202] virtio-fs: tag </dev/md0> not found
[  404.815345][   T40] audit: type=1804 audit(1780508660.560:930): pid=12207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1848" name="file1" dev="ramfs" ino=47383 res=1 errno=0
[  404.986605][T12216] Invalid source name
[  405.135450][T12220] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1852'.
[  405.416960][T12233] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  405.568143][   T34] usb 7-1: new full-speed USB device number 26 using dummy_hcd
[  405.848064][   T34] usb 7-1: config 0 has no interfaces?
[  405.850688][   T34] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  405.855206][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.862132][   T34] usb 7-1: config 0 descriptor??
[  406.080751][T12220] FAULT_INJECTION: forcing a failure.
[  406.080751][T12220] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.086558][T12220] CPU: 3 UID: 0 PID: 12220 Comm: syz.2.1852 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  406.086604][T12220] Tainted: [L]=SOFTLOCKUP
[  406.086611][T12220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  406.086621][T12220] Call Trace:
[  406.086629][T12220]  <TASK>
[  406.086636][T12220]  dump_stack_lvl+0x100/0x190
[  406.086678][T12220]  should_fail_ex.cold+0x5/0xa
[  406.086701][T12220]  _copy_from_iter+0x1f4/0x1690
[  406.086732][T12220]  ? __pfx__copy_from_iter+0x10/0x10
[  406.086756][T12220]  ? rcu_is_watching+0x12/0xc0
[  406.086778][T12220]  ? trace_kmalloc+0xe3/0x110
[  406.086797][T12220]  ? __kasan_kmalloc+0xaa/0xb0
[  406.086817][T12220]  ? __kmalloc_noprof+0x320/0x850
[  406.086841][T12220]  kernfs_fop_write_iter+0x186/0x5f0
[  406.086870][T12220]  vfs_write+0x6ac/0x1070
[  406.086891][T12220]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  406.086917][T12220]  ? __pfx_vfs_write+0x10/0x10
[  406.086951][T12220]  ? find_held_lock+0x2b/0x80
[  406.087007][T12220]  ksys_write+0x12a/0x250
[  406.087030][T12220]  ? __pfx_ksys_write+0x10/0x10
[  406.087049][T12220]  ? ksys_write+0x1ac/0x250
[  406.087070][T12220]  ? rcu_is_watching+0x12/0xc0
[  406.087093][T12220]  __do_fast_syscall_32+0xe7/0x970
[  406.087124][T12220]  ? lockdep_hardirqs_on+0x78/0x100
[  406.087150][T12220]  do_fast_syscall_32+0x32/0x70
[  406.087177][T12220]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  406.087200][T12220] RIP: 0023:0xf6ffef7c
[  406.087215][T12220] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  406.087232][T12220] RSP: 002b:00000000f53cc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  406.087249][T12220] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800000c0
[  406.087260][T12220] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  406.087271][T12220] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  406.087281][T12220] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  406.087291][T12220] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  406.087314][T12220]  </TASK>
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x8f000)
[  406.440646][T12237] syzkaller0: entered promiscuous mode
[  406.447308][T12237] syzkaller0: entered allmulticast mode
[  406.458971][ T1129] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  406.461079][ T1129] ata1: failed to read log page 10h (errno=-5)
[  406.463753][ T1129] ata1.00: exception Emask 0x1 SAct 0x40000001 SErr 0x0 action 0x0
[  406.467343][ T1129] ata1.00: irq_stat 0x40000000
[  406.469358][ T1129] ata1.00: failed command: WRITE FPDMA QUEUED
[  406.472985][ T1129] ata1.00: cmd 61/08:00:36:c1:08/00:00:00:00:00/40 tag 0 ncq dma 4096 out
[  406.472985][ T1129]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  406.473716][T12240] libceph: resolve '400' (ret=-3): failed
[  406.478746][ T1129] ata1.00: status: { DRDY }
[  406.478765][ T1129] ata1.00: error: { ABRT }
[  406.478778][ T1129] ata1.00: failed command: WRITE FPDMA QUEUED
[  406.478785][ T1129] ata1.00: cmd 61/78:f0:be:ec:09/04:00:00:00:00/40 tag 30 ncq dma 585728 out
[  406.478785][ T1129]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  406.478816][ T1129] ata1.00: status: { DRDY }
[  406.478824][ T1129] ata1.00: error: { ABRT }
[  406.479719][ T1129] ata1.00: configured for UDMA/100
[  406.505120][ T1129] ata1: EH complete
[  407.158165][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1860'.
[  407.229089][T12249] FAULT_INJECTION: forcing a failure.
[  407.229089][T12249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.234535][T12249] CPU: 1 UID: 0 PID: 12249 Comm: syz.0.1861 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  407.234566][T12249] Tainted: [L]=SOFTLOCKUP
[  407.234573][T12249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  407.234584][T12249] Call Trace:
[  407.234591][T12249]  <TASK>
[  407.234600][T12249]  dump_stack_lvl+0x100/0x190
[  407.234624][T12249]  should_fail_ex.cold+0x5/0xa
[  407.234648][T12249]  _copy_to_user+0x32/0xd0
[  407.234674][T12249]  simple_read_from_buffer+0xcb/0x170
[  407.234698][T12249]  proc_fail_nth_read+0x1af/0x230
[  407.234727][T12249]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  407.234756][T12249]  ? rw_verify_area+0xce/0x6d0
[  407.234774][T12249]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  407.234801][T12249]  vfs_read+0x1e4/0xb30
[  407.234824][T12249]  ? __pfx_vfs_read+0x10/0x10
[  407.234842][T12249]  ? find_held_lock+0x2b/0x80
[  407.234866][T12249]  ? __fget_files+0x215/0x3d0
[  407.234892][T12249]  ? __fget_files+0x21f/0x3d0
[  407.234920][T12249]  ksys_read+0x12a/0x250
[  407.234940][T12249]  ? __pfx_ksys_read+0x10/0x10
[  407.234960][T12249]  ? rcu_is_watching+0x12/0xc0
[  407.235005][T12249]  ? rcu_is_watching+0x12/0xc0
[  407.235030][T12249]  do_int80_emulation+0x14b/0x720
[  407.235061][T12249]  asm_int80_emulation+0x1a/0x20
[  407.235079][T12249] RIP: 0023:0xf71961ab
[  407.235094][T12249] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  407.235111][T12249] RSP: 002b:00000000f54564bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  407.235133][T12249] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54565d0
[  407.235144][T12249] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  407.235154][T12249] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  407.235165][T12249] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  407.235175][T12249] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  407.235198][T12249]  </TASK>
[  407.487739][T12254] FAULT_INJECTION: forcing a failure.
[  407.487739][T12254] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.493201][T12254] CPU: 3 UID: 0 PID: 12254 Comm: syz.3.1864 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  407.493230][T12254] Tainted: [L]=SOFTLOCKUP
[  407.493237][T12254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  407.493246][T12254] Call Trace:
[  407.493253][T12254]  <TASK>
[  407.493260][T12254]  dump_stack_lvl+0x100/0x190
[  407.493283][T12254]  should_fail_ex.cold+0x5/0xa
[  407.493306][T12254]  _copy_from_user+0x2e/0xd0
[  407.493331][T12254]  copy_folio_from_user+0x13e/0x330
[  407.493363][T12254]  mfill_atomic_copy+0x1055/0x16d0
[  407.493392][T12254]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  407.493415][T12254]  ? find_held_lock+0x2b/0x80
[  407.493449][T12254]  userfaultfd_ioctl+0x286c/0x3890
[  407.493476][T12254]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  407.493496][T12254]  ? do_vfs_ioctl+0x226/0x13e0
[  407.493512][T12254]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  407.493536][T12254]  ? find_held_lock+0x2b/0x80
[  407.493556][T12254]  ? __fget_files+0x215/0x3d0
[  407.493574][T12254]  ? hook_file_ioctl_common+0x149/0x410
[  407.493601][T12254]  ? __fget_files+0x21f/0x3d0
[  407.493621][T12254]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  407.493640][T12254]  ? compat_ptr_ioctl+0x6e/0xa0
[  407.493655][T12254]  compat_ptr_ioctl+0x6e/0xa0
[  407.493671][T12254]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  407.493688][T12254]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  407.493710][T12254]  __do_fast_syscall_32+0xe7/0x970
[  407.493734][T12254]  ? lockdep_hardirqs_on+0x78/0x100
[  407.493758][T12254]  do_fast_syscall_32+0x32/0x70
[  407.493783][T12254]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  407.493805][T12254] RIP: 0023:0xf708ef7c
[  407.493820][T12254] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  407.493836][T12254] RSP: 002b:00000000f547d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  407.493851][T12254] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c028aa03
[  407.493862][T12254] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  407.493871][T12254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  407.493881][T12254] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  407.493891][T12254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  407.493914][T12254]  </TASK>
[  408.404658][   T34] usb 7-1: USB disconnect, device number 26
[  408.526276][T12282] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1870'.
[  408.531737][ T5153] block nbd0: Possible stuck request ffff888027abe000: control (read@0,1024B). Runtime 330 seconds
[  408.536061][ T5153] block nbd0: Possible stuck request ffff888027abe1c0: control (read@1024,1024B). Runtime 330 seconds
[  408.541654][ T5153] block nbd0: Possible stuck request ffff888027abe380: control (read@2048,1024B). Runtime 330 seconds
[  408.545695][ T5153] block nbd0: Possible stuck request ffff888027abe540: control (read@3072,1024B). Runtime 330 seconds
[  408.881317][T12284] ubi2: attaching mtd1
[  408.946737][T12284] ubi2: scanning is finished
[  408.949041][T12284] ubi2: empty MTD device detected
[  408.951409][T12284] ubi2 error: ubi_early_get_peb: no free eraseblocks
[  409.160394][T12284] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28
[  409.901258][T12280] erspan0: left allmulticast mode
[  409.903544][T12280] erspan0: left promiscuous mode
[  409.906141][T12280] bridge12: port 1(erspan0) entered disabled state
[  410.411682][   T50] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[  410.592785][   T50] usb 8-1: Using ep0 maxpacket: 32
[  410.604360][   T50] usb 8-1: config 155 has an invalid descriptor of length 98, skipping remainder of the config
[  410.609872][   T50] usb 8-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  410.615074][   T50] usb 8-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 47, changing to 9
[  410.619924][   T50] usb 8-1: config 155 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 49308, setting to 1024
[  410.625489][   T50] usb 8-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  410.649324][   T50] usb 8-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  410.653398][   T50] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.656251][   T50] usb 8-1: Product: syz
[  410.659101][   T50] usb 8-1: Manufacturer: syz
[  410.664426][   T50] usb 8-1: SerialNumber: syz
[  410.732502][    C3] imon 8-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  410.769775][   T50] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:155.0/input/input69
[  410.935498][T12298] tmpfs: Unknown parameter 'grpquota£JötóóŸâ4‘#|‚-ì	è“ШÄöwtz¼6	4¸)ÿ…¿Ù•;º)‡¦s™êÄ'ÑEÕ•¤ŸoñJĈì³…
[  410.935498][T12298] '¯•D®§äTÞ Y´CQ?'
[  410.977557][   T50] imon 8-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  410.980584][   T50]  (id 0x00)
[  411.084856][   T50] rc_core: IR keymap rc-imon-pad not found
[  411.097080][   T50] Registered IR keymap rc-empty
[  411.108231][   T50] imon 8-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  411.128233][   T50] imon 8-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  411.349692][   T50] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:155.0/rc/rc0
[  411.405339][   T50] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:155.0/rc/rc0/input70
[  411.432049][   T50] imon 8-1:155.0: iMON device (15c2:ffdc, intf0) on usb<8:38> initialized
[  411.443259][   T50] usb 8-1: USB disconnect, device number 38
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x170000)
[  411.569271][ T1129] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  411.572200][ T1129] ata1: failed to read log page 10h (errno=-5)
[  411.574901][ T1129] ata1.00: NCQ disabled due to excessive errors
[  411.578051][ T1129] ata1.00: exception Emask 0x1 SAct 0x4000 SErr 0x0 action 0x0
[  411.581622][ T1129] ata1.00: irq_stat 0x41000000
[  411.583984][ T1129] ata1.00: failed command: READ FPDMA QUEUED
[  411.586640][ T1129] ata1.00: cmd 60/80:70:6e:3a:01/0b:00:00:00:00/40 tag 14 ncq dma 1507328 in
[  411.586640][ T1129]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  411.594312][ T1129] ata1.00: status: { DRDY }
[  411.596768][ T1129] ata1.00: error: { ABRT }
[  411.600673][ T1129] ata1.00: configured for UDMA/100
[  411.603520][ T1129] sd 0:0:0:0: [sda] tag#14 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  411.607702][ T1129] sd 0:0:0:0: [sda] tag#14 Sense Key : Aborted Command [current] 
[  411.611366][ T1129] sd 0:0:0:0: [sda] tag#14 Add. Sense: No additional sense information
[  411.614928][ T1129] sd 0:0:0:0: [sda] tag#14 CDB: Read(10) 28 00 00 01 3a 6e 00 0b 80 00
[  411.618468][ T1129] blk_print_req_error: 138 callbacks suppressed
[  411.618483][ T1129] I/O error, dev sda, sector 80494 op 0x0:(READ) flags 0x80700 phys_seg 168 prio class 2
[  411.626946][ T1129] ata1: EH complete
[  411.782753][T12329] ubi2: attaching mtd1
[  411.786795][T12329] ubi2: scanning is finished
[  411.788437][T12329] ubi2: empty MTD device detected
[  411.790363][T12329] ubi2 error: ubi_early_get_peb: no free eraseblocks
[  411.973288][T12345] xt_time: invalid argument - start or stop time greater than 23:59:59
[  411.990778][T12349] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1892'.
[  411.998944][T12349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  412.011886][T12329] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28
[  412.047537][T12352] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1890'.
[  412.054504][T12345] openvswitch: netlink: Message has 16 unknown bytes.
[  412.130849][T12354] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1893'.
[  412.168582][T12354] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  412.261087][   T24] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  412.308027][T12359] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1895'.
[  412.311896][T12359] openvswitch: netlink: Flow actions attr not present in new flow.
[  412.426236][   T24] usb 9-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  412.430599][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  412.434504][ T5830] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  412.437975][   T24] usb 9-1: Product: syz
[  412.441003][   T24] usb 9-1: Manufacturer: syz
[  412.444648][   T24] usb 9-1: SerialNumber: syz
[  412.450812][   T24] usb 9-1: config 0 descriptor??
[  412.457404][   T24] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  412.460455][   T24] dvb-usb: bulk message failed: -22 (2/0)
[  412.467554][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  412.472009][   T24] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  412.476490][   T24] usb 9-1: media controller created
[  412.490403][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  412.531573][T12361] dlm: no local IP address has been set
[  412.536028][T12361] dlm: cannot start dlm midcomms -107
[  412.604678][ T5830] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  412.609943][ T5830] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  412.614744][ T5830] usb 7-1: Product: syz
[  412.617222][ T5830] usb 7-1: Manufacturer: syz
[  412.619699][ T5830] usb 7-1: SerialNumber: syz
[  412.629311][ T5830] usb 7-1: config 0 descriptor??
[  412.639760][ T5830] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  412.643220][ T5830] dvb-usb: bulk message failed: -22 (2/0)
[  412.651090][ T5830] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  412.656694][ T5830] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  412.662216][ T5830] usb 7-1: media controller created
[  412.677660][T12349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  412.681971][ T5830] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  412.695564][T12349] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  412.715779][T12349] dvb-usb: bulk message failed: -22 (4/0)
[  412.723995][T12349] cxusb: i2c read failed
[  412.740691][   T24] cxusb: set interface failed
[  412.753405][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  412.785352][   T24] DVB: Unable to find symbol mt352_attach()
[  412.787862][   T24] dvb-usb: bulk message failed: -22 (5/0)
[  412.789697][   T24] zl10353_read_register: readreg error (reg=127, ret==-121)
[  412.792482][   T24] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  412.859782][   T24] rc_core: IR keymap rc-dvico-mce not found
[  412.863028][   T24] Registered IR keymap rc-empty
[  412.866792][T12354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  412.867377][   T24] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0
[  412.877088][T12354] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  412.885656][   T24] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input71
[  412.887855][T12354] dvb-usb: bulk message failed: -22 (4/0)
[  412.892249][T12354] cxusb: i2c read failed
[  412.899546][   T24] dvb-usb: schedule remote query interval to 100 msecs.
[  412.903242][ T5830] cxusb: set interface failed
[  412.906287][ T5830] dvb-usb: bulk message failed: -22 (1/0)
[  412.908838][   T24] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  412.922001][   T24] usb 9-1: USB disconnect, device number 9
[  412.954334][ T5830] DVB: Unable to find symbol mt352_attach()
[  412.959264][ T5830] dvb-usb: bulk message failed: -22 (5/0)
[  412.964881][ T5830] zl10353_read_register: readreg error (reg=127, ret==-121)
[  412.974035][ T5830] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  413.041309][ T5830] rc_core: IR keymap rc-dvico-mce not found
[  413.043173][ T5830] Registered IR keymap rc-empty
[  413.276815][ T5830] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  413.285796][   T24] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  413.291747][ T5830] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input72
[  413.301152][ T5830] dvb-usb: schedule remote query interval to 100 msecs.
[  413.304144][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  413.311887][ T5830] usb 7-1: USB disconnect, device number 27
[  413.345669][ T5948] block nbd3: Possible stuck request ffff888027c0e000: control (read@0,1024B). Runtime 330 seconds
[  413.349585][ T5948] block nbd3: Possible stuck request ffff888027c0e1c0: control (read@1024,1024B). Runtime 330 seconds
[  413.353127][ T5948] block nbd3: Possible stuck request ffff888027c0e380: control (read@2048,1024B). Runtime 330 seconds
[  413.356722][ T5948] block nbd3: Possible stuck request ffff888027c0e540: control (read@3072,1024B). Runtime 330 seconds
[  413.365074][ T5830] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  413.730401][T12376] siw: device registration error -23
[  413.766564][T12379] ubi2: attaching mtd1
[  413.770757][T12379] ubi2: scanning is finished
[  413.772259][T12379] ubi2: empty MTD device detected
[  413.774090][T12379] ubi2 error: ubi_early_get_peb: no free eraseblocks
[  413.979558][T12379] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28
[  415.078759][   T40] audit: type=1326 audit(1780508670.166:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef7c code=0x7ffc0000
[  415.099798][   T40] audit: type=1326 audit(1780508670.176:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  415.124661][   T40] audit: type=1326 audit(1780508670.176:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  415.146397][   T40] audit: type=1326 audit(1780508670.176:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  415.180056][   T40] audit: type=1326 audit(1780508670.176:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  415.207076][   T40] audit: type=1326 audit(1780508670.176:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  415.230587][   T40] audit: type=1326 audit(1780508670.176:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  415.285532][   T40] audit: type=1326 audit(1780508670.176:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  415.303149][   T40] audit: type=1326 audit(1780508670.185:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  415.319502][   T40] audit: type=1326 audit(1780508670.185:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.3.1891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef7c code=0x7ffc0000
[  415.417997][T12347] lo speed is unknown, defaulting to 1000
[  415.422966][T12347] lo speed is unknown, defaulting to 1000
[  415.932022][T12405] dlm: Unknown command passed to DLM device : 3
[  415.932022][T12405] 
[  415.999701][T12406] random: crng reseeded on system resumption
[  416.070391][T12406] batman_adv: batadv0: Adding interface: macsec1
[  416.073063][T12406] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  416.082912][T12406] batman_adv: batadv0: Interface activated: macsec1
[  417.076766][T12347] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1891'.
[  417.307472][T12420] IPVS: length: 218 != 24
[  418.393908][T12426] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  418.396230][T12426] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  418.399048][T12426] vhci_hcd vhci_hcd.0: Device attached
[  418.448679][T12430] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.1917'.
[  419.008008][ T6768] usb 44-1: SetAddress Request (6) to port 0
[  419.010029][ T6768] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  419.143970][T12427] vhci_hcd: connection closed
[  419.541487][   T13] vhci_hcd vhci_hcd.3: stop threads
[  419.545441][   T13] vhci_hcd vhci_hcd.3: release socket
[  419.549068][   T13] vhci_hcd vhci_hcd.3: disconnect device
[  419.637413][ T6768] usb 44-1: enqueue for inactive port 0
[  420.063397][ T6768] usb usb44-port1: attempt power cycle
[  420.950753][ T6768] usb usb44-port1: unable to enumerate USB device
[  421.984839][T12464] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1928'.
[  424.059424][T12473] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1932'.
[  424.073885][T12473] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  424.092794][T12474] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1931'.
[  424.351682][ T6768] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  424.459185][   T24] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  424.556556][ T6768] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  424.559740][ T6768] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  424.562709][ T6768] usb 7-1: Product: syz
[  424.564275][ T6768] usb 7-1: Manufacturer: syz
[  424.565948][ T6768] usb 7-1: SerialNumber: syz
[  424.578452][ T6768] usb 7-1: config 0 descriptor??
[  424.584286][ T6768] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  424.587860][ T6768] dvb-usb: bulk message failed: -22 (2/0)
[  424.595928][ T6768] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  424.599572][ T6768] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  424.602143][ T6768] usb 7-1: media controller created
[  424.618547][ T6768] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  424.642877][   T24] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  424.646632][   T24] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  424.668068][   T24] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  424.683540][   T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  424.686972][   T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  424.694812][   T24] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  424.697803][   T24] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  424.700348][   T24] usb 9-1: Product: syz
[  424.705948][   T24] usb 9-1: Manufacturer: syz
[  424.710155][   T40] kauditd_printk_skb: 4594 callbacks suppressed
[  424.710167][   T40] audit: type=1326 audit(1780508679.174:5535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef7c code=0x7ffc0000
[  424.711675][   T24] cdc_wdm 9-1:1.0: skipping garbage
[  424.713601][   T40] audit: type=1326 audit(1780508679.174:5536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef7c code=0x7ffc0000
[  424.720087][   T24] cdc_wdm 9-1:1.0: skipping garbage
[  424.731688][   T24] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  424.732971][   T40] audit: type=1326 audit(1780508679.184:5537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf708ef7c code=0x7ffc0000
[  424.733652][   T24] cdc_wdm 9-1:1.0: Unknown control protocol
[  424.763613][   T40] audit: type=1326 audit(1780508679.184:5538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef7c code=0x7ffc0000
[  424.775855][   T40] audit: type=1326 audit(1780508679.184:5539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708ef7c code=0x7ffc0000
[  424.783537][   T40] audit: type=1326 audit(1780508679.184:5540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf708ef7c code=0x7ffc0000
[  424.790512][   T40] audit: type=1326 audit(1780508679.184:5541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  424.797465][   T40] audit: type=1326 audit(1780508679.184:5542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  424.805428][   T40] audit: type=1326 audit(1780508679.184:5543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  424.808871][T12473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.812049][   T40] audit: type=1326 audit(1780508679.184:5544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12486 comm="syz.3.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708ef98 code=0x7ffc0000
[  424.827977][T12473] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  424.837000][T12473] dvb-usb: bulk message failed: -22 (4/0)
[  424.839103][T12473] cxusb: i2c read failed
[  424.842940][ T6768] cxusb: set interface failed
[  424.847318][ T6768] dvb-usb: bulk message failed: -22 (1/0)
[  424.872450][ T6768] DVB: Unable to find symbol mt352_attach()
[  424.875886][ T6768] dvb-usb: bulk message failed: -22 (5/0)
[  424.877790][ T6768] zl10353_read_register: readreg error (reg=127, ret==-121)
[  424.883103][ T6768] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  424.971619][ T6768] rc_core: IR keymap rc-dvico-mce not found
[  424.976764][ T6768] Registered IR keymap rc-empty
[  424.981107][ T6768] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  424.988963][T12488] netlink: 6024 bytes leftover after parsing attributes in process `syz.3.1934'.
[  425.354700][ T6768] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input73
[  425.359617][ T6768] dvb-usb: schedule remote query interval to 100 msecs.
[  425.362074][ T6768] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  425.366640][ T6768] usb 7-1: USB disconnect, device number 28
[  425.387512][ T6768] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  426.023313][T12509] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1941'.
[  426.042780][T12509] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  426.101906][T12511] IPVS: length: 218 != 24
[  426.157699][T12513] lo speed is unknown, defaulting to 1000
[  426.162322][T12513] lo speed is unknown, defaulting to 1000
[  426.340017][   T34] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  426.396436][T12518] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1944'.
[  426.401231][T12518] netlink: 'syz.0.1944': attribute type 1 has an invalid length.
[  426.405819][T12518] netlink: 'syz.0.1944': attribute type 1 has an invalid length.
[  426.530666][   T34] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  426.533938][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  426.536534][   T34] usb 7-1: Product: syz
[  426.537880][   T34] usb 7-1: Manufacturer: syz
[  426.539388][   T34] usb 7-1: SerialNumber: syz
[  426.542657][   T34] usb 7-1: config 0 descriptor??
[  426.549865][   T34] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  426.554453][   T34] dvb-usb: bulk message failed: -22 (2/0)
[  426.559961][   T34] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  426.563402][   T34] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  426.566331][   T34] usb 7-1: media controller created
[  426.580821][   T34] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  426.810487][T12509] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  426.823830][T12509] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  426.833107][T12509] dvb-usb: bulk message failed: -22 (4/0)
[  426.835108][T12509] cxusb: i2c read failed
[  426.916696][   T34] cxusb: set interface failed
[  426.920036][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  426.951583][   T34] DVB: Unable to find symbol mt352_attach()
[  426.953584][   T34] dvb-usb: bulk message failed: -22 (5/0)
[  426.955553][   T34] zl10353_read_register: readreg error (reg=127, ret==-121)
[  426.958016][   T34] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  426.963655][T12527] lo speed is unknown, defaulting to 1000
[  426.989160][T12527] lo speed is unknown, defaulting to 1000
[  427.004530][   T41] INFO: task syz.1.978:9212 blocked in I/O wait for more than 143 seconds.
[  427.011577][   T41]       Tainted: G             L      syzkaller #0
[  427.016494][   T41] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  427.020007][   T41] task:syz.1.978       state:D stack:25280 pid:9212  tgid:9211  ppid:5745   task_flags:0x400140 flags:0x08080002
[  427.022755][   T34] rc_core: IR keymap rc-dvico-mce not found
[  427.026049][   T41] Call Trace:
[  427.029107][   T41]  <TASK>
[  427.030423][   T41]  __schedule+0x1295/0x67a0
[  427.032413][   T41]  ? __pfx___schedule+0x10/0x10
[  427.032761][   T34] Registered IR keymap rc-empty
[  427.034425][   T41]  ? find_held_lock+0x2b/0x80
[  427.034455][   T41]  ? schedule+0x2bf/0x390
[  427.034481][   T41]  schedule+0xdd/0x390
[  427.038939][   T34] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  427.040726][   T41]  io_schedule+0x8a/0xf0
[  427.047315][   T34] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input74
[  427.048316][   T41]  folio_wait_bit_common+0x414/0xa70
[  427.054234][   T41]  ? folio_wait_bit_common+0x2a0/0xa70
[  427.057467][   T41]  ? __pfx_folio_wait_bit_common+0x10/0x10
[  427.058837][   T34] dvb-usb: schedule remote query interval to 100 msecs.
[  427.059821][   T41]  ? __pfx_wake_page_function+0x10/0x10
[  427.062526][   T34] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  427.064801][   T41]  ? __pfx___might_resched+0x10/0x10
[  427.064833][   T41]  ? compaction_free+0x182/0x430
[  427.064863][   T41]  migrate_pages_batch+0x7a1/0x45c0
[  427.071908][   T34] usb 7-1: USB disconnect, device number 29
[  427.073494][   T41]  ? __pfx_compaction_alloc+0x10/0x10
[  427.080238][   T41]  ? __pfx_compaction_free+0x10/0x10
[  427.082366][   T41]  ? __pfx_migrate_pages_batch+0x10/0x10
[  427.084129][   T41]  ? __schedule+0x12a7/0x67a0
[  427.085520][   T41]  migrate_pages_sync+0x4db/0x880
[  427.087017][   T41]  ? __pfx_compaction_alloc+0x10/0x10
[  427.096692][   T41]  ? __pfx_compaction_free+0x10/0x10
[  427.098287][   T41]  ? __pfx_migrate_pages_sync+0x10/0x10
[  427.100626][   T41]  migrate_pages+0x1aa5/0x2880
[  427.102032][   T41]  ? isolate_migratepages_block+0xd74/0x61e0
[  427.103858][   T41]  ? __pfx_compaction_alloc+0x10/0x10
[  427.105417][   T41]  ? __pfx_compaction_free+0x10/0x10
[  427.107008][   T41]  ? __pfx_migrate_pages+0x10/0x10
[  427.108534][   T41]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  427.111295][   T41]  ? __pfx___might_resched+0x10/0x10
[  427.113368][   T41]  ? putback_movable_pages+0x7e0/0xbd0
[  427.115400][   T41]  compact_zone+0x244f/0x4460
[  427.116934][   T41]  ? debug_object_free+0x295/0x550
[  427.118479][   T41]  ? __pfx_compact_zone+0x10/0x10
[  427.119973][   T41]  ? __flush_work+0x928/0xcb0
[  427.121788][   T41]  ? __flush_work+0x928/0xcb0
[  427.123165][   T41]  compact_node+0x17f/0x2c0
[  427.124495][   T41]  ? __pfx_compact_node+0x10/0x10
[  427.125959][   T41]  ? __lru_add_drain_all+0x441/0x650
[  427.127547][   T41]  sysctl_compaction_handler+0x141/0x210
[  427.129240][   T41]  proc_sys_call_handler+0x47f/0x5a0
[  427.130866][   T41]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  427.133225][   T41]  ? splice_from_pipe_next+0x1ec/0x5a0
[  427.135251][   T41]  iter_file_splice_write+0x830/0x10a0
[  427.137292][   T41]  ? __pfx_iter_file_splice_write+0x10/0x10
[  427.139064][   T41]  ? __pfx_copy_splice_read+0x10/0x10
[  427.140721][   T41]  ? __pfx_iter_file_splice_write+0x10/0x10
[  427.142997][   T41]  direct_splice_actor+0x192/0x6c0
[  427.144583][   T41]  splice_direct_to_actor+0x345/0xa30
[  427.146431][   T41]  ? __pfx_direct_splice_actor+0x10/0x10
[  427.148181][   T41]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  427.150039][   T41]  do_splice_direct+0x174/0x240
[  427.151547][   T41]  ? __pfx_do_splice_direct+0x10/0x10
[  427.156207][   T41]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  427.158164][   T41]  ? rw_verify_area+0xce/0x6d0
[  427.163344][   T41]  do_sendfile+0xadc/0xe20
[  427.164796][   T41]  ? __pfx_do_sendfile+0x10/0x10
[  427.166552][   T41]  ? __might_fault+0xc5/0x140
[  427.168091][   T41]  __ia32_compat_sys_sendfile+0x162/0x220
[  427.169841][   T41]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  427.171753][   T41]  ? exit_to_user_mode_loop+0xf3/0x670
[  427.173470][   T41]  ? rcu_is_watching+0x12/0xc0
[  427.175163][   T41]  do_int80_emulation+0x14b/0x720
[  427.177008][   T41]  asm_int80_emulation+0x1a/0x20
[  427.178719][   T41] RIP: 0023:0xf7f75f7c
[  427.180136][   T41] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 00000000000000bb
[  427.182568][   T41] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000006
[  427.185556][   T41] RDX: 00000000800000c0 RSI: 0000000000000005 RDI: 0000000000000000
[  427.188283][   T41] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  427.190735][   T41] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  427.193217][   T41] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  427.196505][ T5152] usb 9-1: USB disconnect, device number 10
[  427.199040][   T41]  </TASK>
[  427.200086][   T41] 
[  427.200086][   T41] Showing all locks held in the system:
[  427.209463][   T41] 4 locks held by kworker/u32:1/13:
[  427.211930][   T41] 1 lock held by rcu_exp_gp_kthr/18:
[  427.213590][   T41] 8 locks held by kworker/3:0/34:
[  427.220448][   T41] 1 lock held by khungtaskd/41:
[  427.222971][   T41]  #0: ffffffff8e7e5360 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[  427.227160][   T41] 5 locks held by kworker/3:2/5152:
[  427.230293][   T41] 2 locks held by udevd/5154:
[  427.232162][   T41]  #0: ffff8880133b0140 (&type->i_mutex_dir_key#4){++++}-{4:4}, at: lookup_slow+0x42/0x70
[  427.236392][   T41]  #1: ffff88802b23b420 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140
[  427.242237][   T41] 2 locks held by getty/5550:
[  427.244313][   T41]  #0: ffff888022fd60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  427.248213][   T41]  #1: ffffc9000019b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x14f0
[  427.253258][   T41] 1 lock held by udevd/5746:
[  427.255137][   T41]  #0: ffff888027b31350 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  427.259088][   T41] 1 lock held by udevd/5751:
[  427.262237][   T41]  #0: ffff888027a29350 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  427.266430][   T41] 1 lock held by udevd/6003:
[  427.268408][   T41]  #0: ffff888027b37350 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  427.273255][   T41] 4 locks held by udevd/6136:
[  427.275186][   T41]  #0: ffff888020f10098 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x1270
[  427.278867][   T41]  #1: ffff888071a0d080 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4f/0x2a0
[  427.283865][   T41]  #2: ffff8880254480f8 (kn->active#20){++++}-{0:0}, at: kernfs_seq_start+0xbc/0x2a0
[  427.287363][   T41]  #3: ffff8880134fa1d8 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  427.290202][   T41] 1 lock held by syz.1.978/9212:
[  427.292425][   T41]  #0: ffff88806b3dc410 (sb_writers#3){.+.+}-{0:0}, at: splice_direct_to_actor+0x345/0xa30
[  427.296016][   T41] 4 locks held by syz.4.1931/12471:
[  427.298113][   T41]  #0: ffff888021c86158 (&mousedev->mutex/1){+.+.}-{4:4}, at: mixdev_close_devices+0x25/0x1f0
[  427.303571][   T41]  #1: ffff88802a2bf158 (&mousedev->mutex#2){+.+.}-{4:4}, at: mixdev_close_devices+0x115/0x1f0
[  427.307968][   T41]  #2: ffff88802aa282b8 (&dev->mutex#2){+.+.}-{4:4}, at: input_close_device+0x46/0x290
[  427.311860][   T41]  #3: ffffffff8e7f0ea8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[  427.317227][   T41] 5 locks held by syz.3.1946/12527:
[  427.319378][   T41] 
[  427.320330][   T41] =============================================
[  427.320330][   T41] 
[  427.322908][   T41] NMI backtrace for cpu 2
[  427.322920][   T41] CPU: 2 UID: 0 PID: 41 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  427.322935][   T41] Tainted: [L]=SOFTLOCKUP
[  427.322939][   T41] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  427.322945][   T41] Call Trace:
[  427.322950][   T41]  <TASK>
[  427.322956][   T41]  dump_stack_lvl+0x100/0x190
[  427.322971][   T41]  nmi_cpu_backtrace.cold+0x12d/0x151
[  427.322985][   T41]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  427.322997][   T41]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[  427.323012][   T41]  sys_info+0x141/0x190
[  427.323021][   T41]  watchdog+0xcb1/0x1030
[  427.323039][   T41]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  427.323054][   T41]  ? __pfx_watchdog+0x10/0x10
[  427.323070][   T41]  ? __kthread_parkme+0x18c/0x230
[  427.323087][   T41]  ? kthread+0x13a/0x450
[  427.323103][   T41]  ? __pfx_watchdog+0x10/0x10
[  427.323118][   T41]  kthread+0x370/0x450
[  427.323134][   T41]  ? __pfx_kthread+0x10/0x10
[  427.323151][   T41]  ret_from_fork+0x72b/0xd50
[  427.323164][   T41]  ? __pfx_ret_from_fork+0x10/0x10
[  427.323176][   T41]  ? __switch_to+0x800/0x1100
[  427.323191][   T41]  ? __pfx_kthread+0x10/0x10
[  427.323208][   T41]  ret_from_fork_asm+0x1a/0x30
[  427.323229][   T41]  </TASK>
[  427.323234][   T41] Sending NMI from CPU 2 to CPUs 0-1,3:
[  427.364191][   T34] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  427.364682][    C0] NMI backtrace for cpu 0
[  427.364709][    C0] CPU: 0 UID: 0 PID: 44 Comm: kcompactd0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  427.364737][    C0] Tainted: [L]=SOFTLOCKUP
[  427.364745][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  427.364756][    C0] RIP: 0010:__orc_find+0x73/0xf0
[  427.364785][    C0] Code: 4c 89 e2 48 29 ea 48 89 d6 48 c1 ea 3f 48 c1 fe 02 48 01 f2 48 d1 fa 48 8d 5c 95 00 48 89 da 48 c1 ea 03 0f b6 34 0a 48 89 da <83> e2 07 83 c2 03 40 38 f2 7c 05 40 84 f6 75 4b 48 63 13 48 01 da
[  427.364803][    C0] RSP: 0000:ffffc900006bf568 EFLAGS: 00000a07
[  427.364819][    C0] RAX: ffffffff91701016 RBX: ffffffff90ebb274 RCX: dffffc0000000000
[  427.364832][    C0] RDX: ffffffff90ebb274 RSI: 0000000000000000 RDI: ffffffff90ebb220
[  427.364844][    C0] RBP: ffffffff90ebb274 R08: ffffffff917010b8 R09: 0000000000000007
[  427.364856][    C0] R10: 0000000000000200 R11: 000000000000754b R12: ffffffff90ebb278
[  427.364868][    C0] R13: ffffffff81754b99 R14: ffffffff90ebb220 R15: ffffffff90ebb270
[  427.364881][    C0] FS:  0000000000000000(0000) GS:ffff88809718a000(0000) knlGS:0000000000000000
[  427.364918][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  427.364933][    C0] CR2: 0000000033efdff8 CR3: 00000000136a8000 CR4: 0000000000352ef0
[  427.364991][    C0] Call Trace:
[  427.365000][    C0]  <TASK>
[  427.365012][    C0]  ? ret_from_fork_asm+0x19/0x30
[  427.365034][    C0]  unwind_next_frame+0x2ec/0x2090
[  427.365058][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  427.365084][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  427.365108][    C0]  arch_stack_walk+0x94/0xf0
[  427.365132][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  427.365158][    C0]  stack_trace_save+0x8e/0xc0
[  427.365181][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  427.365211][    C0]  ? __lock_acquire+0x4a5/0x2630
[  427.365242][    C0]  save_stack+0x162/0x1e0
[  427.365263][    C0]  ? __pfx_save_stack+0x10/0x10
[  427.365282][    C0]  ? __free_frozen_pages+0x794/0x10a0
[  427.365307][    C0]  ? release_free_list+0x249/0x400
[  427.365330][    C0]  ? compact_zone+0x2747/0x4460
[  427.365354][    C0]  ? compact_node+0x17f/0x2c0
[  427.365377][    C0]  ? kcompactd+0x73b/0xdf0
[  427.365400][    C0]  ? kthread+0x370/0x450
[  427.365425][    C0]  ? ret_from_fork+0x72b/0xd50
[  427.365443][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  427.365468][    C0]  ? page_ext_put+0x3e/0xd0
[  427.365490][    C0]  __reset_page_owner+0x84/0x190
[  427.365512][    C0]  __free_frozen_pages+0x794/0x10a0
[  427.365540][    C0]  release_free_list+0x249/0x400
[  427.365564][    C0]  compact_zone+0x2747/0x4460
[  427.365595][    C0]  ? do_raw_spin_lock+0x31/0x260
[  427.365614][    C0]  ? __pfx_compact_zone+0x10/0x10
[  427.365643][    C0]  compact_node+0x17f/0x2c0
[  427.365669][    C0]  ? __pfx_compact_node+0x10/0x10
[  427.365693][    C0]  ? trace_contention_end+0x122/0x170
[  427.365731][    C0]  ? kcompactd+0xa7a/0xdf0
[  427.365756][    C0]  ? rcu_is_watching+0x12/0xc0
[  427.365781][    C0]  kcompactd+0x73b/0xdf0
[  427.365809][    C0]  ? __pfx_kcompactd+0x10/0x10
[  427.365833][    C0]  ? __kthread_parkme+0xbb/0x230
[  427.365856][    C0]  ? rcu_is_watching+0x12/0xc0
[  427.365877][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[  427.365906][    C0]  ? __kthread_parkme+0x18c/0x230
[  427.365929][    C0]  ? kthread+0x13a/0x450
[  427.365954][    C0]  ? __pfx_kcompactd+0x10/0x10
[  427.365978][    C0]  kthread+0x370/0x450
[  427.366002][    C0]  ? __pfx_kthread+0x10/0x10
[  427.366026][    C0]  ret_from_fork+0x72b/0xd50
[  427.366043][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  427.366063][    C0]  ? __switch_to+0x800/0x1100
[  427.366087][    C0]  ? __pfx_kthread+0x10/0x10
[  427.366113][    C0]  ret_from_fork_asm+0x1a/0x30
[  427.366142][    C0]  </TASK>
[  427.366152][    C3] NMI backtrace for cpu 3
[  427.366166][    C3] CPU: 3 UID: 0 PID: 34 Comm: kworker/3:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  427.366183][    C3] Tainted: [L]=SOFTLOCKUP
[  427.366187][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  427.366195][    C3] Workqueue: usb_hub_wq hub_event
[  427.366212][    C3] RIP: 0010:memcpy+0xe/0x20
[  427.366231][    C3] Code: 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 48 89 f8 48 89 d1 f3 a4 <e9> cd 1a 03 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90
[  427.366242][    C3] RSP: 0018:ffffc900005ceda0 EFLAGS: 00000202
[  427.366251][    C3] RAX: ffffc900005cef68 RBX: ffffffff8e7a9b10 RCX: 0000000000000000
[  427.366259][    C3] RDX: 0000000000000010 RSI: ffffffff8e7a9b28 RDI: ffffc900005cef78
[  427.366266][    C3] RBP: 800000000000058a R08: 0000000000000001 R09: fffff520000b9dee
[  427.366276][    C3] R10: ffffc900005cef77 R11: 0000000000000000 R12: 000000000000058a
[  427.366283][    C3] R13: ffffc900005cef60 R14: 0000000000000000 R15: ffffffff8e70fd70
[  427.366290][    C3] FS:  0000000000000000(0000) GS:ffff88809748a000(0000) knlGS:0000000000000000
[  427.366316][    C3] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  427.366326][    C3] CR2: 0000000056eb2470 CR3: 000000004cca7000 CR4: 0000000000352ef0
[  427.366333][    C3] DR0: 0000000000000001 DR1: 00000000000001f8 DR2: 0000000000000003
[  427.366340][    C3] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  427.366347][    C3] Call Trace:
[  427.366351][    C3]  <TASK>
[  427.366355][    C3]  desc_read+0x184/0x380
[  427.366375][    C3]  desc_read_finalized_seq+0x89/0x1d0
[  427.366393][    C3]  ? __pfx_desc_read_finalized_seq+0x10/0x10
[  427.366411][    C3]  ? __lock_acquire+0x4a5/0x2630
[  427.366429][    C3]  _prb_read_valid+0x1f0/0x880
[  427.366441][    C3]  ? desc_read+0x2e2/0x380
[  427.366457][    C3]  ? __pfx__prb_read_valid+0x10/0x10
[  427.366475][    C3]  ? desc_read+0x2e2/0x380
[  427.366492][    C3]  ? desc_read_finalized_seq+0x131/0x1d0
[  427.366510][    C3]  ? __asan_memcpy+0x3c/0x60
[  427.366528][    C3]  prb_read_valid+0x78/0xa0
[  427.366538][    C3]  ? __pfx_prb_read_valid+0x10/0x10
[  427.366549][    C3]  ? __lock_acquire+0x4a5/0x2630
[  427.366565][    C3]  ? string+0x201/0x4d0
[  427.366578][    C3]  printk_get_next_message+0x15b/0x6c0
[  427.366593][    C3]  ? __pfx_printk_get_next_message+0x10/0x10
[  427.366607][    C3]  ? find_held_lock+0x2b/0x80
[  427.366622][    C3]  ? lock_acquire+0x1b1/0x370
[  427.366641][    C3]  console_flush_one_record+0x67c/0xe50
[  427.366656][    C3]  ? __pfx_console_flush_one_record+0x10/0x10
[  427.366670][    C3]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  427.366720][    C3]  ? is_printk_cpu_sync_owner+0x32/0x40
[  427.366747][    C3]  console_unlock+0x103/0x260
[  427.366763][    C3]  ? __pfx_console_unlock+0x10/0x10
[  427.366781][    C3]  ? lock_acquire+0x180/0x370
[  427.366798][    C3]  ? vprintk_emit+0x66a/0x6b0
[  427.366812][    C3]  vprintk_emit+0x407/0x6b0
[  427.366826][    C3]  ? __pfx_vprintk_emit+0x10/0x10
[  427.366840][    C3]  ? lock_acquire+0x1b1/0x370
[  427.366857][    C3]  _printk+0xcf/0x110
[  427.366869][    C3]  ? __pfx__printk+0x10/0x10
[  427.366880][    C3]  ? _raw_spin_unlock+0x28/0x50
[  427.366893][    C3]  ? __free_frozen_pages+0x5a5/0x10a0
[  427.366911][    C3]  dvb_usb_device_exit+0x3f5/0x520
[  427.366928][    C3]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[  427.366943][    C3]  ? find_held_lock+0x2b/0x80
[  427.366957][    C3]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  427.366971][    C3]  ? usb_disable_interface+0x211/0x4c0
[  427.366982][    C3]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  427.366997][    C3]  usb_unbind_interface+0x1dd/0x9e0
[  427.367013][    C3]  ? __pfx_usb_unbind_interface+0x10/0x10
[  427.367028][    C3]  device_remove+0x12a/0x180
[  427.367045][    C3]  device_release_driver_internal+0x44e/0x620
[  427.367058][    C3]  bus_remove_device+0x2bc/0x560
[  427.367074][    C3]  ? __pfx_bus_remove_device+0x10/0x10
[  427.367090][    C3]  ? __pfx_device_remove_attrs+0x10/0x10
[  427.367108][    C3]  device_del+0x376/0x9b0
[  427.367125][    C3]  ? __pfx_device_del+0x10/0x10
[  427.367141][    C3]  ? __pfx___pm_runtime_barrier+0x10/0x10
[  427.367160][    C3]  usb_disable_device+0x367/0x810
[  427.367171][    C3]  ? mark_held_locks+0x40/0x70
[  427.367190][    C3]  usb_disconnect+0x2e2/0x9a0
[  427.367202][    C3]  hub_event+0x1d0c/0x4af0
[  427.367219][    C3]  ? __lock_acquire+0x4a5/0x2630
[  427.367235][    C3]  ? do_raw_spin_unlock+0x145/0x1e0
[  427.367248][    C3]  ? __pfx_hub_event+0x10/0x10
[  427.367259][    C3]  ? __free_object+0x150/0x3f0
[  427.367277][    C3]  ? rcu_is_watching+0x12/0xc0
[  427.367291][    C3]  process_one_work+0xa0e/0x1980
[  427.367305][    C3]  ? __pfx_process_one_work+0x10/0x10
[  427.367318][    C3]  ? __pfx_hub_event+0x10/0x10
[  427.367330][    C3]  worker_thread+0x5ef/0xe50
[  427.367342][    C3]  ? kthread+0x13a/0x450
[  427.367358][    C3]  ? __pfx_worker_thread+0x10/0x10
[  427.367367][    C3]  kthread+0x370/0x450
[  427.367383][    C3]  ? __pfx_kthread+0x10/0x10
[  427.367400][    C3]  ret_from_fork+0x72b/0xd50
[  427.367411][    C3]  ? __pfx_ret_from_fork+0x10/0x10
[  427.367423][    C3]  ? __switch_to+0x800/0x1100
[  427.367439][    C3]  ? __pfx_kthread+0x10/0x10
[  427.367455][    C3]  ret_from_fork_asm+0x1a/0x30
[  427.367473][    C3]  </TASK>
[  427.367481][    C1] NMI backtrace for cpu 1
[  427.367501][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  427.367527][    C1] Tainted: [L]=SOFTLOCKUP
[  427.367534][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  427.367545][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  427.367576][    C1] Code: d6 95 02 e9 43 44 03 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 b0 24 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  427.367594][    C1] RSP: 0000:ffffc9000046fdf0 EFLAGS: 00000202
[  427.367610][    C1] RAX: 0000000000f8a40b RBX: ffff88801c31a540 RCX: ffffffff8b86e225
[  427.367623][    C1] RDX: 0000000000000000 RSI: ffffffff8df1ab41 RDI: ffffffff8c1c4580
[  427.367635][    C1] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed10056667b5
[  427.367646][    C1] R10: ffff88802b333dab R11: 0000000000000000 R12: 0000000000000001
[  427.367658][    C1] R13: ffffed10038634a8 R14: 0000000000000001 R15: ffffffff90d73e50
[  427.367670][    C1] FS:  0000000000000000(0000) GS:ffff88809728a000(0000) knlGS:0000000000000000
[  427.367710][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  427.367724][    C1] CR2: 00000000f7247810 CR3: 00000000136a8000 CR4: 0000000000352ef0
[  427.367736][    C1] Call Trace:
[  427.367743][    C1]  <TASK>
[  427.367750][    C1]  default_idle+0x9/0x10
[  427.367768][    C1]  default_idle_call+0x6c/0xb0
[  427.367785][    C1]  do_idle+0x464/0x590
[  427.367815][    C1]  ? __pfx_do_idle+0x10/0x10
[  427.367836][    C1]  ? finish_task_switch.isra.0+0x152/0x1010
[  427.367864][    C1]  cpu_startup_entry+0x4f/0x60
[  427.367887][    C1]  start_secondary+0x21d/0x2d0
[  427.367915][    C1]  ? __pfx_start_secondary+0x10/0x10
[  427.367938][    C1]  common_startup_64+0x13e/0x148
[  427.367962][    C1]  </TASK>
[  427.394492][   T41] Kernel panic - not syncing: hung_task: blocked tasks
[  427.394513][   T41] CPU: 2 UID: 0 PID: 41 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  427.394538][   T41] Tainted: [L]=SOFTLOCKUP
[  427.394545][   T41] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  427.394556][   T41] Call Trace:
[  427.394563][   T41]  <TASK>
[  427.394571][   T41]  dump_stack_lvl+0x100/0x190
[  427.394596][   T41]  vpanic+0x552/0x970
[  427.394614][   T41]  ? __pfx_vpanic+0x10/0x10
[  427.394631][   T41]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  427.394654][   T41]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  427.394677][   T41]  panic+0xd1/0xe0
[  427.394718][   T41]  ? __pfx_panic+0x10/0x10
[  427.394739][   T41]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[  427.394759][   T41]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[  427.394778][   T41]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[  427.394796][   T41]  ? watchdog.cold+0x1ec/0x234
[  427.394815][   T41]  ? watchdog+0xcc1/0x1030
[  427.394841][   T41]  watchdog.cold+0x1fd/0x234
[  427.394865][   T41]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  427.394889][   T41]  ? __pfx_watchdog+0x10/0x10
[  427.394914][   T41]  ? __kthread_parkme+0x18c/0x230
[  427.394941][   T41]  ? kthread+0x13a/0x450
[  427.394965][   T41]  ? __pfx_watchdog+0x10/0x10
[  427.394988][   T41]  kthread+0x370/0x450
[  427.395011][   T41]  ? __pfx_kthread+0x10/0x10
[  427.395038][   T41]  ret_from_fork+0x72b/0xd50
[  427.395056][   T41]  ? __pfx_ret_from_fork+0x10/0x10
[  427.395078][   T41]  ? __switch_to+0x800/0x1100
[  427.395103][   T41]  ? __pfx_kthread+0x10/0x10
[  427.395131][   T41]  ret_from_fork_asm+0x1a/0x30
[  427.395161][   T41]  </TASK>
[  427.396318][   T41] Kernel Offset: disabled