last executing test programs:

18.683306854s ago: executing program 3 (id=984):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c800}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
lseek(0xffffffffffffffff, 0x1, 0x1)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
r2 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000180)={'veth1_to_hsr\x00', &(0x7f0000000040)=@ethtool_pauseparam={0x1}})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r3, 0x8949, &(0x7f0000000000))
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xff00}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x70}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f00000000c0)={@dev={0xfe, 0x80, '\x00', 0x38}, 0x81, 0x2, 0x0, 0x0, 0x400, 0x4}, 0x20)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
close(r0)

10.6756196s ago: executing program 3 (id=987):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYRES64=r0, @ANYRES16=r1, @ANYRES64, @ANYRESOCT=r0, @ANYRES8, @ANYRES64=r0], &(0x7f0000000300)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41100, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x38}, 0x87)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x5, 0x0, &(0x7f00000002c0)="00154e0132", &(0x7f0000000300), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40505330, &(0x7f0000000040)={{}, {0x5}, 0x3, 0x7})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80c9}, 0x20000000)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f00000000c0)={0x3, 0x98f90c, 0x1})
ioctl$sock_FIOSETOWN(r5, 0x8901, &(0x7f0000000000)=r2)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = fsmount(r0, 0x1, 0x4)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000180)=ANY=[@ANYBLOB='+cpueet '], 0x8)

10.62377702s ago: executing program 3 (id=996):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c800}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
lseek(0xffffffffffffffff, 0x1, 0x1)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
r2 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000180)={'veth1_to_hsr\x00', &(0x7f0000000040)=@ethtool_pauseparam={0x1}})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r3, 0x8949, &(0x7f0000000000))
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xff00}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x70}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f00000000c0)={@dev={0xfe, 0x80, '\x00', 0x38}, 0x81, 0x2, 0x0, 0x0, 0x400, 0x4}, 0x20)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
close(r0)

9.365828331s ago: executing program 3 (id=1002):
syz_clone(0xc0024500, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
gettid()
socket(0x10, 0x803, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000040), 0xcf7, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc01c7c02, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x40938, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x68010}, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)={@multicast2, @loopback, 0x0, 0x1, [@loopback]}, 0x14)

9.287780491s ago: executing program 3 (id=1007):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5fd7, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0xfffe, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r1 = syz_open_dev$loop(&(0x7f0000000040), 0xffffff00, 0x10082)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0xc)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
open_by_handle_at(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="20000000f100000006"], 0x0)
r3 = socket$inet(0x2, 0x1, 0x4)
setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x40938, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x68010}, 0x0)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000040)={@multicast2, @loopback}, 0x10)
recvmmsg(r0, &(0x7f0000000040), 0x800000000000208, 0x45833af92e4b39ff, 0x0)
r5 = openat$comedi(0xffffff9c, &(0x7f0000001a80)='/dev/comedi3\x00', 0x103400, 0x0)
ioctl$COMEDI_INSNLIST(r5, 0x8008640b, &(0x7f0000000000)={0x1, &(0x7f00000020c0)=[{0x4000000, 0x92ff, 0x0, 0x0, 0x1}]})

9.060195269s ago: executing program 1 (id=1013):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000800)={&(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000740)=[@mask_cswp={0x58, 0x114, 0x9, {{0x1, 0x80200000}, 0x0, 0x0, 0xfffffffffffffff8, 0x200000ff, 0x9, 0xfffffffffffffffd, 0x70, 0x4}}], 0x58, 0x4004004}, 0x40)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(r1, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)

8.820224648s ago: executing program 1 (id=1016):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc807}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x40000003}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = epoll_create1(0x0)
r3 = fcntl$dupfd(r2, 0x2, 0xffffffffffffffff)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigtimedwait(&(0x7f0000000000)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r5 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
set_mempolicy(0x3, &(0x7f0000000100)=0x3, 0x9)
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc, 0x2000000}, 0x1c)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r8)
read$msr(r3, &(0x7f0000000280)=""/145, 0x91)

8.739854202s ago: executing program 1 (id=1018):
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000000880)={0x8, {"42d1d92b458e9ea9121673103f96e2a6f652a6bdda39b5d7420184a77546c6fff4a436cebd267e2cba6384cfd34afd4d775ba7dae05a62136afcfc54f5d02449793625a11ecd264a66c65811ec065bf3384ba3a94511f88032621b01045583e45e0f9b8befcefeee83c1c07af866dc99b3a7fe5fdee5dc46a3e9cb1edaeba78d42d3be0bca7db3ac5afa44e7331dbdb3ac881558a185f17f98bf0eb96c68c011a16cae07edc32699fe15c4c964be095ef651bfa7c0d94f13fa1c3170e9fb1b6da3eced5ba82a5bf3198a410a82d22a2c9d70affcfa48c6dec8448cee3e26219817c2faa2f4bc424789791e43a266ee715ab789495c7570726e2250d43fb1b1d113097c8fd4c1cb3668b8c892b1adefbe6eeee0516dc7a83e698bd9cc63df91ecf51c3c34cef6dc62c1eabbafdb9fb960522f2241e383b943609aea34880728553c1caf4d435f517ce3364bc62a340cb999324a1b2af232a945cab0bacc01cc3f5aae8e09c0592c78cc75bfbe5419f1b6dcc226456dc3473036665c91f00267de753b542060780257d2e8d72fbccdbad113381ba1cf207c86d959843aa68dbb7a753e6800ebfc3328034691a8a30296741cd1a895cf54ce89a556c2070a7cbb8e682cd8a79a57f484f19f10f34bd307d631a9d215bfabebf4a7aeda75c6d217568c5b281b38470982ec48ac6f636909d15758d95c1461540711b09398a4693fa62c3c93822048ae9675d9d6881191c8f9ec846c188f473cdcfa5273bbbcad0d5d7d36763bc3861076722bd48c3345498cc48048222f5574ec7378bc7efe5252795065bbcdb7ce499e0c0bebee079be6f4c7c5c15cd7e56b6413dd07ad8327044f8b725e8fa9c99c45c0b9daef51afa7c291006b684375316e7a501d35041b18e55b1391e36becf00194ba3630dcee4fde391d15347bc28c6c53cf3cccffe116330739d93a6ff56be34c316a71410281f3c619e7ad12e37c668b1f4795fd27e6f483b85c9763ce42524a66d1ba6ee7156e36678cb78c779d976dbdbdebdff36049aaf0b59c93725746eeeb960d938485c4dfa2b4caa029c6a142fb0119d7247baa3d065fc61f3afb531dd579f857adc835f7ebe3545c6f5ca8b3a749c0832cfe6be5dae01543ea3a56663b5cf58de7daaace2c3271848a65d9bbff1a13b354dd614fbf223dde719dfe6591bb5fe4edc3ac31d9ae18432740b7c05de02b9fb86cf9fe4454961da31cd41ddb6fb95a72e5723d6cc3cb57520806d09a853ecfe29c9cdfce35395f1fd7f2593600f9d5bd7b6b157d5575672430509c7eeebe3805438cfae86a5993cd3e6fa39f9567000c9baf665254042ca19fb1adfdec37720d41dca15523a8073e5c49db4add9caeefdec2b7aafdca5baafe78b9a7f8c2bdd5c58baa8a87ec2f8fcf708045ec7ab899c47481c59184bd10f8319f73263d9b4efefb0247a39fc6d451cae8d3a3a51b6e98977be59b2e1beec3a1a9e0dd8475123c3162d0927eab50f44e48c39a95938a033015b8ef9fc02fdee10540b123c7a53d6706f7476ab88d0d5121676e7d7cbc2635ba281b369f3378afaef92a60c92393efe9c45ccf60f1bdb69097e5f1bc67b1597e6b5de3dd5a7f162690972c6768cf63a9b4a7875268c97b31a427b983196f601d28f1648fd40b4b6a16b4ff4b2737cbd0d14b0c43b0c33d5c876df6591efa0b51bc44413fff32524dab4d198f045b2622c4e2fdcec8e6606b88ed3de71ad0d3dd0dbd661e39acd69af980e1b7c7d539d6498d68b64bac9233efd7d4b00db3fea8c0bf02aebcfb2240bc11ec5bceccccad5b00007a29f345620ae4673f1d41c514e9f5b583433adde93069a1cd01621b50d87dfffd5d410d077b9b4b6b8a807298ee871ff649e8620b06af7988f3d4ae20cb5482121875cdcd9b4e44a74c691c09bac1e7947f2f4f4d228146a1f867633c19ee3b709a86968428f2810d92598bdbcd18b93fbc9a705dda58691ebad397335e80a0cd17b1e6518386251341129e8fdb252b12b741847a4bb8da0e617bbe203f65cfd52cd271dc267598ec0ed469a57fe98e338468839a3cb20caec617f94fa65262e55bd34f2ebd64a88b75779993e6903a50d6ceb7fbf1c6bd1f83b7afa213471d86f52b060c9af2559f3332eab72bbef58de69c481122ad0fdaf499aee6121a52d0ed2b9fc2d62412f8f77e331f025f2ca21adba1434e41577580fae31a3892fdf3e08d1627c6cd1791abc41ac64da3d8aafbd6fbb5ff3d582030162bfc20dbb7aec5ba68a7f88167124d675674b15012930b491540f3d8ea93a6486b64ac5a88bce5491822f0c79cb43a90e349d8480929343b307662ac67934ac3bc5c6e4bc409340ae234f86febf422eae94f22fe41cfacf9b62703a64dca51a81995d646ddb91f0962ebe9c93597349635e73b7604024edb816a07863fbc80febd2d024e497ff03bf91b7f2e6e74601f9564ac8a30bc6571f9e0c6e9cb105bd8204d3a6de3a21952005c22aa4ad68fe4d4d79377d7f19241961cc1993d7cd7fe02bb023702a65024f8cf7e18072ed500ea6a2b545951023f794a0fefb317531ea1f702002ef5897b4629308c28724554d8f0d89fb0369fb6270fa7a885df66e49b6353b65924578e0aea8dd4ee65d32ebeebbc238973aae8fa25b9e4dc36df1a15b174b2ca3c8650ac1f255a1707d46b5d555a61ddccf6c232488c92949e1756e0bbc7d845676b4143ab12ad17f214bc5caae48e410df19616e9e371f8dfc8d00bb4a4a510594479c75276474d9a346db1d357bedb5de96e56846d306a2dfe98d24fd676e79f89e560a95d8894d1160bda8b46bb8e061a6199d373e94c2947f852f4e54c58476d4bc37c66ecfd0d23f967fc73667f9ae39dcc4b14fcb9ab524e04143d624d04c3031dbd9259864c5040a481a5906b870ed4be35818bc6cd45ce4f91bd8e39b424526e36afb87b298eedb187883d5005c4407637f0edacac29f5f6eb38f525a662a6c3c201fd48b811519bc621494440c09f9f2c989dafe2fe8215d1050ef3769f49aad149cbddd4b5133a1711a055e5172894fa617dcf9801b78695e75754bd590deaf816a4233f63311c2e5e9f82413e66f743e96ace48083fb97c869c3d07c8593e0e6a4b8446471e44bc04b6381ba359baba2a60daf4e29fd25d2ddf7ac1a60191474c09e4a4bde1e1ab97dfa01bdbb95cc356c51cde94d26848d60ac4c310fd9691425edd6f14304775f2271b04412473c623b4b74eb53c8e3e4251209ea44689b6144993ee4287353f8a41659cdf456e2544d116064b0e6ea6d0ef105cc207ef3e63f0ff27ecdb32fc1bed4a9f261e3234207bc8d601ae3aebf56bdf6957c49d98e23ac43b90fecd89630fe7b8e7f9c2845c3f791fb7140d9dfe24ef9564b96f1e449fcb84e2e9ec41255f60f5b61994bac1fde331f2560a3d183f96de605e51c48789ef15edd9a85f34978df474811c92a19b838a24fe956fe4b8c4dacf48518418d7d0a276c72a759f0f0fe7efc27ff8f2478164615cd0b86fcff3bf6c4f78e0154267af5f40f52cbf0bac7184d84a1ddae1a8fcfa9d9da983dd470b5d1f656e716eb7309bf07d4cd71818b55927e679033b3ea63f1fe5ec1b0280607e0976e90d714eebbc6710e5fc1dae090dfbcbf6e67f77928615d60bb672e1ef8140eeccaed9a22c122699b4615ff52abd5bda6327b019471f3ecf18497335b8eae99b99211e88ecd068aaad527506c307240fb1949ce6168995120aecb013abbc05b654dee28bc95f5b96b22e69abfd6923eef1a90b6d1152327aaacf5f138547255043723c26711ea3dd937a68445a1fd69642b23336190ae3c5e0555a3def9a38431e8fe95395dbc0c5b7b929f9847a6e74ea21c7bacf248c9830839286af319a94c8c4d01b37779b74e159c4b40ae7004ad95de5db6967e6d5dc8313c9067e6ed161c1fd210c2d17cbfc49061e867154624ed93fb6c06f546d03e8141fe00f983551c4888285c584dce9a3541d24ba38c3a149e865318a8ec53ec577de540b9e421700cb24347368c06eeb568ebca9dd044591cab837fe7a6e70bf2622062753ed1dc2051f2d7867b4c23f657777dc5eafbf4ed86d3e295ea7edfe7213aa0990da23fb288a289dbfd59d4c524cf3f02a2afb25f5e9d7d8cd0166a13ec56d05596152e1a83259ec852f96971afe3aa47a5971bf3b12281f588fd3fe59d29b1ebc6e797d766ec717d76d28f03c1225e85cbd9f5d09080aa9e85dc3dba8be5e3de98cb98aec4c9db811cebe8fe4883dc9c55455c6a7010e8d82d98c20efa3146939c5d1634dfac84310450a7410073e879b0172fc4587450ac286b0b50de0edcec3d97a25a9e12d879ac90d12f8fb0fa38e90289946ede3e1953d4bb896138a733218d9e3b198c5717fba844a72e9622c56bb1df9a9c71fd21111434b3362ebdb0e4b75b348fb53287bc64689d8dc7c2d0ecdf15900ab5f4d5d54cfc4c0c6f6805247bd309dc329a63944a40bac7b21a6d587c1a372ba113d74cb8b102d41cd34dff7d8d4c721fbfd718263c6976983c9dfbc8903fbf05198bc9d7909ccd2e9233f147b8f4827e390ca06e148051ddac02d6e0315638cf85c2ae259d903e7ce2a9fb19c81e9d368663f9b8c2d86a627812cdb36c4f7fd9fd033bb9d1ea26acf621909c791ed181fb16b1553f5654ac2eaff7c77049a6605ab08f19b64b200a276cbb9915b50da6305d07a40d9af915a5c43adfa42e07806b91fca4da099a72ca9375755f8b57d657f567696106ca1fb8abe0c76bebe1a00ac475c3d98137968d1fdb77d1b1ab5f4369e0e5a496ab9d4403e5c25b469096ba7957faf5aa8b8eb1562609279db8570e32947f723e2e4802e43f391a696ce4db76b780a1bea0087bfe9ed878cc7a72e79fde3b6e29eeaebab382488a38cfe20766ce14289e89d91d7b7fd7f8e222968b94c7edcde8144ae48d3ff6253fc86514137b804535cb0276b9a51692ba08c2ab831c82eac25f7d8f9549ad6916bc0ab3667a63dcbf3f4ab81e37fbcdef650ea24ffc952b71cdd0e4abc8ac803a4153877403e14adc800687f5978f9ed73617edd1931e1d777d7e8fe346a169a645b844c639355e8970ecf43e9fc37e78f7d311787de593128d671f2fe8d1efcf9c30be758e39686b3810a354f8f70c3b8875d10f251d14e9f510103d370b4c2a35fc0b7bd4fc4672957889719b982ce9696900570a292a755b85c7aa68bf9d867be67052075ff8e376c58b3471dd7423f5c40cd72f0c27d054d2ddd7b06e63153e67a408b412ee94489c6f9f7add7d19fdf269c3db26a1a6565cb9fa4a8567f398276c50d1c439da577c4018f912fff16262d8b86dbc3b1cf7d56fcf25cf4dce6b1c99f83bcd85beef32bb7f12d6f9eb366be1cb8ca6dd43476be8b3e6c82b8ce48e9a7c279d31f8906014e5e371a102a87a6037d228719caa2c096ed5d8d5d7a6cbda9bf720ae5bf460188afd0ec006eccc1c3e8efc1dc8fbf8ffc1e1fc02ee42e4d65d225fcfc9cf8388afbc51f0b15187477fdabd8fbd1766c09b1c6940a2abe3366018db6834e41c8ccbd65cb049c06659031fd2973f983b4cb4414fc62479c50b0d0bd422b4f826194d2fb83ae56cc3dbd7bb7856c2f33f716bfbedb965c3f08882ab088d6f66d1f2a94f82100e6481c184ee58a98a318ca04561c6140da0a87bc1bec0c13d3517a2dff36223205aa65a00d053f268125a608f52138c6ce64de980391f7adb1563c3fe97ae8bc84142ac7823a9e7645d99f64db79d1fb9dd4dd2afefa", 0x1000}}, 0x1006)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000580), 0x4, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$EVIOCSKEYCODE_V2(r2, 0x40284504, &(0x7f0000000080)={0x73, 0x18, 0x4, 0x0, "d80004000000000000957f00003d4a100a000000000020020661e6e66b8b37ff"})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x13, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffffff858500000071000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x550, 0x280, 0x1000, 0x0, 0x1, 0x0, {0x0, 0x9}, {0x350, 0x20002, 0xfffffffd}, {0xf4ef}, {0x4, 0x0, 0x7fe}, 0x1, 0x100, 0x0, 0xd614, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x110})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
r6 = socket(0x11, 0x3, 0x0)
r7 = epoll_create1(0x0)
r8 = epoll_create1(0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001d80)=@newtaction={0x49c, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfe, {}, [{0xac, 0x1, [@m_mpls={0xa8, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x8a1, 0x2, 0x2, 0x4, 0x7}, 0x3}}]}, {0x60, 0x6, "2b5652c46d12f9dffbe9eeb465e721a4c017c1a0b66c80347f0596c55f18b6c70d26ecfbc4a322268dc0a18130611131861941aaba4e057c4f8d3e05bb4624cbfe0d66c5b7bd17084bb8d35015b2a5d4af1926d325102bf4cb47c96c"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}, {0x3dc, 0x1, [@m_ife={0x190, 0x1, 0x0, 0x0, {{0x8}, {0x78, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6, 0x5, 0x8000}, @TCA_IFE_DMAC={0xa, 0x3, @remote}, @TCA_IFE_TYPE={0x6, 0x5, 0x8}, @TCA_IFE_DMAC={0xa}, @TCA_IFE_METALST={0x30, 0x6, [@IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0x3}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x2c6}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0xd405}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x6, 0x5, 0x5, 0x7260}}}]}, {0xf3, 0x6, "eac1eb74cf1dff4a59e4dc33e675236bc10426e0e46699d5065879be547c72d8dfb784242510c96fda21d9197ef7674cfa372f3dfe6931bcad2e08886bc77ebcb769cf82f56eace8337ff9769a328ade4c21431c0cfd6ca895bff39b2a0957328b81d846110fa55c334d1d74279174c6bf64c1d688ef83fe6b9ce1de799551b395bfcd61fa7176742d2491568b782391a2e0964df22cdbf703ee808ca64016a7cc33a66a765eb9e4553950c96a656878af6db2e347ff463df32645f74529d8490caea84f0cadee5c0ce2aa88eee0e6042c90d6729a41e6787e05fb51bd49f8068e7607e5d6de9015ad01062a5157d4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_connmark={0x90, 0x10df, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffffe, 0x1, 0xffffffffffffffff, 0x9, 0x8}, 0x7}}]}, {0x44, 0x6, "ed666fd3196be6f068e6d4ac6ed71863251aa009f7615de131108f5515ebf955964925dabccfc96ef42c3744c6468faaf3f9ac362aef9e9ab2ba2964f9ae7c44"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_ct={0xa4, 0x0, 0x0, 0x0, {{0x7}, {0x40, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e22}, @TCA_CT_ACTION={0x6, 0x3, 0x46231abcab247518}, @TCA_CT_ZONE={0x6, 0x4, 0x5eb7}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x4}, @TCA_CT_LABELS={0x14, 0x7, "9dc997013da1b6691db3595856115542"}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @multicast1}]}, {0x40, 0x6, "75d81ad009861fc7033906a33f198d290fe2f08334304acd4517cd95c9a3829cea348b49e4ebfbf072d0335b4210e8ff3444908a1478ed86367ff7b6"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ctinfo={0x9c, 0x11, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x82}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0xd7f}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x1}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x5}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x1}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x2}]}, {0x3e, 0x6, "c75d4ecb3611eb678e75e7b9767e14c25a2832e846de0d943c414dfe5afba13a1f4052385efb0136a5cea45b9724caa58f052b2143105dca0124"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_skbedit={0x78, 0x4, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0xfffffffb, 0x2, 0x7, 0x8, 0x2a88}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7ff}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xfff}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x6}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x800}]}, {0x14, 0x6, "3270cf5d1f77b83cb774fb594f80c2a0"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x49c}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfe33)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000000)={0xe000202b})
epoll_pwait(r8, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffffffffffff7, 0x0, 0x0)
dup3(r6, r8, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)

8.320434504s ago: executing program 2 (id=1020):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c800}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
lseek(0xffffffffffffffff, 0x1, 0x1)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
socket(0x10, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r2, 0x8949, &(0x7f0000000000))
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xff00}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x70}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@dev={0xfe, 0x80, '\x00', 0x38}, 0x81, 0x2, 0x0, 0x0, 0x400, 0x4}, 0x20)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
close(r0)

165.451264ms ago: executing program 0 (id=1021):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000040)='wg0\x00', 0x4)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f000000d040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x34, r2, 0x8de13c6b70ae92c3, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xe}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r5 = openat$nvram(0xffffff9c, &(0x7f0000000280), 0x40000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r5, 0x40bc5311, &(0x7f00000002c0)={0x36, 0x1, 'client0\x00', 0x4, "424ac96a0471cdd2", "6712190cdf8afdf8970b665a657b8bd68479c460ea5b6cd4eb67dc144781679f", 0xb17, 0x44a})
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x14, 0x3, "f4f03b0200000000020007116b61979e"}, @NFTA_MATCH_NAME={0x9, 0x1, 'l2tp\x00'}, @NFTA_MATCH_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_COMPAT={0x24, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x88fb}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0xf5}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x1d}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0xc}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x4, &(0x7f0000000b00)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@cachetag={'cachetag', 0x3d, '\x02\x02\x02\x02\x02\x02'}}, {@cachetag={'cachetag', 0x3d, ']]&&-.w@$\\'}}]}})
socket$inet6(0xa, 0x2, 0x5)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000001c0)={0x2, &(0x7f00000000c0)=[{0xdd35, 0x4, 0xff, 0x7f}, {0x3, 0x7, 0x1, 0xd116}]})

165.210035ms ago: executing program 0 (id=1022):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001800dd8d000000ba7e9698ed1fbfa80e000000000002"], 0x3c}}, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$FS_IOC_GETFSUUID(r1, 0x80111500, &(0x7f0000000140))
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000100)={'ip6erspan0\x00', {0x2, 0x0, @broadcast}})
bind$bt_hci(r2, &(0x7f0000000000)={0x27}, 0x74)

165.098524ms ago: executing program 0 (id=1023):
personality(0xbe4e602dc9e6c1d3)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x11, 0x4, 0x4, 0x2}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r3, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f00000001c0)={0x1fe0000})
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x800000, 0x11, r6, 0x10c06000)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

164.910084ms ago: executing program 0 (id=1024):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet_mptcp(0x2, 0x1, 0x106)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f0000000e40), 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
r1 = fanotify_init(0x4, 0x1800)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fanotify_mark(r1, 0x101, 0x8000011, r2, 0x0)
ftruncate(r0, 0x6000000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x4000)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x40400, 0x8)
fcntl$notify(r3, 0x402, 0x8000003b)
syz_emit_ethernet(0x46, &(0x7f0000001c00)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2}}}}}}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timerfd_create(0x9, 0x80000)
r4 = syz_open_dev$MSR(&(0x7f0000000000), 0xfffffffb, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB="00000000edff000000000000000042c100000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/26], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

163.640246ms ago: executing program 0 (id=1025):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@gettaction={0xe8, 0x32, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@action_gd=@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x101}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x78, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffe01}}, {0x14, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xd1}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x0, 0x1}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
shmget$private(0x0, 0x12000, 0x1000, &(0x7f0000fec000/0x12000)=nil)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000300)=[r1], 0x1)
socket$netlink(0x10, 0x3, 0x15)
openat$snapshot(0xffffffffffffff9c, 0x0, 0x481, 0x0)
ioctl$SG_BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
socket$nl_rdma(0x10, 0x3, 0x14)
shutdown(0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
r3 = dup(0xffffffffffffffff)
syz_io_uring_setup(0x239, 0x0, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
write$6lowpan_enable(r3, &(0x7f0000000200)='0', 0x1)

162.548786ms ago: executing program 2 (id=1026):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x2000000000000013, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/185, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0xec)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xd0, &(0x7f0000004680)=0x80, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x200008b4)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_io_uring_setup(0x283d, &(0x7f0000000380)={0x0, 0xb173, 0x200, 0x3, 0xce}, &(0x7f0000000100), &(0x7f0000000400))
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x11, 0x4, 0x4, 0x8, 0x2068, 0xffffffffffffffff, 0x1b91, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='bic', 0xff3d)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window={0x3, 0x0, 0x400}], 0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)

162.31861ms ago: executing program 2 (id=1027):
open$dir(0x0, 0x40000, 0x19b)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$inet(0x2, 0x3, 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x24}}, 0x24000000)
sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0x3, &(0x7f0000000080)={&(0x7f0000000240)={0x54, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @void}}}, 0x54}, 0x1, 0x0, 0x0, 0x44}, 0x8000000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

161.930622ms ago: executing program 2 (id=1028):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000007c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000800)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000400000004000e1ff95000000000000002ba76bb33123751c4e3409e62751ee00ba19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d046837d907b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca315f5b87e1ca6433a8acd715f5888b2007f0000000000000000010089937090c34410000000000000090000000000414027efc842b6d6f800005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdce57a79d6fce424c22001f6c3784a1975fa657d05003a32a4fd67ce446ac5430207db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bd2b5543ffc16695572361629d1022f722ec23812b70d72cd0010000007881bfa35b9fd6864e90ddb31f75f6324989cdc7044f563a1f74d4efe895fdbc463f747c08f40105869035000000000003000000000000000000000000000000000000080000003ddf4aa4b1c8b8a0ae6feb6737c275dc2740f742b5425f1d5819610608bbab35471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f15b8ee25a2a5ccf4a9b603c88e12ff25184d4e3c2f7f623559435b2c505fb7113400000f0bc440550ee91302f5a00000000000000000000000000000000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7a92a557ac2b44b8f7a49789906d922b3e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696abaa042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb328790700000021e041254f06bd7f000000000000000000000000000000282ffe000000000000000431e8e3204a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dfdb3d1179b4b9fccd0cd5b7578802c66f5dbf22ad0bd03cbe0fecd096bcf419d35988948d1cd4c51c406040000000090a3bc3cbc08255975f3cee08dab765d8a4ef870aaae3f81ed6364837171ce5564f3cf6feba1b6745409000000000000003459263499fae97e7dcb30e4cff009e0f4f78c155c4ab19b878fcb4cc14b8d2823643a17120418f42b42ed879cb23e6d4e0d11db988d0bc46de02702d29243b72215d5563bdae8c2ccda4498687cd50f3a9058f61d52d70aabccb18d41d75788faf60ce9be97c13e4252d9d112d9ac47368829f8a29eca17de807c840293dd387eee13fdecf3d5a334350f045a22b9adb0539d44d58a00fb9e83ebf4fea36b87e2afdf63f7abf5caf2b01317a5f65f22c8bcf36b390dece1e98541ae932ec3486f74c1eea673c1647568acb17efcef24a9c3504dfa7c7eefe3dcb8d570a730a0837839f54527ce334b8173e7bf73bcd8d80ef294fde6549a0f1a23b78b41f79ea543d2b38b80d3d28c6c93901b763fc8b88794aa74facc345e28f0ad79de4df5afd52e7dfc387e4d2ca4d5caca74754987dbbd4d64e233b4a1d81a9aeb981734ca5416cacf516ca8384d85310f24d393fd48c668465546117377547d11a61bd2bd9e35fa0da5118554a1d93147b103a51baf94aeb1b6292038300423344e6add2226ba5f6724a08567ef515898f0f7dfd3fc198092af3265c5df377a66bbde4fa4a049692e06ee5022c58290bdc37eeb16f4e099e33679044ba21898f76c982c8203663f1adb7bbb42ed8d9b0bb8bd9255e342959b822fa8b3d08b29f2201dfe3a3c5c8bf8bc82f249e7eb9f8571823d730fdc78c6b3122a3fd9209dcae70c10c7b17e83dd759a52fe5c362358dbb780a52f540000000000000000000011230e1d6f9fd3315ada8ecee55fc0ec6ec0ec950c0ad006a06a162035d5729795c4a58b59f9a252723480b08ae9bd52c176380a42b972a3400b5d28b273e60000007cac9d35a991c27e23ce5217fec9ce89ea2dea8ddb383e53cdd077e7c2d73404b7450664f70225897307d8a140ba97bfc2232dccdb1dd0496c219315c02f2ef46f30add1aa13e52d67116328c3a5ee3356eadea07abe8506767771d68e760f8c623fb64865a942acc4912dcd1fa5d729cb45c15577bbb8b08a705efeaf09dd6aadeb8d61501e4fd9c9b1ac845a2138cbde58a04589888c0e528a5134e1dfa8b3f6d8a76517df589cae1019a3bc280e99fb661271357dbbd7e9c42d3fe45efaaa00"/1810], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x35}, 0x48)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000200)=r5, 0x4)
memfd_create(&(0x7f0000000480)='@(]#%/^]*\x00', 0x4)
sendmsg$inet(r4, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002140)=[{&(0x7f0000000240)='\x00\x00\x00\x00\x00', 0x5}], 0x1}, 0x404c010)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x38, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0xb3}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x4000090)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
pwritev2(r0, &(0x7f0000000700)=[{&(0x7f00000001c0)="0fd83d4b9be8826fc51291d64308ad0304e661d1f75663c9dbccdfddff1aaff82ce05be9235dc90dbf523c2bf296b28c50bb7464a669d3321a3cc157c46dddce1cab51b9f9acbc4f3d470557c8e488ab9763629a26f2b46d4d8aeb4605f54bea8264b3275ca9e742e281c3", 0x6b}, {&(0x7f0000000240)="20243006f5a7a9358f30d19bcbf0f3d9c0539acab5384a7fe603b199275709be5730bd702d7b0aa6139f5cfe2c6d67066d2752e0c51b136e442b0a5aff0f1692e6ed8e91f9164249ffb5", 0x4a}, {&(0x7f0000000500)="87bcbc6a73ca29885b4b372e6821bd85e0ae3cabe680b7f15f7f50b82420ac728de6f82842f54d37b453c2dac3c6794ae27e58981e5b012461953bf24b4d018b65c8f1e83cb010c59a901021080e30a9c1155df10018690302090ffff9c4c6cccf131068a90a2ba60eb6004ca01a3cad987619bd014f7fb37e6bc0c038bc77c9a810f15f7518c2edd9b74cda2729e7511635dc246d59048da0fb764e18dc9ec862726e40cd8b045d8f643dd3bf4150a1c17ce358af28717a3b131362d85f67d1bd0de9b7653f", 0xc6}, {&(0x7f0000000300)="152eff5394396dafd8d357b3daa8fca0e2dad91d7e3b13f888a8676bf36d3bfb092ca0f8a99f43836a273c4a3039f03dc52747e781a04d7b0c5f5fb6119c448a410c1dcbdac6ed0bc7bf232561", 0x4d}, {&(0x7f0000000980)="2d74afbc1bc456247776c5bfda84c6aa2f1920769402320b8963b8009d206407ff275b75bf9d3abcab8a95e9beb9a9466a2778c410ba0220b3495f0103703eaa88d5d2cba9d242bc765ef4942111e3ef51dd8b9d3f41f8a941c2bb66c3492aa53d4805ce46af7c3bf89e3fd8a05a663f5a4e7b2a9f84fbe41565e4fb0e778d3688a6224acdda50d20081483445964f28897de6132b6d740c6a1f7144b4ecd555e5c706af8b202da0dc2cdb858f835a9d99dc20222b9b93c353c0760821b33d5cb7e96119905591321cb5a1745e2b62f64c9f2a17658493dcdc1153ffcf560761edbd9aee8395e54979b611beaee3614de6ac692a69446df5c52c8490bc0743edc0d03cef67a6b6e0e58712bdf0168d854614776055421b60e3cfa782300800d05042b87c75c0709a11f78b0ae1633c7875435365d0bfad514f9177237ab8cfec9069dd079fd642bfdd1dbd2a2b8bcc8ae2b63ef3882fb3f0f92245744b127163400901ab4ab2cfdea26a04b0b3fafd7d67180bcc489092fa9490bd9ad9c4bbfb7a4c99c92c2be9c4d6fda1940bd3121e46a9ae317a769b6630f181609d489858388977aad9f73d871dd2c97c705bfb8b55326721eb39b9a4ba992d2a054302c55d5915dd9af544a4b4b2358eca0e8df4a992118a01e26bc60f4022fa78ebcc5d6c9ab806b52ee6064a1cdfde032ce56b9fc17cdc3e2456622cd165392f291f74604985c9913a017bde7d92c3687355591cbf24d028d5558fb33c3bec66edb6705f2031f69c693ba4084b3b9aef6b0309fdf13b621bb843dac14e41bb44d1a0019fbd2ad4061d3ab9b0af4889c0be4310f8ad35b7ce8de1097e00431e806652f9ff917259b7df542b67bee11ff911bca07d608095ae7dbd59425a6ba2d01802fca5c28eca6a834d3d8529797b53830b2522f311aa832e4b9c0d36ffa4054a7e9af418745804bd3312c42486a3728138e935c327b6ecd2a17f49d8398cc59b0039d35b01aed16874b143f972cd846b825c13d984b46196da5a0998ad43055844159accddde6552b56c4757746890c81456db52ade3742a3a5125bc6193cbd882cb32a67008fd6cc5338e0757f5bc8ac6b851816cb16425fd553b5485b377a5cf0d437ed9b426ba07724455b09918c8e303108937977a304617b55c4a0af0f7cdf1c698dfbef80102bc91d30cf09ea51e87ae09e79319741300e63540059104ac03e0359d9c5e856ec69191be34340deb990e77f2c89cd33f38fb0e401127f9e20de235dcf5561e17cf50cd654c050c90773ff9285e8a17d49dcefc4cf434226f9b8ffffab180c5ee28baca602a30d1d46051320cfd88b7ae2c340a99d1b5e4e478f3376f7268bbb143e94e89ec87c2186851de27493f6363084200944b924067fca9ada2b0e04b5ab057ab2db91717768bbf49fd585401b8e55ec9b812b129204cdf52fc87dab2b15724ee38d2efc764d7fe9ac85c41b61180ccbc325c38bf502412665f07a6a9c9b10770e350c2049a79a05408db96928116b267502984e525509ec890ecc561369134943b4e37d6626cb343741ee34e642e8ef70c3c19be1a7fd034d379cd1beff27d79f8a878e65ec9c30405c671b4142203cc7d2421eb7e4ab9406d8e32d777488336a9307d2b02e0ff1e98f8ae99f9d81d9288a91ea60e30356ace2f7cc5d1854d16850db377336849c4b7c93e62cf6c29fde8e09083cbd3f1c48bc4dddce215eb162992e3728461d873cd1def2515f39e54f05a0589bfbe2be0a991cd8da1e832bc7ce8cf9d658af0ba5726df2ce768e65650320395b26aa434a2011687137d0ae46c2b94e91356100709e95a7c31fa305d7bfd6df0013832ff4899c4b667557a3e89b6c7ba1b63fe961bc09e8003d34ab5b4e9a8071935457d336e2d4bfec86e26d0e1f1993b00a24cac0516ffb25c4d95280727b9a29513244b718aa982f336e5ecc9c7e0776c013de5389ecb702b46032c6f4e48f4a1479cb92c8078265977b46596ec05ef8ed4f0d7e8bf79ee2ca5ce409a274b1dc878dedd90fab0568aab2982274f3d2dbc3a1cfee7a38fc5b7ba8d1c1611607a149de660164eac2960fde7321dee7b1cda4ae48d27971c15de242b27518cc57f6797b568233b06f566c103a1f6679601feb7533e34a9a22a6fe47eb0b10b3f38f589eb6bd8eccd54a13346818004d7f6039cb0312ab9c4b44887a3b6210f7962068e7f7971a50bbf1a49b94a02c0865853175a4988fd27bfaa550e8a1cf62eb7c511a047fc0cf9305b7e776ecb011f92d97e42d6876fe6315d922639810a12e51b529fd386b7c857d74b866818ce8c91a030db808d279b294eaf68422488170489d360448be1687d789b2a54ef74e9c194f6507750be018fd8c0c8ddea7b11558d5764dd9c49f60a23c1e01c78708ab7d00cecfcc0df5edfe581b8669be66abdfef00d96cc0393814330b33694fd6f293d19a3acd2ca62ce2c2c7b0b53096dc6d51ab873bfff0e659814ce5ca57d8ea57f8530ae16bd34df12f84aacbf9c75c636698582bbf97a2778866a8b64283ea781ba41b4aa3bbb3a7e9f1b271103d0abe8c728750e079cda9f5eb136999493db3b795c9c6897bafe5d6f3a13508b7f448333c1ec16159e10f166d2f65ab95cb8a77f68c72628f36117b2ceaa7260b389360d2044ec0f83643b42fe51cd6b1e68f5225b882e02e8c38735c683d508cfc4c39f787545448ff0a38d391f09dfa47b0320ee21e30ce53bc72e4f13fcf68e1e061229bea59bbdcafdff90a9ce83b611f8d9036af49cfc5258b8eae74331131fcbf4585e8769615115cb6d822d7b5dd6be3bd646349773bec8475d2385dcf21171dad2cf2c4af0bb46e09211f759f8fb9bc5f1a03239ed3b0b66546883f09a571e5d63c0a8c614bf8b3c7a72fbfdca320153676d264abe31e205a2819dc4a35345671b570256641c3865d139158d1faaf6cc544f0c2b1c7affcb8603c25e14fb72f0e280d86f8c20c06010307be68d7efcd771f595b9400ef47017830299f2524293eb41b3f47d95945e334eae4957b626e73e4bfeb0c4ccecdff8206046cd24f7759ccd2d39c2030c4180c8445b6022db1ee901726d043a46b21855163896698ca368eb2ddc3d40b93f9d1b141c88679d49e8b12e8ccd1a5c243812b4e069d26498ad8a21bcf4d39dde2003b6cfc2b44fa675e5862393b0017e0d920b4480e7a91e8062279d14ec5af29b4c976e9d8607c152228d2ed9c97c0ebe7d8d09ae855300a28eea284410fdeb82ccd90da86b630a5a23a006a6f94044a2165866bac8230fe93370b9cc0262963b377f0ceee16ce814ed2165259149b47125428354f4c4ae3f144f1b91b48ecd272b8050049381a39ef83d0c4f9f190a0dd0cdf0adc3e781592dee0fe0b8955ffc7bac4041730c8447967c6f2efb35b08545527ef53f7e4e5c4d529a8b632a9d1591b4f421089e53110565e83820724755d054c3a0e4569c0a0016117df5a019a9730f72f13ee9f56a8e13213d54f387e90f7cc7a5bf74bd8ed5c0b1f1085c5a75067ed2495ff4c021db8c0a807b096362f60b86948654c81bbb2a1514363e3a9d1771afbf8307983f636e0dd8db1aaa069842258ca499307ff8be4bf8d7c80db78c00441aa75e566a972be67b9cc9e8d3c6feec2d7360bb68e28d0258bbc4aec7cf92b53c7804f9551ecae4789549c0b9c013711e5fbc3fb8413812216b72dbc6687e3a7eefbab64f714d3d579c1be335aa1c1ba822f1e46446bf52ccdbdb937c09cd9723ae164fef8077ad41c3bd38e0993f509486db28dc4aece18c676006e99bd37229eb0bd29e69786e148a2eb0a0d8f0c9ef94f980d4ea74f209f8808377d0b6e1429cbbc8929fb956207266b79dab0c01c534d1d5361e8290b7d2b226d69859d37ecba7b3088c86857edde7557bd64c4bf741d4908e4e144f0d8dbd892ca6526ca970a43dc98e282e4f5be85690b35008194c276f836d40ac4e921bb8c51bb4cb8d29ed82e1ae858b6554fb01206c6d6a167f3f0ce08b531fba197beaeb8a96c0a07d1ad5a1ee0520b25a3ad141d214129ce596855b7dbbdfd0d387e40c512eb1f825200e61456f11db9e79315853712dc0d2f05d44399a914e54889eb00eb8c4860c2d4b07044d654b0c1f7da9d46f876047beff835f3944afa459f96f5fa62d31006fef15feb01273d51bd22c2c1e2766ed9a4ae7ed850923a35756dc2129f55c7037987912f7c49122038d5345c163a42a1e15f580af9a0eb5d262334aec4e74d2b9196bb38eb18bec82386c28164e12fc1a04005b2611e8a87bfde630ca6e549595e695f3374d6f7fd4125a806af250ff0caf3de09fa623f07491c99f264147034192fe968e7d00411904c741e25a8b01e77b57a2607694c2af70089e3eb7c90a4060e76d95d49ac37cdde1f7102a46f4463590cb041957f195d8e8b282d496a47dd6e9ca8b93bbeb7d8e7c4f77bb559156a007209068e8a4ab31bd59978cd41f285af46f20152e173d5b64aefae638e6c7962d9507a6210fbbe64d3b8aabff6440131d4e43b2d9f86413ba83d1c48ded3f27304e10d17de6b1e13aaa679d1721a3eabb342adca63e878d00f83cd1174d549bdf3964c39f6cb5809720dde412bb790d956d2df05dccedb2fc729a80d550fa956458951a18ecf36cd43f9a40391dcfb86d78c93b9c17591bd5d7f9ba024e1669d00ae64046f0024be21062ac8e0cc79f4ff636bf198aa7123dd6a0ec7618d878b18126464fb367f09c2015612633b4f007dd27de537b172b4755ea35f89e9bceaffcbca261574da9843363b99aeb3210c4b9fa54744048258c38bb9b20be1300442976d926d6a343a9311b04e54213384e8cacf6bde4a5cb9d2bc3ad0c132b08e6488eda2ea90229e5fb6f9b6452bb698533b6b9005ce1fcb9614e269196e99c91d92d148561dc7064e934c9eaadfca16da05feb6ff7170a34acd7276f077ee82456c678312edd379bb9bdc2dd45995ca02c9fafcfbfea5f5406a83d2bd0bbfc6dcfb1dd94b7c65d12a3a0cc8045401093146a08ef34be1f98f267012dd467b6a5f282eddff36d363dfecc552b3ae6907bc7cf7762497e5691a37407d6ad21bc1ffe904575ebecda5c292515be3032442b3f33b232d2ebd319b36e275e4037b44b2eef1086ce79fe5b12c33fcb8e8431c2e64a2c22356aa72aee25b4b9a79a6ff063601e44e9d211c4b37a029f62501297d3a6771a40da6b848c8ba705ccbd6adaae0240b86c54ad69dce38db84c7313767b1c299eab87e320f625b690ab884c358a4c0dab9534c9af3b36e5cb0e6dd2661c6de80002ef59c0dba4895a404e03c1fe0848901b29d563cc39ac4698627358446cf5906e8a41e696a0f5a8a5dbc6f1a7d3c1bf8ba6379bdfb1a8a16ce3d94bb1818ad5f9ca80e0e3672dbac06c705ea4e6e8efa015f9caff907e23d1be23ebcfcf292c66816e2e79d0e4a380d5c5c9e08a6ee418c915776e8886c250bab7294defee12639ee94df7a9fb65b9c5969cc1594b9f253ebf13b3f3a8452df8a52d15698b28e0ea4ed555ccc68de2f7543ca826901c25814cb88c9ab4c18046ea66272379a8ecfb0fe8659ff11b77da0193bd19f62a8130778c9aedb1dababdc548028d55bcd0989c025412db2b541b2310331e7e81eb550b1684afc0a2c2bb4c062fdec14ef3bbc0026ad756a3df0fb2fcddf593bea445988adbdf8acb6d789c8f6df4c52c35e7c700277a46bf72a148bce61f9a9f9297703c55320448640e61faa761d31da0875f99ea06423e8b09", 0x1000}, {&(0x7f0000000400)="c507ecb2692f6a14ac52dbb661da11be9055df06ab4aa6a2270086a2bae27ab2470057099d1c28ec3cad293cdc75f2698f5a2ece771e1b1fabb4567e4d2786db2a84a5d9c0b18ceec32a40a5ca59aa07c948805d45d7b27ab5217cade39e98b002497f9516284da2abf8007472731c0b2089d99a7b12f02c", 0x78}, {&(0x7f0000000600)="e33d66e8f66c986595c758380e7a5d214dbb0641c6704bc91655492bfbc14bf2126f08f33813142435cef4aec693de6aaf86de095a5f41b3eb937ff93c3969673d32acb0674d23ab20057f737d6c76b8f4f1a685a2540fd3990fca251682e55789", 0x61}, {&(0x7f0000000680)="92aead3281e351a3e3b53393338617c4d810bd462676b866620cc2afd0b143eb46b50c69516a369bcfcfd151ac5e6f911f61c609db0b2a0b0e9d079229ba23d81a07207108db0f16df4e6e", 0x4b}, {&(0x7f0000000100)="1226e6a7d76fe24b84b2c8e2e5530503ce1dc52a4f", 0x15}], 0x9, 0xfffffffa, 0xc, 0xae8352d8f18f46da)
sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
r7 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r7, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
r8 = openat$mice(0xffffff9c, &(0x7f0000001980), 0x80000)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000019c0)={<r9=>0x0, 0xd, 0x8, 0xfff8, 0x7ff, 0x84e, 0x3, 0x8000, {0x0, @in={{0x2, 0x4e22, @multicast2}}, 0x4, 0x7fffffff, 0x28, 0xd, 0x7c7}}, &(0x7f0000001a80)=0xb0)
setsockopt$inet_sctp6_SCTP_CONTEXT(r8, 0x84, 0x11, &(0x7f0000001ac0)={r9, 0x6}, 0x8)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000400)=[@in6={0xa, 0x4e21, 0xf, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}, @in6={0xa, 0x0, 0x0, @private0}], 0x38)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r7, 0x84, 0x65, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x7, @ipv4={'\x00', '\xff\xff', @empty=0xe0}}], 0x1c)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r7, 0x84, 0x1b, &(0x7f0000000780)={0x0, 0x4d, "43320186afec9fcdb14c560d529dc270b69d8fb697917a2267d8e1bf4aca9ff367aa2b349c4b7a9363b3ca85e1939efab9612d2eadbc4afca68ad619a3f7b7b40dec13b32fedad049d97776469"}, &(0x7f0000000380)=0x55)

151.245829ms ago: executing program 0 (id=1029):
socket(0x400000000010, 0x3, 0x0)
socket(0x40000000015, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000440)={0x0, 0x79a8, 0x8, 0x1, 0x29a}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x2, 0x8, 0x0, 0x3}, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x10, 0x0, 0x8000000000000005}, {0x10, 0x0, 0x1}]})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x5, 0x0, 0x0})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffcffffff, 0x20031, 0xffffffffffffffff, 0xbe9f5000)
userfaultfd(0x80001)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r9, 0x4080aebf, &(0x7f0000000600)=@vmx={0x0, 0x0, 0x2080, {0x26000, 0xdddd0000, {}, 0x0, 0x3}, {"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040bd19500"}})
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
ioctl$TCXONC(r10, 0x540a, 0x2)
ioctl$TIOCSPTLCK(r10, 0x40045431, &(0x7f0000000000))
r11 = ioctl$TIOCGPTPEER(r10, 0x5441, 0x3)
ppoll(&(0x7f0000000040)=[{r11, 0x2000}], 0x1, 0x0, 0x0, 0x0)

149.369688ms ago: executing program 1 (id=1030):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="1400f5001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a310000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a310000000058000000050a01020000000000000000010020000c00024000000000000000010900010073797a31000000002000048014"], 0xf4}}, 0x0)

147.312934ms ago: executing program 2 (id=1031):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x3, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x80000, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0x5, 0xb}, {0xc, 0x3}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e, 0x3000000}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb00"/38, 0x26}, {&(0x7f00000004c0)="f058fe7dad777f8f", 0x300}], 0x2}, 0x5)

141.699006ms ago: executing program 3 (id=1032):
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0100000003000000ec0b000007"], 0x48)
bpf$PROG_LOAD(0x2, &(0x7f00000004c0)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) (async)
r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r1, 0xab00, r2) (async, rerun: 32)
ioctl$NBD_DO_IT(r1, 0xab03) (rerun: 32)
close_range(r0, 0xffffffffffffffff, 0x0)

70.326493ms ago: executing program 1 (id=1033):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000340)={0x23, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0x0, @empty}}}, 0x104)
getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000180)=0xe1)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x102})
pread64(r1, &(0x7f0000000080)=""/15, 0xf, 0xf017)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000002000000000000000000", @ANYRES32=r3], 0x20}}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0)
unlink(&(0x7f0000000040)='./file0\x00')
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x1002006, &(0x7f0000000300)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r6}, 0x2c, {[{@default_permissions}, {@blksize={'blksize', 0x3d, 0x1200}}]}})
read$FUSE(r5, &(0x7f0000004280)={0x2020, 0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(r5, &(0x7f00000062c0)="23db5037805f177d136115e6a1a5903469af39c1fb9cb38215fe64cff9f2f0444a57e22b0cc5cb4f74c9792365400d9e1c68539ea5eff0a5ed0864814d39251bee8dfea69aa052d900bc0c792e1c9752b7d3a3222f6a1ad3e44c1f65617b128aea51911861ca36ba7c96b96b2fba0fdaa49ffb2612f3e81fe565327dd9965a60046442c9dcd0d552c6a00388be3b438a08883c7349761531880294ad9887db97d8c2f74921c57910cf1f5cc528e17bd5c3746b6202f26d621535aac5f7872c2cb3295e42524b5acb249b2d1ac1b53a4e31271decfca3fad2e2f740768adf00875c18cb7d115150f83ceb73f77a1f61f1666c2bb9f6bd9f0fb55b3a619446e32bae2a1d99aa49e5f3822e048f8be44b707f2db10d7916ec9a10a695d573d871cf24959c3d15e61344a68309d186956537c6ea8532fc2e1c7649f8409d8dcde4c8ee1530470ac9c870f9f1837574e444ba6addf5ddb2dec67c0e76df79f265b403818dddb4efc27c90985ed69a48b12056e548f9c99edf80d2b195d26acb1127661727a0600257f4b2546513d03930a0638a71bd3223e51fbb75c832ef737907f2f4d3f0505f431ea02783c798b5c4579c99961fb73dc623a0d99c1b306435464d413b537d42c6444851b36482597140b22fbc0ebc7e795b2f96739bf139f5823bc869ede547da4f394fa1b1787836095e1013264042e53d5006ea059d0488cb2f5ccd44b30d25ea53c2dda71d112d7d441dbfc9f8462c99c098b1958c80b237d83c32f2759c9a9c081d7d7666a477cfda59354309b09f2a8b9f6c3077b0df1e8d0c71ac07232de4f437107cb0eb9b47b2267efe31938a337cf11cadad72ced56895bb14763cca5bdadd245d801e829a1eb3bb4ed851a345918efd2dcf8d38f66badc773068e6a2ef59b2bb838abd8b043cf6ac54550f3fde1bbb9e761095e4b8ef1891757d376be1f778142610c0acbbfc697f51fbb7a1602ed46e82813c74f41ee2bae818174809f3692084bea7310ebec3d6166702ae62aad84313e19b4d145167185ea8d53cb21d099fb592d7d7f8bc305dd375b5c0cd73be44f49ff53cee220085d4706bbf50c6f63b02e7e805e8fa4c73046a57a8700886da29ea53e5a316e7b011c44a0f7be5cc5cb5641ba0069ff591eee18966c7f005ef40046a5fe2bf325b2545b009867761264aa9611d184fa372ba3c5c33d9a50717210f7cec7f6dc4418a87a797eb6aaf6ab3892bd3f559547c88d8c29646c8173fad1588f52beb34ff863be65e7ec1598cfb465f270bd5532fa7035aae077eedbc846058fa19f58ffb1cf0f1863f6d33f2e5c454d18b66be766ca369af2cc9656fa34c6c10e4d4da44ce5e2370aaf60c4e130da331d3489e8f44c600246323409fdd35d11da27128c9d64be65dd3a90c1546a6eb9185cb6d3a4a9cfad0e41ea03896fd2346f745eb3563d7a79fd345b037c040e56f0677840bf9b0d295bcfa98b931464c5ce9fcaf745720deac2d8b4edeffc0fe6f089ed7c3880959fcf8e31f7b7054bc4f5c9d3ed3f66c968d0bc20b2d66c374f030f3f1965f43a98519e527caf693362412d523eeb38c8b016ff77f78f833d7513e4b5a53d5ed5143916673f822ceac9967b8788bc6428283181eaf8d99e48286aacf4f658a903e9f08659450f7f9483807c2e013a1d9d199f18886a8cb4e14d41c71e5731455a4394551281eca12a1bb6ae717f5da2949175d0f1f3d718b761dfc1099c7d9d8928c899ac8e936e69d19fcbfcfdee83b68ef8e15eed41a8ac0d54aa92d7d2ee58bb4799f378225ec9ba4709e5ce2b77208ecc85c22c64967a9ef3360c54d311b8917ceb7b432c90cc5e98de9327c1400f8ec89261b1d77d8874b0bbdd2c5eb59df415705de52b08b0e12c07fb7367c6d461c19f282d51e482cb4fb9ceb0249ac2d6400ca170fbd6c0063224179c616bb030a5c10102aa2eea92f1e6f5828590b250b09e6d1a9535c298a68160b7c281fecdd295dc3396c4e6eb3395d5a677d5fa95a732dfdef81f4346545dd1a74bb3aa9b516699bdf0a59165077ab459a5ffe0dbb3ef8afa7a8382a8441e0c36ffabbed8f93f4bbeb97e5f6a704bf63a0de9ccf8fef643ebc530a80920931002003b027014de317c42f861d98ef4fef66d232d9706e6bd263347384dadadaa43a7e106bbb21bd822d468ace171b3f04b996112135b63dcbd612b5888ec40da583ab549c340ddaf5d7406c3e99322c68874214356c1fd9b5f84348e629cc3487a901d1b7a2fa531b1509ac1c93de3da9f1c3773e3a2aba2b29d2419f240ae6d24ed9f14bf0b9b0f1e740a2db06dab64d6386f950bff4e4c94160ef4b832bbde3af4937b7528658b5c16a51cb22193fe99385721ce5b048d9338e289dcb40683140c413eca52c8e4b64b306f47569477379c864cfb3aa3e349262407d3935ab9a0916eb0f6db2be71a7eb8f9968dfac44995d5bff8ef617fceeaa448f5e5f8d4b39e3512fe7ae9ee1d8a0d5912b6148969ab0325f3f76e2340fbd67ce156bdf638140b3ccdb08e5049db15957915cb05db8901249b10c59cc5c3ff836290e3334eee2df387e44c57b4d6198c3749f5dc57f6c3de115ced6b43cbddd762b58f1fb40b2baf3b381febdc073142e30d2e9a1a69e8d86314221e540f195509d223b206173dc5406865d8064817c30c284c034035a63190ab86df3bae4168c58e01d2251748fd5d9d610024129e83a5730fe83cf0918790e6854ab765c78649b91c06655f0cb9e26d8432df78bbadd99583b6a8afcf177ed6f339e08c0b36a16c6d31d8a24cb6f2bc3ba58d7711b6f8b988dc3e3144be619548457d4f40509f17eeb186cb93a2928ecb951593d1907c8bbb9f4c8999caba3059c8e73dce54ad6f87bcd51d559f7759902b14e68d3b845c0b179b38f4e6f0bd3a89cbcd5ebed9972102048647da1eda5c8456442369f4ae871d4037ba26f27d27371ce57e23adca5af8dc93f934f2ef8d69ad3b2db66657b3868dd839c2b522f5461f24407ef091b77242fc70a48b7eec45f3bcbcfbc6bdc36e4b67295020a345233a32a0a0af4d03a53ef67e69716d5ae35342722afbe7558946475a9ebf5b39c18558a0011f68bc8a78590b0cb63618379a512790c42d94bb239dd3ef5b8d1036cf0391aded8802a7a447c38f231ae611aeeab9bba44cd14369473758b64108d0bc9b6bc9e9b497c2d1d2acbae7c620a55c226cf371331688eaddec61fe961c5fcef71dad45820ed0ac8dc7641d82150f1318ac15aa41e7be585b6a50da1b3cd95239ee61cfde15aba80ae8ebc21ba4540883c6f44cd35b6b97da4640c97f5a2b6efa8d184fec823abc754ab8a0db6c45c2293e90d9c154c4a3e0b9ec2b6113ce6583b80f0d234dec9a9815067244733e2134b9ba93bb9692fb44200bb5501bb109f2401e8baaf0115d795bb0346dfafaf953bed8e9a52a5b9b02d490c55fd89daf311ad5e08b070a9571f696d6df4715c8b69b840e4e03d6f361326e20d9546c47b3a63163e7df9bd260621358c166177ee7c69ed63a8c43dd4a78543aa9f922c0ef527f4aa61ff65bb14595f518412ce25a1e103df89cd4b363593da16c11d80a23a9b5ad8e3a7be8f697cecf82c8fbd889a4f743c839b67f7ba5453b10bbf59b1e4f4e821872c061a4125c0c15c1ca5164efe61a58bb54dcedc849800a6021a448d4660c3b85e2362b7cd8ce95156fbf408a09a30a8ccfc3554004e9f9a35382907eec00617e2ae1f8803146bc8c28b4f3bf3c6b183ae9248e7f05c4adce3e0b7ff29252b5be9b19431e3fe612d471f52c5c34cc12c83049189f4d2e5ca516df78766ba3449d07ef9436c68052c986d9dde8802c931194e2ce34acb8cc26663a09348b15c6c145d26306bded0d1f482803ae6dee26562b03fcb183b69ee4a0491e8776ecdadfca395cb4eac2948d4d64321a4e669f2f663eb54f05f12ed9c685835c3e79f982152dbe701073b9a4ab2932b46ee2424a5e18bbe5f25ce0b898ff6937927f4670defe430ac86021226ae055daf39b535cdc0899fcc99d15e67d66bd2dd89bb21b8d2689a8af10a1b0bd44103c469922c36fc0228d7b6febf5e366dceecf8bb1db385c8ab95d86ff09b76c2fa6282de81fd6864c495a4c8295df61a2548e1b81c3e3f30d7a41216801d6c2d1743f66ae2055756083e8bf403d436b8244ac214f4d84a693d13f299ba267401d094f2df70840e8a980622794212f0992ecf5a47980ab2cf7d5a6f12b0a489af3c3c847ac59bc89f36fbb0e08bf283b68213a17de38b3a45eade6f0b198def408f7711c16367bcc0ded794a9a323c7e7f07fad96ea9c4d7344c26e43844a27c21076b8d7cd07677602d91eac825eb5fd0631755c2dd1dbf7bce3eb3c3f7377fc6080ecd0b894e29769845725943e25932d4249abb4ab78d4e2ff2e2df42c8d884cd6bd13886cef080c6491c217abae0eec6e9d4d49eab6657f15cfd38e6cd6d0bd33198c4685ab302d0f46e42f4a5d5bb7d2840a0a8817b98a856700d4de74351896fe7d7d5a0d1bc57fb4c828aa51f9637807aeb905780f239527ed4affd83f68be8b7ad1e10d9e797ba39cdee24f7be0a0ab0ac22ea3968dac61eb4bdd522c9ce570edf63a439abfd9954bf6a16c88d86157d05477200a83255cde279b454979cee4de00e81cb44acdc4295c877566a749ab5b91d250f03d46ecc14210c196700338eea028c930ce104f20a9e7fabb0ad1d314ec1a2d97d1d1b9e09114dee0e3e513eacede01971ff85dc98634156073df4e8acd6c3aadd615adaffa7a81573813bc4ca21886ddd532021bba5c84b34c34665534db48d61903a03c1cca4ed955ca92c1e33b7664b494e3db6d1e637a49e537808a2669ebeca301691acd4fab0af197b9c7db01b7862466b568ab3a4712a25210264fb297a6b679dfc3fceb65bddd1a23d5b507a0d6da83d73b716d971c5179a92e57b9b93451eb943845a549de737f2d082a83682c32649b4941e787758ead9d2c256b2b4ed1e0255952ce83cccecc39e5bbdd38490f1960b26e5379943be3d9a64b5149c84d577e5fd099560baa292befa06ce9065fb03ed432a9e055ca4ad0e952f8368b3d230fd5239726f79f4c98a0b4a9648382b245d324cb61049562f765f923fc657ef36747658494d78590a1e27a2d09856acf50c3b26271c6d5aa96e8ff9bdb9043859665e21ea53a050c335cac414bbf27b0328ac2c7450acb26b093bf232358afd1135ee50ac3fb26b5f0256ccdd37033c8a59740607cfd549d4c6540afe4a6b4425ae1f633872dcfb5da8d0547cf0c4888817b71fbc7c45b2a641e9c1a76b6a6be124402422ada35edc02ed997d6b87b361aee95a16d2c528d89a52fe40dfd83434969bd86f02e63fc1ae72941209af39a08cfbb4c320bc47d853f5dbaf0cd60ec54608aadbc382fa6b5cab3e9cac57bea26609f4c79f6a6b4eb4a9336fa95783b0c0c366f36d5d6b8310b3cfdb800207919a131bc7f984f7fa11fd0bf2c89e060e9d1286e453fe97363ef72bd6eba29a85ffeccdc3bee72e12284333a5a40622c01619558d2750fc45abfa22059ebdf743f8e50ad29770d19f84d8a34232d6918514769b3bb2a1ea5e59e9556332ba669675764458e9349a1835c501a93e91dd3b31018979880a9913f54ec1e8526b8cffcb776b97fbb9424faa5c5eb60d2ac74955bba4b5182571d0d9f84f0df1baa722b20a78c9c0011c667f688b58489c9e450d83e40ac5eb41c5564b6d76a226448abe4a3f499927074125aa9c0e7e704c36df5bb110a0f15f8433a470e81db414827d5ce21ca1da1c8d51d746d1e1ca110127c15e92afd75d3cd05ce0b632cfa03745de3cdd4b57373d46676583c89f045c26c6fc5793e5489555ced08f83ba351135834a2028113c319af30cc85bc01a7f8208822d7d607aed0d2e12c80aa009100441b75beaccfe0adbda7e8bb870edf4963158794c8c3a5baacf6eec7b5efaefb7602dab8409d161beeb281cba21f1da0ccdc092d0433fb940d79699ffeb87ea775829a6e7e3b308a2ee0b7aec8ac5f35eed61be374c7c77196f7119a8882deff68230f461cb917b0ccb2b8597efcbdd1003b7b77b2c601ebd4b45c35b8426f7b9138ab3df0ec00819604ab8e1e64cf2aa2282b1269585af127a268cd207f964edff172e555398a16df44bdc52889538c3a27f8fbfffb61f7aeb55b259952bbfea81d73058d8b0f78ece9dc08e660437d21d4e3ec38b19e5afda7a6e33023f9158db8a1c14dabd9b8b307ddc66927f7b19df5e0da2237d98ddd890b81f1963808977d02198e8ae2e97419dbb1f8e51cad36a3424b955500fbdaab6ff8dbf028708b1f951fe43864b59b6c2368b816c98023d4480a91b3f1059e9c214bf55a7f8c7da907f79ff5568fd787d3aa022ab9d03cde551f7e3295f02c4f3aa37e4cebdd968c0f82f09eb004fbdb1a4ef3a0d426691bde3964c29ea65622f5d3ffd854053545ba1ec164495e4bef4845439c058f9438d13be7922b656db499c246ee6176a15b97e6a68e42f0c703033b699504e1f92b43054c7237199bd013d96faab47433b6b3f91dc66368706439d4ef7da3942ce8b9c1c9a9d0643fc4540e7d3f1c3821267e866cacd3e904be9f9df80381eec09eb2b0d745ff03ffb199b917a14fdd8fbfbffe8bfb0cf7023aa7183301a8a41e7097ff9f5247f8b78f7d08bbfc596a81047807cf0929677222e7e9e921b294e04088c3746d8dc19294645f1c093a21b4c5e6d92e54dd90465b11dd5d9d42af849070edff4ec63970f4088daaa33afdebb28d01df5ee043a8150ab1b25d864ef31e20c84696596cfbea92d02ea29c4a3933c41ec68aee7d68d7eea7f30d8920e14e62be42bcf856d7a58f46fdb2438b023e974f77281c5a462553627e9614504cbd3f1cae6e0fd9f7e89d9bce48946d0508616fbe542303dc542982c61d7bb4afbf3e76bf1fb2381cdc99f2175ef944dcd826aabdca2b7678db5262733c69ce504c38e7deb7adfb9b6d8bb00d8e4251e0438417ea615cde58bd76c2427b3d7a0578bbbff9fde2abbc5d60307aff0050b18176158aaedb34e283886378ff798b4f74e0a0c95d64271f1916280dd247304d9201c67f5e2640d9706add8703cac81795a0190107e2bb2941ed13738595da1c86ba0f68e2283a435cb5f162c74071a13dfe2266d05abaef080dd6b1dade115e883e04f0bb4be4d91f535ae6f822b02e814e65d2b7807d199a23d3f26209f6c9f93602a3a93ccfdebb5f8161b7928059674e15820d1848a980c8d1af5a73aadc5c402fbb6e730ba51227913ca27f0d78d331d6325d0a7926c238296b2a22b10a69cdffeb087dfe175511ed8e2cde8d7dae140e4ce92f892b129d9940e4a30b19f822ef7611b8750eaea8e55502604b7d2358c09a217af8be6c86d67cf6ff6130c971c9765d56631fe6224fbe1e833d497b534fbf6b030af93691f59295279aa1bdfb5d5d9d4668d5aea70e2b8fc117df0042e91c7e6225f27329727ed6e14a87c7943c040dfee4e5c06a20251c39a45ab4865951b0daefb9c05571fdcc21d1761945bd2b8047ccedd6f1e708646fbe61e75bb2728e8cee893d7e6f642119e786155a6cbab057d6d83b77716145119e974ad7355179d2adc3d748fa249cb58e32e6791d646240c05da4427b2f359976c8fd1486c604cb7ee647e24633d8fca8314cf1f85110ca6351156a2b26e44b040f7d2810acd36f45a3969c1fafd1a7e0bc14fd9b26593375be8e750c3f6534ffb85904d15d75fba05dac4a673de97f7543ee931724cd35474cd7ff5cf3e8abaf206f3030e92895633fa9d8499ea763601560260109dad18bd64b990531fc5377e6eaa5da050b98e1c6515ea48c7de1a15b63283d4a694cbad379356bfdac50e6c343879e29f6b9ab425600d51f257ceb35d0ca00f83cf5bd734223de716747614666ba1f1a8fa756e5f3ff0fc94fa4bd4073bddb0098cf565ee40af5732ee9218d262e5b64ad6b8118c54eeaf7072f2e15514a401779b425fa89d8abb1750e56cc3108dffdcf2d3fd86b8af4560d56f7ff0702154211f9949e3992d93e66892b297fa2d4bfe18de3fd74e96c9d30eb14fd458fdbc9e9a34e00f3280dd732520147fa2a8fa83e91dd0687501466a300015bf888c03fc08190c2753d7719acf6f84885c4c5642f466c1984f15a7716a9b608ee5f1b395726bcc8519766667d24d11e396e62ea39640c9e73e4e9e9e5076d7019ca1bebbd7097807f46b3b6fcb96ed4b433b25ec551fb176a5fa252ed1d81b0350cfdfb8069c9916495bef3a262b6668910896c0b37eee40547c663a901e92f41b417ac50e88d058d021a8f9a5783bd936cca4962bec1c9886689cc547970f9215232596392515182e563f720bb79d29baaabf0e2697de6500bc677e346847011ee3450358c0b16ca528368b5cbb8df5ab974a3cef072d20c9906fa585e0f3083ec6d8507b8561f64e65aa1aecf825fc47ad1459c87771549fd5c9a9cc094e7b1179ee1e90eff7158f28f59f029d90e708f4ec50b4f67d8b4bb7140065528354a7e25d63e92977183a0284ec22aa923210f0bfea89cca53547137381e5de0f60bc484bc2daf129b0380244f1ed4bfb674eb2791e76dce33cae684ad36620d5d67cb587f840caed316b7439b0e8c3de0e065e62680f3997369be3466670278168c9a1a644d870e3a8d0a79b2b720e8c3c51bb9133532beee64319e98714bb2e6d5c0b723962d923b0ef454361d4b3cb470bf8c39031ed4a75267f499741be15aacac92d8e6afdcb01a2e7d2dbf549ceb2a2108c4079c620f05ca1bd31d631c2c8d35ca0d73155f56ed020c25e389db356edf510ae088d11b5e4fed51d0dce4d3aa04924b09c28200ede5bec1a8f38cc5f081055e0f28d75afc4d588ca0e828d00085d150beafdda17b8df9e7d9218ea7d81f2e076412901c5ae04d6929d717fea2fcc8e5a1e69dbd7b5258799a2fa5eb108b6cc35dfab599fb27e6d75f1030b83f452af8137830337141f031942eba83123d3f87b5f01623d4613e5a44b4952c300baf3d4d3dbbfb0ad024a19b3810a174ef8453d85a25822f66e45eba2490f29de1077683ccc32e3517f88b51e010672a982f7c8591450c9ab1573143aefb61c17ebb0c92dcb0494d116b970c2a827a6b3608ae10d583d1f7d092263fa873de9f31cd59bc9491ff012059b63a9120af89477f2ccc34eee7bd66de60af64730c879128b49d31da6400c2471e0d5abf707e560574b477b8e20ca45d92182d639eb434e14aea1a3f91ad8fb60e4859b77389753990513181ea3a82884235e8520294359435cfba220502b591fc28ac36ec697442657d290bd7aad7fce53a3f1766f2bf7d55c24d7c0e9c7a71d6f1282ea1478e0a36378b50e4fee281f686bc53f50138036e2a5d6199d40caff084fde7b63b3c0a47da0791107c3218330f7c2e2c7609aba202fae5290243b6033379eb15edc572eee452008e04c9b53efd5f3d88327317b38934745bc3de4c55bd818febc7a7953bf03c4029f77177c2a974310f0485aa46252f1000dc71934947287c38ea5854f29c7b82f630afb8caf1fd880670307b155a6e7feddc019cfbbbdc18f3bc03da3bd371d93ccbf56bcb39eea55c2d113efc148127c30089d21ce6a5088dbfbcf8f8d75c19456bc962c371548634a95382acb5a0886efc46a87bdc111dc0d1e54084cea0d58054f00762c91d7fe0f0fbcf4c280f29f9cd5999a5e8c6f507f8080d7c7ea9a8685be50722cf1a082f3728dec8d6152cdc72f8da6b1805643c042f4f6780ba79cc8a2165d9d7acec8ab2f421bc3e77b51c62c4bbb262b5674ea7d2dcf9acb894d050e91b052364322a5b08bd9667249571c004fb495da7e24fc5620adda3af6848ccf238911a52bdbff766e4e279ac274afa2c2302faba25b5fe98d972a04aa13f77c0c05d7dd82b0a19f1ded8cf5f99c80e392b0aab1264a29e9fbcf0b69f6b0a9f2332e09ab74dea7277106d0883bb264e279c67e5bc69009225bf4fd1a8532f9392a011b55a73a7cf8d16a59d695b2a65b57fad64a2041f8c28804ee1a48845c5dab757d04f1d95520aa9ddb69904d6529c0e14bd789dfe37067073b3e0e136ae2aebb1c34c55b94ce942f786be4b45f801f35f7c768d91a460b92ffa57ff675f0b4b00437a07f871a8650f21b2bf7c722c1d9e860e8955fef5699ee53a5f6fe46fb9e5e17a1c69fe2538af4718b7215ad2c00c3d420589a8653ee511b809945451fb8205b19ce377c8d0253b05493c557cf2bd8ef208e8fc01beceea1acca38d025f328f28d69bcfaa3adc6d9573a3832dc3f3c758fe08cf9cd0c32acfddae81b3682869e8aa9725b64336252aeb2ee8eb78f0721aa3158217a3009948adb297c5ea45ec26cb6d963c7be47ee1b93fa136ebe73a21936df0148fa311206f8bca2e80719aeca8745ff74ddaad5182644762c66333f942d9a93c467d5f9fd5d0dbbe57480362d4bb0f760294f4eba3e1b08047d256dbda157635d21a43aff3a71f6ad574b402bb36e5270d7ed082c6fbae07771721513ae9ddb22d23b00733046c898ee6ac05ef8a51ce41919e1f241cb98e0592ace68214620ba1a748ef81131661f58f1635713ca2873e150a3e848c8d2ebd039769fda112b73050efa4d1c35dbb46ca5a7b7ccbed1dcded36af272f6838b4c1e7e6778e7e9ca3d794f275d49c9e32e768097349118d2337e7c031ada38d0cc5c04c286ff93083f6d58d73a821118c93432fda9a8c76fa2cbcc093a7decac8e4f001ecc9f67faf1c2f102120f0618469cf653bbd5fcefd4ef2bae86dc4f5393b840f9f47140cf7f46a186c21878a43612a71d3b540b9994f010ab623f878264cf46c7366d0bec5d43d481b47846091fd3cda73a9a28ceb7f839eca695c9f084a16c812475f6575ef2368c88cc6655f47663ef69ce4779fe3ccc4dd85a07a9e4c6f39f42690d231f5727f45c247a53fd8df029fcefda4f328658435892519c17205a3c715ad6bb7387d09a5e387c83f008daf626f5977c66203af1143ef7b59ccd8e3c17bb156bca317861f0b9f222ea63c044075a3a74beaf05c23d0a75caa60397d831bbe507234fff154960faf0f02776d3f9038c955bf0c1ec9c92523cf0b855c18d6ac3b35d437796420ba3dfd581dc6adac64315c1cb1a2c3a45ec4655bb2bd6e0b4a3082281ed0697a213d1d93142e96b4fd57431d2f4547451d008ab58bcd9765ccf3ca3297becd5de9e2be0263cfca09935c9334b5e687bc7e7057dc2ed03873be22200c9fe32a9497dd00a336cf4c723ead302340b5cd1fef8cd88330a9089fc93af4ef739295b94407b291bf33f4f39c936736e1166106428f8796a4b92805f4dfcf46d8692b54e40a9e8584c0eaac4caada87bb33f553eafeef5051b889402176ab766936a38ddd7e5205d2c87e133a02e84ab24ba2d889a4c4db8cbe18b271455e84da716f4a32acdbc0a5aaba25a2ec757c73847dd1c4ccb2967c651e5257692a4553dde227846bfe2977021805f46a287c835ea8dc5", 0x2000, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x10, 0xffffffffffffffda, 0x3ff, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r5, &(0x7f0000000180)={0x50, 0x0, r7, {0x7, 0x2b, 0xffffffde, 0x3000400c, 0x0, 0xfffe, 0x2, 0xfffffffe, 0x0, 0x0, 0x100, 0x100}}, 0x50)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000140)={'tunl0\x00', 0x200})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r8 = socket(0x28, 0x801, 0x0)
close(0x3)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, &(0x7f00000000c0)=0x1, 0x3, 0x5)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x8c, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r8}})

266.25µs ago: executing program 2 (id=1034):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet_mptcp(0x2, 0x1, 0x106)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f0000000e40), 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
r1 = fanotify_init(0x4, 0x1800)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fanotify_mark(r1, 0x101, 0x8000011, r2, 0x0)
ftruncate(r0, 0x6000000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x4000)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x40400, 0x8)
fcntl$notify(r3, 0x402, 0x8000003b)
syz_emit_ethernet(0x14a, &(0x7f0000001c00)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x114, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, [{0x1, 0x9, "119af5264211f92cb30b935adbe4539a04fb78bf411f0a7f7d29c6ab2f5c37fed1fad9c24f4a2623204a4e1bc24f777b75794187541923627897012af582345ad91e9b6c75b226765449b5b2"}, {0x19}, {0x19}, {0x1}, {0x3f, 0x16, "c2442f06967e9deff11a126a52d305a4efd7f7fbd19a089a84b8cffb66db225553bf8f5de5e6009d74ffcabd99ab821794267597339595cdb926117acbf79a32f0f48f4cd9629dfb4783aadc5a608ab45996145615eabb1f48683500ee73556e2a9756d96b289a8cf767672dc27717ebc9ad8e215db2edc77f3c3ed2a48b5a0c27db8e802f8733fe2e0f87b612afecdf302b90e43b43dd47fc7e63fc78e78efaf67a1682f1186a703e3150a850a0"}]}}}}}}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timerfd_create(0x9, 0x80000)
r4 = syz_open_dev$MSR(&(0x7f0000000000), 0xfffffffb, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB="00000000edff000000000000000042c100000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/26], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

0s ago: executing program 1 (id=1035):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c800}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
lseek(0xffffffffffffffff, 0x1, 0x1)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
socket(0x10, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r2, 0x8949, &(0x7f0000000000))
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xff00}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x70}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@dev={0xfe, 0x80, '\x00', 0x38}, 0x81, 0x2, 0x0, 0x0, 0x400, 0x4}, 0x20)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
close(r0)

kernel console output (not intermixed with test programs):

urge local tt entries to fit new maximum fragment MTU (-320)
[  117.982207][ T6852] netlink: 'syz.2.217': attribute type 10 has an invalid length.
[  117.990678][ T6852] 8021q: adding VLAN 0 to HW filter on device batadv0
[  117.995614][ T6852] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  118.018306][ T6851] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  118.105654][ T6845] Cannot find add_set index 2 as target
[  118.600803][ T6865] netlink: 'syz.2.220': attribute type 4 has an invalid length.
[  118.603746][ T6865] netlink: 17 bytes leftover after parsing attributes in process `syz.2.220'.
[  118.724026][ T6870] netlink: 'syz.3.221': attribute type 10 has an invalid length.
[  118.732750][ T6870] team0: Port device netdevsim0 added
[  118.735543][ T6870] netlink: 'syz.3.221': attribute type 10 has an invalid length.
[  118.743556][ T6870] team0: Port device netdevsim0 removed
[  118.749153][ T6870] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  119.480753][ T6875] tipc: Started in network mode
[  119.482869][ T6875] tipc: Node identity 7f000001, cluster identity 4711
[  119.486263][ T6875] tipc: Enabled bearer <udp:syz2>, priority 10
[  119.493498][ T6875] netlink: 104 bytes leftover after parsing attributes in process `syz.3.224'.
[  119.504280][ T6875] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  119.510771][ T6875] tipc: Enabled bearer <udp:syz0>, priority 10
[  119.569620][ T6879] Invalid logical block size (1056964608)
[  119.610663][ T6881] can: request_module (can-proto-0) failed.
[  119.638445][ T6881] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  119.906545][ T1472] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  120.066546][ T1472] usb 7-1: Using ep0 maxpacket: 8
[  120.070234][ T1472] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  120.075052][ T1472] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  120.079122][ T1472] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  120.083290][ T1472] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  120.088712][ T1472] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  120.092541][ T1472] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.303569][ T1472] usb 7-1: GET_CAPABILITIES returned 0
[  120.305626][ T1472] usbtmc 7-1:16.0: can't read capabilities
[  120.309676][ T6893] netlink: 28 bytes leftover after parsing attributes in process `syz.0.229'.
[  120.460931][ T6897] loop9: detected capacity change from 0 to 7
[  120.578803][   T60] usb 7-1: USB disconnect, device number 2
[  120.598021][ T6017] tipc: Node number set to 2130706433
[  120.629005][ T5951] Dev loop9: unable to read RDB block 7
[  120.631898][ T5951]  loop9: unable to read partition table
[  120.633833][ T5951] loop9: partition table beyond EOD, truncated
[  120.905880][ T6897] Dev loop9: unable to read RDB block 7
[  120.976619][ T6897]  loop9: unable to read partition table
[  120.979923][ T6897] loop9: partition table beyond EOD, truncated
[  120.982573][ T6897] loop_reread_partitions: partition scan of loop9 (��) failed (rc=-5)
[  122.325683][ T6925] netlink: 4 bytes leftover after parsing attributes in process `syz.3.237'.
[  123.131198][ T6943] serio: Serial port ptm0
[  123.134422][ T6944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.239'.
[  123.346574][  T843] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  123.496591][  T843] usb 5-1: Using ep0 maxpacket: 32
[  123.500316][  T843] usb 5-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  123.504717][  T843] usb 5-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  123.509861][  T843] usb 5-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  123.514507][  T843] usb 5-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  123.522341][  T843] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  123.526145][  T843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.529749][  T843] usb 5-1: Product: syz
[  123.531557][  T843] usb 5-1: Manufacturer: syz
[  123.533560][  T843] usb 5-1: SerialNumber: syz
[  123.548775][    C0] imon 5-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  123.555482][   T10] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  123.560449][  T843] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/input/input6
[  123.637818][ T6951] overlayfs: overlapping lowerdir path
[  123.651328][ T6951] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  123.654953][ T6951] overlayfs: overlapping lowerdir path
[  123.726560][   T10] usb 6-1: Using ep0 maxpacket: 8
[  123.731109][   T10] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  123.734361][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  123.737620][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  123.740937][   T10] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  123.745075][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  123.748645][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.796439][  T843] imon 5-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  123.799258][  T843]  (id 0x00)
[  123.859534][  T843] rc_core: IR keymap rc-imon-pad not found
[  123.861808][  T843] Registered IR keymap rc-empty
[  123.863456][  T843] imon 5-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  123.876456][  T843] imon 5-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  123.956042][   T10] usb 6-1: GET_CAPABILITIES returned 0
[  123.958075][   T10] usbtmc 6-1:16.0: can't read capabilities
[  124.088022][ T6962] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.106681][ T6962] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.147963][  T843] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/rc/rc0
[  124.153157][  T843] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/rc/rc0/input7
[  124.169611][ T1472] usb 6-1: USB disconnect, device number 4
[  124.179215][  T843] imon 5-1:155.0: iMON device (15c2:ffdc, intf0) on usb<5:8> initialized
[  124.235348][ T6973] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  124.370329][ T6979] usb usb8: usbfs: process 6979 (syz.2.246) did not claim interface 4 before use
[  125.434937][ T6992] netlink: 4 bytes leftover after parsing attributes in process `syz.3.250'.
[  127.136984][ T6009] usb 5-1: USB disconnect, device number 8
[  127.202660][ T7004] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  129.696488][   T34] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  129.866660][   T34] usb 8-1: Using ep0 maxpacket: 8
[  129.870476][   T34] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  129.873474][   T34] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  129.876546][   T34] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  129.880150][   T34] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  129.884673][   T34] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  129.887838][   T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.094725][   T34] usb 8-1: GET_CAPABILITIES returned 0
[  130.096633][   T34] usbtmc 8-1:16.0: can't read capabilities
[  130.185562][ T7019] qnx6: unable to read the first superblock
[  130.245997][ T7024] process 'syz.1.258' launched '/dev/fd/11' with NULL argv: empty string added
[  130.305081][ T1472] usb 8-1: USB disconnect, device number 5
[  131.599120][ T7046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.262'.
[  131.744886][   T40] kauditd_printk_skb: 49 callbacks suppressed
[  131.744965][   T40] audit: type=1326 audit(1769455673.068:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.263" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  131.929380][   T40] audit: type=1326 audit(1769455673.068:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.263" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  132.203431][ T7044] kvm: kvm [7039]: vcpu1, guest rIP: 0x1a3 Unhandled WRMSR(0xc1) = 0x8000
[  132.408553][ T7053] dlm: Unknown command passed to DLM device : 3
[  132.408553][ T7053] 
[  132.414126][ T7053] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.264' resets device
[  133.029706][ T7063] lo speed is unknown, defaulting to 1000
[  133.950827][ T7071] netlink: 'syz.3.266': attribute type 4 has an invalid length.
[  133.953430][ T7071] netlink: 17 bytes leftover after parsing attributes in process `syz.3.266'.
[  134.712487][ T7083] netlink: 12 bytes leftover after parsing attributes in process `syz.1.267'.
[  134.766544][ T6009] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  134.845753][ T7086] overlayfs: overlapping lowerdir path
[  134.870127][ T7086] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  134.874186][ T7086] overlayfs: overlapping lowerdir path
[  134.956577][ T6009] usb 8-1: Using ep0 maxpacket: 8
[  134.963643][ T6009] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  134.968533][ T6009] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  134.972140][ T6009] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  134.975417][ T6009] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.981592][ T6009] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  134.984863][ T6009] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.308294][ T6009] usb 8-1: GET_CAPABILITIES returned 0
[  135.696464][ T6009] usbtmc 8-1:16.0: can't read capabilities
[  135.769601][ T6009] usb 8-1: USB disconnect, device number 6
[  136.781900][ T7098] random: crng reseeded on system resumption
[  137.498545][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  137.714650][ T7119] netlink: 64 bytes leftover after parsing attributes in process `syz.2.280'.
[  137.778146][ T7114] block nbd0: server does not support multiple connections per device.
[  137.784636][ T7114] block nbd0: shutting down sockets
[  137.798008][ T7121] netlink: 'syz.3.282': attribute type 1 has an invalid length.
[  138.510849][ T7133] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  138.513606][ T7133] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  138.518568][ T7133] vhci_hcd vhci_hcd.0: Device attached
[  138.803140][ T7134] vhci_hcd: connection closed
[  138.803509][   T12] vhci_hcd vhci_hcd.0: stop threads
[  138.820700][ T6034] usb 38-1: SetAddress Request (10) to port 0
[  138.823371][ T6034] usb 38-1: new SuperSpeed USB device number 10 using vhci_hcd
[  138.832703][   T12] vhci_hcd vhci_hcd.0: release socket
[  138.846689][   T12] vhci_hcd vhci_hcd.0: disconnect device
[  138.866567][ T6034] usb 38-1: enqueue for inactive port 0
[  139.050887][ T7144] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  139.053644][ T7144] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  139.057473][ T7144] vhci_hcd vhci_hcd.0: Device attached
[  139.065538][ T7144] x_tables: duplicate underflow at hook 3
[  139.258473][ T6034] usb usb38-port1: attempt power cycle
[  139.326567][ T1472] usb 44-1: SetAddress Request (6) to port 0
[  139.329235][ T1472] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  139.505971][ T7148] netlink: 'syz.2.287': attribute type 2 has an invalid length.
[  139.697056][ T7145] vhci_hcd: connection reset by peer
[  139.698976][   T12] vhci_hcd vhci_hcd.3: stop threads
[  139.700723][   T12] vhci_hcd vhci_hcd.3: release socket
[  139.703047][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  139.820190][ T6034] usb usb38-port1: unable to enumerate USB device
[  139.921269][ T7157] netlink: 'syz.0.291': attribute type 1 has an invalid length.
[  139.998212][ T7157] bond1: (slave bridge1): making interface the new active one
[  139.998695][ T7160] netlink: 'syz.1.292': attribute type 1 has an invalid length.
[  140.003605][ T7160] netlink: 24 bytes leftover after parsing attributes in process `syz.1.292'.
[  140.004760][ T7157] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  140.019626][ T7162] 9p: Bad value for 'wfdno'
[  140.024396][ T7162] pim6reg: entered allmulticast mode
[  140.235868][ T7175] netlink: 'syz.1.292': attribute type 4 has an invalid length.
[  140.716576][   T34] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  140.869794][   T34] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  140.873079][   T34] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  140.873504][ T7191] Cannot find add_set index 2 as target
[  140.877812][   T34] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  140.881570][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.884001][   T34] usb 7-1: Product: syz
[  140.885336][   T34] usb 7-1: Manufacturer: syz
[  140.887001][   T34] usb 7-1: SerialNumber: syz
[  141.189402][   T34] cdc_ncm 7-1:1.0: bind() failure
[  141.193332][   T34] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  141.206471][   T34] cdc_ncm 7-1:1.1: bind() failure
[  141.211105][   T34] usb 7-1: USB disconnect, device number 3
[  141.347616][ T7203] =======================================================
[  141.347616][ T7203] WARNING: The mand mount option has been deprecated and
[  141.347616][ T7203]          and is ignored by this kernel. Remove the mand
[  141.347616][ T7203]          option from the mount to silence this warning.
[  141.347616][ T7203] =======================================================
[  142.423905][ T7217] netlink: 48 bytes leftover after parsing attributes in process `syz.2.307'.
[  143.369925][ T7237] netlink: 'syz.1.308': attribute type 4 has an invalid length.
[  143.372995][ T7237] netlink: 17 bytes leftover after parsing attributes in process `syz.1.308'.
[  143.573502][ T7239] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  143.576201][ T7239] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  143.579625][ T7239] vhci_hcd vhci_hcd.0: Device attached
[  143.585219][ T7240] vhci_hcd: cannot find the pending unlink 6
[  143.589116][ T7240] vhci_hcd: connection closed
[  143.593528][   T62] vhci_hcd vhci_hcd.2: stop threads
[  143.596895][   T62] vhci_hcd vhci_hcd.2: release socket
[  143.598728][   T62] vhci_hcd vhci_hcd.2: disconnect device
[  144.250971][ T7249] could not allocate digest TFM handle crc32-pclmul
[  144.376616][ T1472] usb 44-1: device descriptor read/8, error -110
[  144.537653][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  144.586591][  T843] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  144.736544][  T843] usb 5-1: Using ep0 maxpacket: 8
[  144.741350][  T843] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  144.745050][  T843] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.756596][  T843] pvrusb2: Hardware description: Terratec Grabster AV400
[  144.759614][  T843] pvrusb2: **********
[  144.761327][  T843] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  144.765310][  T843] pvrusb2: Important functionality might not be entirely working.
[  144.769336][  T843] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  144.774041][  T843] pvrusb2: **********
[  144.776963][ T1472] usb usb44-port1: attempt power cycle
[  144.962878][ T2491] pvrusb2: Invalid write control endpoint
[  145.005483][ T2491] pvrusb2: Invalid write control endpoint
[  145.012001][ T2491] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  145.015573][ T2491] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  145.019703][ T2491] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  145.023302][ T2491] pvrusb2: Device being rendered inoperable
[  145.026763][ T2491] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  145.029065][ T2491] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  145.036044][ T2491] pvrusb2: Attached sub-driver cx25840
[  145.038346][ T2491] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  145.041505][ T2491] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  145.224749][ T7267] syz_tun: refused to change device tx_queue_len
[  145.227601][ T7267] net_ratelimit: 12 callbacks suppressed
[  145.227664][ T7267] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  145.346861][ T1472] usb usb44-port1: unable to enumerate USB device
[  146.436010][  T830] usb 5-1: USB disconnect, device number 9
[  151.198131][ T7290] netlink: 'syz.3.320': attribute type 27 has an invalid length.
[  151.249961][ T7296] netlink: 4 bytes leftover after parsing attributes in process `syz.3.320'.
[  151.292364][ T7290] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.296776][ T7290] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.532333][ T7290] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  151.540579][ T7290] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.873474][ T7291] netlink: 8 bytes leftover after parsing attributes in process `syz.1.319'.
[  151.882112][ T1472] lo speed is unknown, defaulting to 1000
[  151.884156][ T1472] syz0: Port: 1 Link DOWN
[  151.886091][   T62] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  151.899937][   T62] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  151.909007][   T62] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  151.920506][   T12] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  152.201801][ T7311] comedi comedi2: ni_at_a2150: I/O port conflict (0x3,28)
[  152.218891][ T7308] netlink: 'syz.0.323': attribute type 21 has an invalid length.
[  152.231250][ T7316] netlink: 16 bytes leftover after parsing attributes in process `syz.2.326'.
[  152.330767][ T7317] netlink: 'syz.3.324': attribute type 4 has an invalid length.
[  152.334073][ T7317] netlink: 17 bytes leftover after parsing attributes in process `syz.3.324'.
[  152.463293][ T7321] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  152.466072][ T7321] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  152.470809][ T7321] vhci_hcd vhci_hcd.0: Device attached
[  152.647087][  T843] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  152.706519][   T10] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  152.787825][  T843] usb 6-1: device descriptor read/64, error -71
[  153.017369][ T7331] comedi comedi3: pcl816: I/O port conflict (0x1,16)
[  153.026532][  T843] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  153.065939][ T7322] vhci_hcd: connection reset by peer
[  153.070639][ T1142] vhci_hcd vhci_hcd.2: stop threads
[  153.072447][ T1142] vhci_hcd vhci_hcd.2: release socket
[  153.076155][ T1142] vhci_hcd vhci_hcd.2: disconnect device
[  153.166501][  T843] usb 6-1: device descriptor read/64, error -71
[  153.350997][  T843] usb usb6-port1: attempt power cycle
[  153.686538][  T843] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  153.716968][  T843] usb 6-1: device descriptor read/8, error -71
[  153.803478][ T7343] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  153.966503][  T843] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  153.995587][  T843] usb 6-1: device descriptor read/8, error -71
[  154.107239][  T843] usb usb6-port1: unable to enumerate USB device
[  156.169855][ T7372] netlink: 4 bytes leftover after parsing attributes in process `syz.1.340'.
[  158.086527][   T10] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  158.204444][ T7390] infiniband syz2: set down
[  158.204475][ T7390] infiniband syz2: added ipvlan0
[  158.206988][ T7390] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  158.208821][ T7390] infiniband syz2: Couldn't open port 1
[  158.266678][ T7390] RDS/IB: syz2: added
[  158.266932][ T7390] smc: adding ib device syz2 with port count 1
[  158.266979][ T7390] smc:    ib device syz2 port 1 has no pnetid
[  158.401573][ T7401] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  158.401696][ T7401] overlayfs: overlapping lowerdir path
[  159.057613][ T7409] netlink: 16 bytes leftover after parsing attributes in process `syz.3.347'.
[  159.660324][ T7421] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  159.662696][ T7421] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  160.574195][ T7432] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  160.576974][ T7432] overlayfs: overlapping lowerdir path
[  161.350319][ T7436] netlink: 'syz.3.355': attribute type 4 has an invalid length.
[  161.352817][ T7436] netlink: 17 bytes leftover after parsing attributes in process `syz.3.355'.
[  161.422041][ T7441] netlink: 4 bytes leftover after parsing attributes in process `syz.3.357'.
[  161.677033][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  162.296160][ T7465] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.360'.
[  162.296671][ T7466] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.360'.
[  162.302132][ T7466] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[  162.308632][ T7465] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[  162.431856][   T40] audit: type=1326 audit(1769455703.818:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7477 comm="syz.0.362" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f57579 code=0x0
[  162.584158][ T7480] netlink: 4 bytes leftover after parsing attributes in process `syz.2.363'.
[  162.592217][ T7480] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.677864][ T7480] bridge_slave_1 (unregistering): left allmulticast mode
[  162.680151][ T7480] bridge_slave_1 (unregistering): left promiscuous mode
[  162.682335][ T7480] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.476235][ T7497] netlink: 12 bytes leftover after parsing attributes in process `syz.2.365'.
[  168.798816][ T7528] netlink: 'syz.2.369': attribute type 4 has an invalid length.
[  168.801239][ T7528] netlink: 17 bytes leftover after parsing attributes in process `syz.2.369'.
[  168.946905][ T7534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.368'.
[  169.707045][ T7538] overlayfs: failed to resolve './file1': -2
[  169.778040][ T7544] netlink: 'syz.1.374': attribute type 1 has an invalid length.
[  169.798501][ T7544] 8021q: adding VLAN 0 to HW filter on device bond1
[  169.929044][ T7544] vlan2: entered allmulticast mode
[  169.931648][ T7544] veth0_to_bond: entered allmulticast mode
[  169.937481][ T7544] bond1: (slave vlan2): making interface the new active one
[  169.942518][ T7544] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  170.186595][  T843] IPVS: starting estimator thread 0...
[  170.276636][ T7560] IPVS: using max 28 ests per chain, 67200 per kthread
[  172.020937][ T7569] autofs: Unknown parameter './file1'
[  172.139804][ T7575] comedi comedi0: Minor 47 could not be opened
[  173.173830][   T40] audit: type=1326 audit(1769455714.558:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.186988][   T40] audit: type=1326 audit(1769455714.558:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.204151][   T40] audit: type=1326 audit(1769455714.568:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.218441][   T40] audit: type=1326 audit(1769455714.568:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.237297][   T40] audit: type=1326 audit(1769455714.568:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.245896][   T40] audit: type=1326 audit(1769455714.568:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.274934][   T40] audit: type=1326 audit(1769455714.568:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.295256][   T40] audit: type=1326 audit(1769455714.568:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.305440][   T40] audit: type=1326 audit(1769455714.578:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  173.321206][   T40] audit: type=1326 audit(1769455714.578:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7576 comm="syz.3.381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  174.166919][   T59] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  174.316541][   T59] usb 6-1: Using ep0 maxpacket: 8
[  174.328550][   T59] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  174.336925][   T59] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  174.342388][   T59] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  174.351606][   T59] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  174.355704][   T59] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  174.371738][   T59] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  174.375381][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.596929][   T59] usb 6-1: GET_CAPABILITIES returned 0
[  174.598711][   T59] usbtmc 6-1:16.0: can't read capabilities
[  174.879466][ T7592] netlink: 24 bytes leftover after parsing attributes in process `syz.3.385'.
[  175.126179][ T7598] netlink: 'syz.3.387': attribute type 4 has an invalid length.
[  175.129130][ T7598] netlink: 17 bytes leftover after parsing attributes in process `syz.3.387'.
[  175.888537][ T6922] usb 6-1: USB disconnect, device number 9
[  176.149013][ T7607] netlink: 12 bytes leftover after parsing attributes in process `syz.3.389'.
[  178.366827][ T7615] netlink: 12 bytes leftover after parsing attributes in process `syz.1.391'.
[  178.385712][ T7615] 8021q: adding VLAN 0 to HW filter on device bond2
[  178.523914][ T7615] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  178.543494][ T7615] bond2: entered allmulticast mode
[  178.545194][ T7615] dummy0: entered allmulticast mode
[  178.791752][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  178.791763][   T40] audit: type=1326 audit(1769455720.178:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.1.393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  178.805647][   T40] audit: type=1326 audit(1769455720.188:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.1.393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  180.041239][ T7652] FAULT_INJECTION: forcing a failure.
[  180.041239][ T7652] name failslab, interval 1, probability 0, space 0, times 0
[  180.045227][ T7652] CPU: 2 UID: 0 PID: 7652 Comm: syz.2.400 Not tainted syzkaller #0 PREEMPT(full) 
[  180.045244][ T7652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  180.045250][ T7652] Call Trace:
[  180.045255][ T7652]  <TASK>
[  180.045261][ T7652]  dump_stack_lvl+0x100/0x190
[  180.045292][ T7652]  should_fail_ex.cold+0x5/0xa
[  180.045310][ T7652]  should_failslab+0xc2/0x120
[  180.045326][ T7652]  __kmalloc_node_track_caller_noprof+0xf9/0x9d0
[  180.045342][ T7652]  ? mptcp_pm_nl_add_addr_doit+0x1e6/0xc80
[  180.045364][ T7652]  ? kmemdup_noprof+0x29/0x60
[  180.045378][ T7652]  kmemdup_noprof+0x29/0x60
[  180.045392][ T7652]  mptcp_pm_nl_add_addr_doit+0x1e6/0xc80
[  180.045407][ T7652]  ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10
[  180.045419][ T7652]  ? __pfx___nla_validate_parse+0x10/0x10
[  180.045439][ T7652]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  180.045452][ T7652]  ? rcu_is_watching+0x12/0xc0
[  180.045462][ T7652]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  180.045475][ T7652]  ? trace_kmalloc+0x83/0xb0
[  180.045489][ T7652]  ? __kmalloc_noprof+0x365/0x9c0
[  180.045504][ T7652]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[  180.045516][ T7652]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[  180.045531][ T7652]  genl_family_rcv_msg_doit+0x214/0x300
[  180.045544][ T7652]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  180.045556][ T7652]  ? genl_get_cmd+0x3ef/0x720
[  180.045569][ T7652]  ? bpf_lsm_capable+0x9/0x10
[  180.045579][ T7652]  ? security_capable+0x80/0x260
[  180.045594][ T7652]  ? ns_capable+0xd2/0xf0
[  180.045607][ T7652]  genl_rcv_msg+0x560/0x800
[  180.045620][ T7652]  ? __pfx_genl_rcv_msg+0x10/0x10
[  180.045632][ T7652]  ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10
[  180.045650][ T7652]  netlink_rcv_skb+0x159/0x420
[  180.045667][ T7652]  ? __pfx_genl_rcv_msg+0x10/0x10
[  180.045679][ T7652]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  180.045703][ T7652]  ? netlink_deliver_tap+0x1ae/0xcc0
[  180.045721][ T7652]  genl_rcv+0x28/0x40
[  180.045731][ T7652]  netlink_unicast+0x5aa/0x870
[  180.045754][ T7652]  ? __pfx_netlink_unicast+0x10/0x10
[  180.045777][ T7652]  netlink_sendmsg+0x8b0/0xda0
[  180.045796][ T7652]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.045815][ T7652]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  180.045832][ T7652]  ____sys_sendmsg+0xa54/0xc30
[  180.045846][ T7652]  ? __pfx_____sys_sendmsg+0x10/0x10
[  180.045865][ T7652]  ___sys_sendmsg+0x190/0x1e0
[  180.045879][ T7652]  ? __pfx____sys_sendmsg+0x10/0x10
[  180.045909][ T7652]  __sys_sendmsg+0x170/0x220
[  180.045925][ T7652]  ? __pfx___sys_sendmsg+0x10/0x10
[  180.045947][ T7652]  ? __pfx_ksys_write+0x10/0x10
[  180.045963][ T7652]  __do_fast_syscall_32+0xde/0x660
[  180.045979][ T7652]  do_fast_syscall_32+0x32/0x70
[  180.045993][ T7652]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  180.046007][ T7652] RIP: 0023:0xf73dd579
[  180.046016][ T7652] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  180.046026][ T7652] RSP: 002b:00000000f53e550c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  180.046036][ T7652] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000400
[  180.046043][ T7652] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  180.046049][ T7652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  180.046054][ T7652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  180.046060][ T7652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  180.046074][ T7652]  </TASK>
[  180.236706][ T7655] netlink: 'syz.2.401': attribute type 9 has an invalid length.
[  180.586497][ T6922] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  180.755290][ T7661] netlink: 20 bytes leftover after parsing attributes in process `syz.1.404'.
[  180.756339][ T6922] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  180.766512][ T6922] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 28530, setting to 64
[  180.774282][ T6922] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  180.777176][ T6922] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  180.779708][ T6922] usb 7-1: Manufacturer: syz
[  180.782702][ T6922] usb 7-1: config 0 descriptor??
[  180.796487][  T843] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  180.836486][ T6922] rc_core: IR keymap rc-hauppauge not found
[  180.838484][ T6922] Registered IR keymap rc-empty
[  180.842117][ T6922] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[  180.846764][ T6922] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input12
[  180.948230][  T843] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  180.951863][  T843] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  180.955999][  T843] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  180.959813][  T843] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  180.964279][  T843] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  180.970650][  T843] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  180.974380][  T843] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  180.978010][  T843] usb 5-1: Product: syz
[  180.979787][  T843] usb 5-1: Manufacturer: syz
[  180.985824][  T843] cdc_wdm 5-1:1.0: skipping garbage
[  180.988382][  T843] cdc_wdm 5-1:1.0: skipping garbage
[  180.995480][  T843] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  180.998207][  T843] cdc_wdm 5-1:1.0: Unknown control protocol
[  181.280262][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  181.280592][ T6922] usb 5-1: USB disconnect, device number 10
[  181.282956][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  181.287891][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  181.293610][ T7659] cdc_wdm 5-1:1.0: Tx URB error: -19
[  181.774958][   T40] audit: type=1326 audit(1769455723.158:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  181.788332][   T40] audit: type=1326 audit(1769455723.158:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  181.797023][   T40] audit: type=1326 audit(1769455723.158:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.405" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf742d579 code=0x7ffc0000
[  181.805466][   T40] audit: type=1326 audit(1769455723.158:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  181.813903][   T40] audit: type=1326 audit(1769455723.158:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  181.821143][   T40] audit: type=1326 audit(1769455723.158:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.405" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf742d579 code=0x7ffc0000
[  181.829544][   T40] audit: type=1326 audit(1769455723.158:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  181.837988][   T40] audit: type=1326 audit(1769455723.158:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  182.396003][ T7678] netlink: 4 bytes leftover after parsing attributes in process `syz.0.407'.
[  182.548707][ T7682] netlink: 'syz.0.408': attribute type 4 has an invalid length.
[  182.552199][ T7682] netlink: 17 bytes leftover after parsing attributes in process `syz.0.408'.
[  183.301387][  T843] usb 7-1: USB disconnect, device number 4
[  183.938506][ T7699] genirq: Flags mismatch irq 4. 00200000 (aio_iiro_16) vs. 00200080 (ttyS0)
[  184.216547][   T34] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  184.367297][   T34] usb 6-1: Using ep0 maxpacket: 8
[  184.375745][   T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  184.381108][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  184.385175][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  184.390098][   T34] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  184.395829][   T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  184.399861][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.609482][   T34] usb 6-1: GET_CAPABILITIES returned 0
[  184.611358][   T34] usbtmc 6-1:16.0: can't read capabilities
[  185.108262][  T843] usb 6-1: USB disconnect, device number 10
[  185.283102][ T7690] netdevsim netdevsim0 : renamed from netdevsim0 (while UP)
[  185.297469][ T7693] comedi comedi0: Minor 47 could not be opened
[  185.736625][ T5954] Bluetooth: hci2: command 0x0406 tx timeout
[  185.738669][ T5954] Bluetooth: hci3: command 0x0406 tx timeout
[  185.740645][ T5954] Bluetooth: hci1: command 0x0406 tx timeout
[  185.891414][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  185.891431][   T40] audit: type=1326 audit(1769455727.278:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  185.904797][   T40] audit: type=1326 audit(1769455727.278:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  185.915413][   T40] audit: type=1326 audit(1769455727.278:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  185.920970][ T7717] kvm: kvm [7715]: vcpu1, guest rIP: 0x1a3 Unhandled WRMSR(0xc1) = 0x8000
[  185.924741][   T40] audit: type=1326 audit(1769455727.278:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  185.935813][   T40] audit: type=1326 audit(1769455727.278:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  185.947070][   T40] audit: type=1326 audit(1769455727.278:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  186.072528][   T40] audit: type=1326 audit(1769455727.278:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  186.108751][   T40] audit: type=1326 audit(1769455727.278:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  186.115578][   T40] audit: type=1326 audit(1769455727.278:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  186.122590][   T40] audit: type=1326 audit(1769455727.318:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.0.419" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  187.414705][ T7737] Bluetooth: MGMT ver 1.23
[  187.426222][ T7737] 9p: Unknown Cache mode or invalid value fscache��z��M�G���{ʼn�Ɲ�!��	�|q�:oz&�ϫaj��
[  187.806592][  T843] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  187.956519][  T843] usb 7-1: Using ep0 maxpacket: 8
[  187.960881][  T843] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  187.965262][  T843] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  187.972137][  T843] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  187.981774][  T843] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  187.991795][  T843] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  187.995620][  T843] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.054311][ T7747] netlink: 'syz.1.428': attribute type 7 has an invalid length.
[  188.077496][ T1231] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  188.082890][ T1231] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  188.091522][ T1231] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  188.105134][ T1231] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  188.288653][  T843] usb 7-1: GET_CAPABILITIES returned 0
[  188.296651][  T843] usbtmc 7-1:16.0: can't read capabilities
[  188.545418][ T7750] netlink: 12 bytes leftover after parsing attributes in process `syz.0.429'.
[  189.012071][ T7758] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  189.025222][ T1472] usb 7-1: USB disconnect, device number 5
[  189.201108][ T7766] Invalid logical block size (2304)
[  189.339630][ T7773] netlink: 'syz.0.435': attribute type 4 has an invalid length.
[  189.342624][ T7773] netlink: 17 bytes leftover after parsing attributes in process `syz.0.435'.
[  189.754582][ T7775] netlink: 'syz.3.431': attribute type 2 has an invalid length.
[  189.780865][ T7783] netlink: 12 bytes leftover after parsing attributes in process `syz.1.436'.
[  189.861368][ T7786] syzkaller1: entered promiscuous mode
[  189.863569][ T7786] syzkaller1: entered allmulticast mode
[  190.528103][ T7793] FAULT_INJECTION: forcing a failure.
[  190.528103][ T7793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.532392][ T7793] CPU: 1 UID: 0 PID: 7793 Comm: syz.0.441 Not tainted syzkaller #0 PREEMPT(full) 
[  190.532407][ T7793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  190.532413][ T7793] Call Trace:
[  190.532418][ T7793]  <TASK>
[  190.532423][ T7793]  dump_stack_lvl+0x100/0x190
[  190.532454][ T7793]  should_fail_ex.cold+0x5/0xa
[  190.532472][ T7793]  _copy_from_user+0x2e/0xd0
[  190.532494][ T7793]  raw_setsockopt+0x11c7/0x1440
[  190.532518][ T7793]  ? __pfx_aa_sk_perm+0x10/0x10
[  190.532535][ T7793]  ? __pfx_raw_setsockopt+0x10/0x10
[  190.532553][ T7793]  ? aa_sock_opt_perm+0xfe/0x1b0
[  190.532567][ T7793]  ? __pfx_raw_setsockopt+0x10/0x10
[  190.532584][ T7793]  do_sock_setsockopt+0xf3/0x1d0
[  190.532598][ T7793]  __sys_setsockopt+0x119/0x190
[  190.532616][ T7793]  __ia32_sys_setsockopt+0xbc/0x160
[  190.532632][ T7793]  ? __do_fast_syscall_32+0x97/0x660
[  190.532646][ T7793]  ? lockdep_hardirqs_on+0x78/0x100
[  190.532658][ T7793]  __do_fast_syscall_32+0xde/0x660
[  190.532673][ T7793]  do_fast_syscall_32+0x32/0x70
[  190.532687][ T7793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.532701][ T7793] RIP: 0023:0xf7f57579
[  190.532709][ T7793] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  190.532719][ T7793] RSP: 002b:00000000f53d450c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  190.532730][ T7793] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000065
[  190.532737][ T7793] RDX: 0000000000000001 RSI: 00000000800000c0 RDI: 0000000000000f00
[  190.532743][ T7793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.532749][ T7793] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  190.532755][ T7793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.532768][ T7793]  </TASK>
[  191.388206][ T7798] xt_hashlimit: overflow, try lower: 60585/0
[  191.737080][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  191.954756][ T7810] netlink: 'syz.1.446': attribute type 4 has an invalid length.
[  191.958224][ T7810] netlink: 17 bytes leftover after parsing attributes in process `syz.1.446'.
[  192.688574][ T7817] input: syz1 as /devices/virtual/input/input14
[  193.021667][ T7825] FAULT_INJECTION: forcing a failure.
[  193.021667][ T7825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.029033][ T7825] CPU: 2 UID: 0 PID: 7825 Comm: syz.1.451 Not tainted syzkaller #0 PREEMPT(full) 
[  193.029058][ T7825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  193.029069][ T7825] Call Trace:
[  193.029074][ T7825]  <TASK>
[  193.029081][ T7825]  dump_stack_lvl+0x100/0x190
[  193.029107][ T7825]  should_fail_ex.cold+0x5/0xa
[  193.029136][ T7825]  _copy_to_user+0x32/0xd0
[  193.029164][ T7825]  simple_read_from_buffer+0xcb/0x170
[  193.029184][ T7825]  proc_fail_nth_read+0x1af/0x230
[  193.029206][ T7825]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  193.029228][ T7825]  ? rw_verify_area+0xce/0x6d0
[  193.029245][ T7825]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  193.029264][ T7825]  vfs_read+0x1e4/0xb30
[  193.029287][ T7825]  ? __pfx_vfs_read+0x10/0x10
[  193.029303][ T7825]  ? find_held_lock+0x2b/0x80
[  193.029320][ T7825]  ? __fget_files+0x215/0x3d0
[  193.029343][ T7825]  ? __fget_files+0x21f/0x3d0
[  193.029368][ T7825]  ksys_read+0x12a/0x250
[  193.029387][ T7825]  ? __pfx_ksys_read+0x10/0x10
[  193.029413][ T7825]  do_int80_emulation+0x101/0x470
[  193.029438][ T7825]  asm_int80_emulation+0x1a/0x20
[  193.029454][ T7825] RIP: 0023:0xf719572b
[  193.029468][ T7825] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  193.029482][ T7825] RSP: 002b:00000000f54564bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  193.029499][ T7825] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54565d0
[  193.029509][ T7825] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  193.029519][ T7825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  193.029528][ T7825] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  193.029537][ T7825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.029561][ T7825]  </TASK>
[  193.130104][ T7831] overlayfs: workdir and upperdir must be separate subtrees
[  193.693757][ T7846] netlink: 'syz.1.456': attribute type 2 has an invalid length.
[  193.828078][    C0] batman_adv: batadv0: Local translation table size (72) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  194.056281][ T7851] netlink: 'syz.1.459': attribute type 4 has an invalid length.
[  194.059223][ T7851] netlink: 17 bytes leftover after parsing attributes in process `syz.1.459'.
[  194.826572][ T7876] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  194.828746][ T7876] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  194.831663][ T7876] vhci_hcd vhci_hcd.0: Device attached
[  195.116568][   T34] usb 42-1: SetAddress Request (2) to port 0
[  195.120267][   T34] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  195.283280][ T7884] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.465'.
[  195.509719][ T7877] vhci_hcd: connection reset by peer
[  195.512069][ T1231] vhci_hcd vhci_hcd.2: stop threads
[  195.514275][ T1231] vhci_hcd vhci_hcd.2: release socket
[  195.517369][ T1231] vhci_hcd vhci_hcd.2: disconnect device
[  195.675875][ T7889] block device autoloading is deprecated and will be removed.
[  196.155254][ T7897] gtp1: entered promiscuous mode
[  196.157968][ T7897] gtp1: entered allmulticast mode
[  196.412397][ T7897] netlink: 'syz.2.469': attribute type 1 has an invalid length.
[  196.960709][ T7915] netlink: 'syz.1.473': attribute type 4 has an invalid length.
[  196.963381][ T7915] netlink: 17 bytes leftover after parsing attributes in process `syz.1.473'.
[  197.607223][ T7919] random: crng reseeded on system resumption
[  197.639559][ T7917] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  197.744699][ T7924] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  197.751727][ T7924] kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  197.754568][ T7924] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  197.852878][ T7924] kvm: requested 2514 ns i8254 timer period limited to 200000 ns
[  197.860686][ T7924] kvm: requested 25980 ns i8254 timer period limited to 200000 ns
[  197.864017][ T7924] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  197.868799][ T7924] kvm: requested 100571 ns i8254 timer period limited to 200000 ns
[  197.872560][ T7924] kvm: requested 8380 ns i8254 timer period limited to 200000 ns
[  197.957057][ T7924] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  198.947030][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  200.216647][   T34] usb 42-1: device descriptor read/8, error -110
[  200.509678][ T7947] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration
[  200.636911][   T34] usb usb42-port1: attempt power cycle
[  201.200609][   T34] usb usb42-port1: unable to enumerate USB device
[  201.375958][ T7957] input: syz0 as /devices/virtual/input/input15
[  201.972775][  T111] ODEBUG: Out of memory. ODEBUG disabled
[  202.217037][ T7968] netlink: 20 bytes leftover after parsing attributes in process `syz.0.486'.
[  202.984986][ T7979] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  202.987372][ T7979] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  202.990125][ T7979] vhci_hcd vhci_hcd.0: Device attached
[  203.256537][ T1472] usb 38-1: SetAddress Request (14) to port 0
[  203.258565][ T1472] usb 38-1: new SuperSpeed USB device number 14 using vhci_hcd
[  203.817425][ T7981] vhci_hcd: connection reset by peer
[  203.827410][   T13] vhci_hcd vhci_hcd.0: stop threads
[  203.827875][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  203.829368][   T13] vhci_hcd vhci_hcd.0: release socket
[  203.834570][   T13] vhci_hcd vhci_hcd.0: disconnect device
[  204.625192][ T8020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.499'.
[  204.863358][ T8020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.499'.
[  205.136540][   T24] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  205.286485][   T24] usb 7-1: Using ep0 maxpacket: 8
[  205.289533][   T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  205.292761][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  205.295976][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  205.299431][   T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  205.303602][   T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  205.306729][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.526327][   T24] usb 7-1: GET_CAPABILITIES returned 0
[  205.528558][   T24] usbtmc 7-1:16.0: can't read capabilities
[  205.731767][   T24] usb 7-1: USB disconnect, device number 6
[  206.382744][ T8049] netlink: 56 bytes leftover after parsing attributes in process `syz.1.504'.
[  208.296669][ T1472] usb 38-1: device descriptor read/8, error -110
[  208.687791][ T1472] usb usb38-port1: attempt power cycle
[  209.247881][ T1472] usb usb38-port1: unable to enumerate USB device
[  212.710144][ T8064] syz.0.505: page allocation failure: order:2, mode:0xcc1(GFP_KERNEL|GFP_DMA), nodemask=(null),cpuset=/,mems_allowed=0-1
[  212.715119][ T8064] CPU: 0 UID: 0 PID: 8064 Comm: syz.0.505 Not tainted syzkaller #0 PREEMPT(full) 
[  212.715160][ T8064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  212.715171][ T8064] Call Trace:
[  212.715175][ T8064]  <TASK>
[  212.715180][ T8064]  dump_stack_lvl+0x100/0x190
[  212.715213][ T8064]  warn_alloc.cold+0x95/0x1c1
[  212.715232][ T8064]  ? __pfx_warn_alloc+0x10/0x10
[  212.715247][ T8064]  ? __mutex_unlock_slowpath+0x15c/0x790
[  212.715279][ T8064]  __alloc_frozen_pages_noprof+0x1442/0x2410
[  212.715301][ T8064]  ? lockdep_hardirqs_on+0x78/0x100
[  212.715316][ T8064]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  212.715330][ T8064]  ? stack_depot_save_flags+0x3f8/0x9c0
[  212.715358][ T8064]  ? comedi_isadma_alloc+0x10c/0x6e0
[  212.715373][ T8064]  ? pcl818_attach+0x1103/0x15b0
[  212.715384][ T8064]  ? comedi_device_attach+0x3d2/0x660
[  212.715399][ T8064]  ? do_devconfig_ioctl+0x1b3/0x6d0
[  212.715413][ T8064]  ? comedi_unlocked_ioctl+0x44c/0x2e70
[  212.715435][ T8064]  __alloc_pages_noprof+0xb/0x1b0
[  212.715451][ T8064]  __dma_direct_alloc_pages.isra.0+0x47c/0x8f0
[  212.715472][ T8064]  ? __pfx___dma_direct_alloc_pages.isra.0+0x10/0x10
[  212.715492][ T8064]  ? dma_alloc_from_dev_coherent+0x2e0/0x570
[  212.715513][ T8064]  dma_direct_alloc+0x8f/0x590
[  212.715532][ T8064]  dma_alloc_attrs+0x185/0x2b0
[  212.715554][ T8064]  ? __pfx_dma_alloc_attrs+0x10/0x10
[  212.715574][ T8064]  ? dma_direct_supported+0xca/0x220
[  212.715589][ T8064]  comedi_isadma_alloc+0x3dc/0x6e0
[  212.715606][ T8064]  ? __pfx_comedi_isadma_alloc+0x10/0x10
[  212.715622][ T8064]  ? request_threaded_irq+0x27b/0x3e0
[  212.715638][ T8064]  pcl818_attach+0x1103/0x15b0
[  212.715654][ T8064]  comedi_device_attach+0x3d2/0x660
[  212.715668][ T8064]  do_devconfig_ioctl+0x1b3/0x6d0
[  212.715681][ T8064]  ? comedi_unlocked_ioctl+0x163/0x2e70
[  212.715697][ T8064]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  212.715717][ T8064]  ? kasan_save_stack+0x3f/0x50
[  212.715730][ T8064]  ? kasan_save_stack+0x30/0x50
[  212.715743][ T8064]  ? kasan_save_track+0x14/0x30
[  212.715756][ T8064]  ? kasan_save_free_info+0x3b/0x70
[  212.715767][ T8064]  ? __kasan_slab_free+0x5f/0x80
[  212.715781][ T8064]  ? kfree+0x1c7/0x690
[  212.715790][ T8064]  ? tomoyo_path_number_perm+0x46d/0x580
[  212.715806][ T8064]  ? security_file_ioctl_compat+0xd3/0x230
[  212.715827][ T8064]  comedi_unlocked_ioctl+0x44c/0x2e70
[  212.715848][ T8064]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  212.715874][ T8064]  ? kasan_quarantine_put+0x104/0x240
[  212.715888][ T8064]  ? lockdep_hardirqs_on+0x78/0x100
[  212.715904][ T8064]  ? find_held_lock+0x2b/0x80
[  212.715914][ T8064]  ? tomoyo_path_number_perm+0x28f/0x580
[  212.715931][ T8064]  ? tomoyo_path_number_perm+0x28f/0x580
[  212.715950][ T8064]  ? tomoyo_path_number_perm+0x188/0x580
[  212.715970][ T8064]  comedi_compat_ioctl+0x438/0xe20
[  212.715988][ T8064]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  212.716005][ T8064]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  212.716019][ T8064]  ? do_vfs_ioctl+0x226/0x13e0
[  212.716037][ T8064]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  212.716059][ T8064]  ? find_held_lock+0x2b/0x80
[  212.716070][ T8064]  ? hook_file_ioctl_common+0x146/0x410
[  212.716090][ T8064]  ? __fget_files+0x21f/0x3d0
[  212.716112][ T8064]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  212.716137][ T8064]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  212.716165][ T8064]  __do_fast_syscall_32+0xde/0x660
[  212.716184][ T8064]  do_fast_syscall_32+0x32/0x70
[  212.716198][ T8064]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.716213][ T8064] RIP: 0023:0xf7f57579
[  212.716223][ T8064] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  212.716235][ T8064] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  212.716246][ T8064] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040946400
[  212.716253][ T8064] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  212.716259][ T8064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.716266][ T8064] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  212.716272][ T8064] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.716287][ T8064]  </TASK>
[  212.716291][ T8064] Mem-Info:
[  212.856832][ T8064] active_anon:4231 inactive_anon:10351 isolated_anon:0
[  212.856832][ T8064]  active_file:4040 inactive_file:42857 isolated_file:0
[  212.856832][ T8064]  unevictable:1768 dirty:56 writeback:0
[  212.856832][ T8064]  slab_reclaimable:7167 slab_unreclaimable:54063
[  212.856832][ T8064]  mapped:23961 shmem:12528 pagetables:1018
[  212.856832][ T8064]  sec_pagetables:314 bounce:0
[  212.856832][ T8064]  kernel_misc_reclaimable:0
[  212.856832][ T8064]  free:42767 free_pcp:0 free_cma:0
[  212.903424][ T8064] Node 0 active_anon:556kB inactive_anon:292kB active_file:12kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:168kB dirty:0kB writeback:4kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10192kB pagetables:2148kB sec_pagetables:1160kB all_unreclaimable? no Balloon:0kB
[  212.914668][ T8064] Node 0 DMA free:2668kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  212.926549][ T8064] lowmem_reserve[]: 0 288 288 288 288
[  212.928735][ T8064] Node 0 DMA: 35*4kB (U) 14*8kB (U) 9*16kB (U) 13*32kB (U) 5*64kB (U) 2*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 2668kB
[  212.934334][ T8064] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  212.945536][ T8064] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  212.956792][ T8077] netlink: 36 bytes leftover after parsing attributes in process `syz.3.508'.
[  212.960654][ T8077] 8021q: VLANs not supported on ip6tnl0
[  212.976934][ T8064] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  212.980750][ T8064] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  212.984009][ T8064] 60464 total pagecache pages
[  212.986877][ T8064] 1046 pages in swap cache
[  212.988616][ T8064] Free swap  = 113472kB
[  212.990086][ T8064] Total swap = 124996kB
[  212.991516][ T8064] 524155 pages RAM
[  212.992855][ T8064] 0 pages HighMem/MovableOnly
[  212.994632][ T8064] 209484 pages reserved
[  212.996094][ T8064] 0 pages cma reserved
[  213.016638][   T34] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  213.199962][   T34] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  213.203285][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.206873][   T34] usb 7-1: Product: syz
[  213.208583][   T34] usb 7-1: Manufacturer: syz
[  213.210555][   T34] usb 7-1: SerialNumber: syz
[  213.229521][   T34] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  213.264763][   T34] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  213.469348][ T6034] usb 7-1: USB disconnect, device number 7
[  213.597409][ T1472] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  213.786473][ T1472] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  213.958411][ T1472] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  213.962000][ T1472] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 28530, setting to 64
[  213.969483][ T1472] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  213.972859][ T1472] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  213.977217][ T1472] usb 6-1: Manufacturer: syz
[  213.980964][ T1472] usb 6-1: config 0 descriptor??
[  214.044563][ T1472] rc_core: IR keymap rc-hauppauge not found
[  214.046581][ T1472] Registered IR keymap rc-empty
[  214.049222][ T1472] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  214.055072][ T1472] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input16
[  214.196996][  T843] usb 6-1: USB disconnect, device number 11
[  214.296587][   T34] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  214.298993][   T34] ath9k_htc: Failed to initialize the device
[  214.301499][ T6034] usb 7-1: ath9k_htc: USB layer deinitialized
[  214.457439][ T8118] syzkaller0: entered promiscuous mode
[  214.459875][ T8118] syzkaller0: entered allmulticast mode
[  214.596675][ T6034] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  214.760022][ T6034] usb 7-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  214.763847][ T6034] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.767558][ T6034] usb 7-1: Product: syz
[  214.769424][ T6034] usb 7-1: Manufacturer: syz
[  214.771422][ T6034] usb 7-1: SerialNumber: syz
[  215.012568][ T6034] rtl8150 7-1:1.0: couldn't reset the device
[  215.014807][ T6034] rtl8150 7-1:1.0: probe with driver rtl8150 failed with error -5
[  215.020145][ T6034] usb 7-1: USB disconnect, device number 8
[  216.136692][ T5961] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  223.977022][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  224.374021][ T8179] tipc: Can't bind to reserved service type 1
[  224.419857][ T8179] input: syz1 as /devices/virtual/input/input17
[  233.856611][ T8239] loop7: detected capacity change from 0 to 16384
[  233.975886][ T8245] netlink: 'syz.3.536': attribute type 4 has an invalid length.
[  233.978475][ T8245] netlink: 17 bytes leftover after parsing attributes in process `syz.3.536'.
[  235.682805][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  235.682817][   T40] audit: type=1804 audit(1769455777.068:100): pid=8265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.540" name="/newroot/139/file0/file0" dev="9p" ino=72614075 res=1 errno=0
[  236.569435][   T59] hid-generic 0003:0003:0000.0003: unknown main item tag 0x0
[  236.572682][   T59] hid-generic 0003:0003:0000.0003: unknown main item tag 0x0
[  236.575860][   T59] hid-generic 0003:0003:0000.0003: unknown main item tag 0x0
[  236.602702][   T59] hid-generic 0003:0003:0000.0003: hidraw1: USB HID v0.00 Device [syz1] on syz1
[  237.189350][ T8290] netlink: 76 bytes leftover after parsing attributes in process `syz.3.550'.
[  237.208208][ T8293] usb usb1: usbfs: process 8293 (syz.1.549) did not claim interface 0 before use
[  238.480297][   T40] audit: type=1400 audit(1769455779.868:101): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147C8A3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04
[  238.610772][ T8333] netlink: 8 bytes leftover after parsing attributes in process `syz.3.559'.
[  238.799510][ T8338] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  238.801915][ T8338] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  238.816557][ T8338] vhci_hcd vhci_hcd.0: Device attached
[  238.822012][ T8341] vhci_hcd: connection closed
[  238.822385][   T46] vhci_hcd vhci_hcd.2: stop threads
[  238.826881][   T46] vhci_hcd vhci_hcd.2: release socket
[  238.828974][   T46] vhci_hcd vhci_hcd.2: disconnect device
[  240.261399][ T8362] netlink: 'syz.3.568': attribute type 16 has an invalid length.
[  240.264083][ T8362] netlink: 'syz.3.568': attribute type 17 has an invalid length.
[  240.608619][ T8377] comedi comedi0: Minor 47 could not be opened
[  243.149806][ T8394] FAULT_INJECTION: forcing a failure.
[  243.149806][ T8394] name failslab, interval 1, probability 0, space 0, times 0
[  243.153769][ T8394] CPU: 2 UID: 0 PID: 8394 Comm: syz.0.579 Not tainted syzkaller #0 PREEMPT(full) 
[  243.153785][ T8394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  243.153792][ T8394] Call Trace:
[  243.153796][ T8394]  <TASK>
[  243.153801][ T8394]  dump_stack_lvl+0x100/0x190
[  243.153818][ T8394]  should_fail_ex.cold+0x5/0xa
[  243.153849][ T8394]  should_failslab+0xc2/0x120
[  243.153865][ T8394]  ? tomoyo_encode2+0xfb/0x3c0
[  243.153875][ T8394]  __kmalloc_noprof+0xf6/0x9c0
[  243.153891][ T8394]  ? tomoyo_encode2+0xfb/0x3c0
[  243.153900][ T8394]  tomoyo_encode2+0xfb/0x3c0
[  243.153913][ T8394]  tomoyo_encode+0x29/0x50
[  243.153922][ T8394]  tomoyo_realpath_from_path+0x18c/0x690
[  243.153937][ T8394]  tomoyo_path_number_perm+0x23c/0x580
[  243.153953][ T8394]  ? tomoyo_path_number_perm+0x22e/0x580
[  243.153970][ T8394]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  243.153986][ T8394]  ? lock_acquire+0x17c/0x330
[  243.154000][ T8394]  ? find_held_lock+0x2b/0x80
[  243.154025][ T8394]  ? find_held_lock+0x2b/0x80
[  243.154034][ T8394]  ? hook_file_ioctl_common+0x146/0x410
[  243.154051][ T8394]  ? __fget_files+0x215/0x3d0
[  243.154065][ T8394]  ? __fget_files+0x21f/0x3d0
[  243.154079][ T8394]  security_file_ioctl_compat+0xd3/0x230
[  243.154097][ T8394]  __ia32_compat_sys_ioctl+0xc2/0x360
[  243.154118][ T8394]  __do_fast_syscall_32+0xde/0x660
[  243.154134][ T8394]  do_fast_syscall_32+0x32/0x70
[  243.154148][ T8394]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  243.154166][ T8394] RIP: 0023:0xf7f57579
[  243.154175][ T8394] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  243.154186][ T8394] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  243.154196][ T8394] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c040565f
[  243.154203][ T8394] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  243.154210][ T8394] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.154215][ T8394] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  243.154222][ T8394] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.154236][ T8394]  </TASK>
[  243.154319][ T8394] ERROR: Out of memory at tomoyo_realpath_from_path.
[  243.407067][ T8399] netlink: 20 bytes leftover after parsing attributes in process `syz.0.581'.
[  243.499259][ T8402] capability: warning: `syz.2.582' uses deprecated v2 capabilities in a way that may be insecure
[  243.810369][ T8411] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  243.812575][ T8411] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  243.828056][ T8411] vhci_hcd vhci_hcd.0: Device attached
[  244.118551][ T1472] usb 42-1: SetAddress Request (6) to port 0
[  244.118639][ T1472] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd
[  244.141961][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  245.717377][   T40] audit: type=1326 audit(1769455787.098:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.731754][   T40] audit: type=1326 audit(1769455787.118:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.769396][   T40] audit: type=1326 audit(1769455787.158:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.779577][   T40] audit: type=1326 audit(1769455787.158:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.796520][   T40] audit: type=1326 audit(1769455787.158:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.804746][   T40] audit: type=1326 audit(1769455787.158:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.813860][   T40] audit: type=1326 audit(1769455787.158:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.822914][   T40] audit: type=1326 audit(1769455787.158:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.832801][   T40] audit: type=1326 audit(1769455787.158:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  245.840919][   T40] audit: type=1326 audit(1769455787.158:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8453 comm="syz.3.591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  246.326719][ T8412] vhci_hcd: connection reset by peer
[  246.328865][ T1142] vhci_hcd vhci_hcd.2: stop threads
[  246.330953][ T1142] vhci_hcd vhci_hcd.2: release socket
[  246.333297][ T1142] vhci_hcd vhci_hcd.2: disconnect device
[  249.176820][ T1472] usb 42-1: device descriptor read/8, error -110
[  249.567097][ T1472] usb usb42-port1: attempt power cycle
[  250.127617][ T1472] usb usb42-port1: unable to enumerate USB device
[  251.517122][ T1472] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  251.691749][ T1472] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  251.695446][ T1472] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 28530, setting to 64
[  251.704432][ T1472] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  251.717072][ T1472] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  251.722928][ T1472] usb 7-1: Manufacturer: syz
[  251.732389][ T1472] usb 7-1: config 0 descriptor??
[  251.796580][ T1472] rc_core: IR keymap rc-hauppauge not found
[  251.804700][ T1472] Registered IR keymap rc-empty
[  251.812439][ T1472] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[  251.818974][ T1472] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input18
[  252.190757][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  252.190770][   T40] audit: type=1326 audit(1769455793.578:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.201017][   T40] audit: type=1326 audit(1769455793.578:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.210691][   T40] audit: type=1326 audit(1769455793.588:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.221226][   T40] audit: type=1326 audit(1769455793.588:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.230171][   T40] audit: type=1326 audit(1769455793.588:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.240230][   T40] audit: type=1326 audit(1769455793.588:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.249395][   T40] audit: type=1326 audit(1769455793.588:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.258745][   T40] audit: type=1326 audit(1769455793.588:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.267652][   T40] audit: type=1326 audit(1769455793.598:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.277572][   T40] audit: type=1326 audit(1769455793.598:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.0.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  252.317534][ T1142] Bluetooth: hci4: Frame reassembly failed (-84)
[  254.129670][ T8536] bond3: Removing last ns target with arp_interval on
[  254.376661][   T64] Bluetooth: hci4: command 0x1003 tx timeout
[  254.377131][ T5961] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  254.419536][ T6017] usb 7-1: USB disconnect, device number 9
[  256.366498][ T6034] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  256.435286][ T8575] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  256.441768][ T8575] block device autoloading is deprecated and will be removed.
[  256.517732][ T6034] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  256.520677][ T6034] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 28530, setting to 64
[  256.525254][ T6034] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  256.534150][ T6034] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  256.537099][ T6034] usb 7-1: Manufacturer: syz
[  256.540574][ T6034] usb 7-1: config 0 descriptor??
[  256.597440][ T6034] rc_core: IR keymap rc-hauppauge not found
[  256.601140][ T6034] Registered IR keymap rc-empty
[  256.603644][ T6034] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[  256.611347][ T6034] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input19
[  256.633360][ T8587] overlayfs: failed to clone upperpath
[  256.689862][ T8590] 9p: Bad value for 'wfdno'
[  259.030566][ T8622] warning: `syz.0.640' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  259.035555][ T8623] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  259.037653][ T8623] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  259.042796][ T8623] vhci_hcd vhci_hcd.0: Device attached
[  259.133281][ T6034] usb 7-1: USB disconnect, device number 10
[  259.227277][ T8631] bond2: (slave dummy0): Releasing backup interface
[  259.235809][ T8631] dummy0: left allmulticast mode
[  259.248910][ T8631] bridge_slave_0: left allmulticast mode
[  259.261096][ T8631] bridge_slave_0: left promiscuous mode
[  259.263047][ T8631] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.275270][ T8631] bridge_slave_1: left allmulticast mode
[  259.286437][ T8631] bridge_slave_1: left promiscuous mode
[  259.288381][ T8631] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.303033][ T8631] bond0: (slave bond_slave_0): Releasing backup interface
[  259.306600][ T1472] usb 44-1: SetAddress Request (10) to port 0
[  259.309370][ T1472] usb 44-1: new SuperSpeed USB device number 10 using vhci_hcd
[  259.323638][ T8631] bond0: (slave bond_slave_1): Releasing backup interface
[  259.346964][ T8631] team0: Port device team_slave_0 removed
[  259.367900][ T8631] team0: Port device team_slave_1 removed
[  259.370194][ T8631] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.372568][ T8631] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.396250][ T8631] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.405296][ T8631] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.425804][ T8631] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  259.444866][ T8633] team0: Mode changed to "activebackup"
[  259.467149][ T1142] bond1: (slave vlan2): link status definitely down, disabling slave
[  259.472266][ T1142] bond1: now running without any active interface!
[  259.506003][ T8632] netlink: 220 bytes leftover after parsing attributes in process `syz.2.642'.
[  259.519161][ T8637] netlink: 'syz.1.644': attribute type 4 has an invalid length.
[  259.521659][ T8637] netlink: 17 bytes leftover after parsing attributes in process `syz.1.644'.
[  259.596763][ T8624] vhci_hcd: connection reset by peer
[  259.599606][ T1231] vhci_hcd vhci_hcd.3: stop threads
[  259.601089][ T1231] vhci_hcd vhci_hcd.3: release socket
[  259.602703][ T1231] vhci_hcd vhci_hcd.3: disconnect device
[  260.379499][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  260.434536][ T8665] fuse: Bad value for 'fd'
[  260.510948][ T8671] netlink: 24 bytes leftover after parsing attributes in process `syz.1.652'.
[  260.558520][ T8674] netlink: 'syz.1.653': attribute type 4 has an invalid length.
[  260.561061][ T8674] netlink: 17 bytes leftover after parsing attributes in process `syz.1.653'.
[  260.591056][ T8669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.649'.
[  261.556870][ T8690] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.585930][ T8690] netlink: 60 bytes leftover after parsing attributes in process `syz.1.657'.
[  261.604899][ T8689] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.753126][ T8696] netlink: 'syz.0.659': attribute type 10 has an invalid length.
[  261.761387][ T8696] team0: Port device  added
[  261.791787][ T8698] fuse: Bad value for 'fd'
[  261.984220][ T8703] FAULT_INJECTION: forcing a failure.
[  261.984220][ T8703] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.990537][ T8703] CPU: 3 UID: 0 PID: 8703 Comm: syz.0.663 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  261.990566][ T8703] Tainted: [L]=SOFTLOCKUP
[  261.990573][ T8703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  261.990583][ T8703] Call Trace:
[  261.990590][ T8703]  <TASK>
[  261.990597][ T8703]  dump_stack_lvl+0x100/0x190
[  261.990624][ T8703]  should_fail_ex.cold+0x5/0xa
[  261.990653][ T8703]  _copy_to_iter+0x1f3/0x1720
[  261.990681][ T8703]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[  261.990728][ T8703]  ? __pfx__copy_to_iter+0x10/0x10
[  261.990754][ T8703]  ? __pfx_woken_wake_function+0x10/0x10
[  261.990793][ T8703]  tty_read+0x242/0x550
[  261.990821][ T8703]  ? __pfx_tty_read+0x10/0x10
[  261.990845][ T8703]  ? common_file_perm+0x1ab/0x4f0
[  261.990873][ T8703]  ? bpf_lsm_file_permission+0x9/0x10
[  261.990895][ T8703]  ? security_file_permission+0x76/0x210
[  261.990923][ T8703]  ? rw_verify_area+0xce/0x6d0
[  261.990940][ T8703]  ? __pfx_tty_read+0x10/0x10
[  261.990964][ T8703]  vfs_read+0x825/0xb30
[  261.990987][ T8703]  ? __pfx_vfs_read+0x10/0x10
[  261.991003][ T8703]  ? find_held_lock+0x2b/0x80
[  261.991039][ T8703]  ksys_read+0x12a/0x250
[  261.991058][ T8703]  ? __pfx_ksys_read+0x10/0x10
[  261.991076][ T8703]  ? __pfx_ksys_write+0x10/0x10
[  261.991101][ T8703]  __do_fast_syscall_32+0xde/0x660
[  261.991128][ T8703]  do_fast_syscall_32+0x32/0x70
[  261.991147][ T8703]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  261.991171][ T8703] RIP: 0023:0xf7f57579
[  261.991185][ T8703] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  261.991202][ T8703] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[  261.991219][ T8703] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800005c0
[  261.991230][ T8703] RDX: 00000000000000e4 RSI: 0000000000000000 RDI: 0000000000000000
[  261.991241][ T8703] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  261.991250][ T8703] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  261.991261][ T8703] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  261.991287][ T8703]  </TASK>
[  262.097674][ T8709] No control pipe specified
[  262.468234][ T6034] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  262.619187][ T6034] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  262.622374][ T6034] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 28530, setting to 64
[  262.627090][ T6034] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  262.630382][ T6034] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  262.633593][ T6034] usb 5-1: Manufacturer: syz
[  262.646813][ T6034] usb 5-1: config 0 descriptor??
[  262.716964][ T6034] rc_core: IR keymap rc-hauppauge not found
[  262.720294][ T6034] Registered IR keymap rc-empty
[  262.732784][ T6034] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  262.745271][ T6034] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input20
[  262.940089][ T6034] usb 5-1: USB disconnect, device number 11
[  263.573849][ T8735] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  263.575939][ T8734] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  264.012266][ T8751] afs: Unknown parameter 'k'
[  264.064782][   T40] kauditd_printk_skb: 37 callbacks suppressed
[  264.064800][   T40] audit: type=1326 audit(1769455805.448:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.074454][   T40] audit: type=1326 audit(1769455805.448:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.087744][   T40] audit: type=1326 audit(1769455805.468:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.107047][   T40] audit: type=1326 audit(1769455805.468:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.115645][   T40] audit: type=1326 audit(1769455805.468:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.124032][   T40] audit: type=1326 audit(1769455805.468:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.132244][   T40] audit: type=1326 audit(1769455805.468:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.139587][   T40] audit: type=1326 audit(1769455805.468:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.150143][   T40] audit: type=1326 audit(1769455805.468:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.157792][   T40] audit: type=1326 audit(1769455805.468:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.1.677" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf742d579 code=0x7ffc0000
[  264.391839][ T1472] usb 44-1: device descriptor read/8, error -110
[  264.777309][ T1472] usb usb44-port1: attempt power cycle
[  265.357178][ T1472] usb usb44-port1: unable to enumerate USB device
[  265.438747][ T8777] /dev/sr0: Can't open blockdev
[  265.936282][ T8788] binder: 8786:8788 ioctl c0306201 80000540 returned -22
[  268.243515][ T8805] syz.2.692 (8805): drop_caches: 2
[  268.796597][ T1472] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  268.958751][ T1472] usb 5-1: Using ep0 maxpacket: 8
[  268.962986][ T1472] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  268.965644][ T1472] usb 5-1: config 0 has no interface number 0
[  268.968355][ T1472] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  268.971879][ T1472] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  268.975552][ T1472] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  268.979741][ T1472] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  268.984084][ T1472] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  268.987319][ T1472] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.995366][ T1472] usb 5-1: config 0 descriptor??
[  269.001103][ T1472] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  269.037564][ T8829] 9p: Bad value for 'rfdno'
[  269.320401][  T830] usb 5-1: USB disconnect, device number 12
[  269.320422][    C2] ldusb 5-1:0.55: usb_submit_urb failed (-19)
[  269.326092][    C2] dummy_hcd dummy_hcd.0: timer fired with no URBs pending?
[  269.331426][  T830] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  270.027063][ T8867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.706'.
[  270.214071][ T8871] overlay: Unknown parameter '/'
[  270.418062][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  270.418105][   T40] audit: type=1800 audit(1769455811.778:177): pid=8852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.705" name="/" dev="fuse" ino=4 res=0 errno=0
[  271.691957][ T8875] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  271.956536][   T34] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[  272.119964][   T34] usb 7-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  272.125520][   T34] usb 7-1: config 1 interface 0 has no altsetting 0
[  272.225701][ T8896] lo speed is unknown, defaulting to 1000
[  273.081116][   T34] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  273.084022][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.086680][   T34] usb 7-1: Product: ఄ
[  273.088040][   T34] usb 7-1: Manufacturer: Г
[  273.089532][   T34] usb 7-1: SerialNumber: Л
[  273.194401][   T40] audit: type=1326 audit(1769455814.578:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8889 comm="syz.3.718" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x0
[  273.239518][ T1472] IPVS: starting estimator thread 0...
[  273.288633][ T8907] netlink: 'syz.1.722': attribute type 11 has an invalid length.
[  273.297407][   T40] audit: type=1326 audit(2000000000.040:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.1.722" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  273.305056][   T40] audit: type=1326 audit(2000000000.040:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.1.722" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  273.326555][ T8904] IPVS: using max 43 ests per chain, 103200 per kthread
[  273.336263][ T8909] netlink: 'syz.1.723': attribute type 1 has an invalid length.
[  273.356463][   T40] audit: type=1326 audit(2000000000.040:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.1.722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf742d598 code=0x7ffc0000
[  273.364441][   T40] audit: type=1326 audit(2000000000.040:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.1.722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf742d598 code=0x7ffc0000
[  273.369703][ T8909] bond4: (slave gretap1): Enslaving as a backup interface with an up link
[  273.375045][   T40] audit: type=1326 audit(2000000000.040:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.1.722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf742d598 code=0x7ffc0000
[  273.383946][   T40] audit: type=1326 audit(2000000000.040:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.1.722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf742d598 code=0x7ffc0000
[  273.388361][ T8909] macvlan2: entered promiscuous mode
[  273.391146][   T40] audit: type=1326 audit(2000000000.050:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.1.722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf742d598 code=0x7ffc0000
[  273.392886][ T8909] macvlan2: entered allmulticast mode
[  273.399886][   T40] audit: type=1326 audit(2000000000.050:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8906 comm="syz.1.722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf742d598 code=0x7ffc0000
[  273.488038][ T8909] bond4: entered promiscuous mode
[  273.496617][ T8909] gretap1: entered promiscuous mode
[  273.499101][ T8909] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  273.512399][ T8909] bond4: left promiscuous mode
[  273.519223][ T8909] gretap1: left promiscuous mode
[  273.944550][ T8914] overlayfs: failed to clone upperpath
[  274.191242][   T34] usb 7-1: USB disconnect, device number 11
[  274.439041][ T8922] netlink: 8 bytes leftover after parsing attributes in process `syz.3.728'.
[  274.491461][ T8927] netlink: 'syz.2.727': attribute type 27 has an invalid length.
[  274.500153][ T8926] netlink: 'syz.2.727': attribute type 27 has an invalid length.
[  274.560779][ T8925] netlink: 20 bytes leftover after parsing attributes in process `syz.2.727'.
[  274.636206][ T8927] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.657112][ T8927] team0: left promiscuous mode
[  274.658750][ T8927] team_slave_0: left promiscuous mode
[  274.660668][ T8927] team_slave_1: left promiscuous mode
[  274.672054][ T8927] veth0_to_bond: left promiscuous mode
[  274.676997][ T8927] team0: left allmulticast mode
[  274.679285][ T8927] team_slave_0: left allmulticast mode
[  274.681550][ T8927] team_slave_1: left allmulticast mode
[  274.683950][ T8927] veth0_to_bond: left allmulticast mode
[  274.697902][ T8927] batman_adv: batadv0: Interface deactivated: dummy0
[  274.794234][ T8927] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  274.811353][ T8927] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.009048][ T8927] geneve2: left promiscuous mode
[  275.035910][ T8927] gtp1: left promiscuous mode
[  275.078000][ T8927] gtp1: left allmulticast mode
[  275.116312][  T102] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.136638][  T102] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.139648][  T102] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.142971][  T102] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.532047][ T8946] netlink: 'syz.2.732': attribute type 2 has an invalid length.
[  275.565349][ T8948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.734'.
[  275.624453][ T8950] netlink: 8 bytes leftover after parsing attributes in process `syz.3.735'.
[  275.853075][ T8959] lo speed is unknown, defaulting to 1000
[  276.141579][ T8966] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  276.143750][ T8966] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  276.154098][ T8966] vhci_hcd vhci_hcd.0: Device attached
[  276.156170][ T8970] netlink: 'syz.0.741': attribute type 1 has an invalid length.
[  276.162220][ T1180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  276.165906][ T1180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.208880][ T8975] fuse: Bad value for 'fd'
[  276.265783][ T8977] netlink: 4 bytes leftover after parsing attributes in process `syz.0.743'.
[  276.426650][  T830] usb 42-1: SetAddress Request (10) to port 0
[  276.429373][  T830] usb 42-1: new SuperSpeed USB device number 10 using vhci_hcd
[  276.620705][ T8985] netlink: 'syz.0.745': attribute type 2 has an invalid length.
[  276.668449][ T8987] comedi comedi2: comedi_config --init_data is deprecated
[  276.672309][ T8987] fuse: Unknown parameter '00000000000000000000'
[  276.699917][ T8972] vhci_hcd: connection reset by peer
[  276.702184][   T12] vhci_hcd vhci_hcd.2: stop threads
[  276.705286][   T12] vhci_hcd vhci_hcd.2: release socket
[  276.708844][   T12] vhci_hcd vhci_hcd.2: disconnect device
[  277.252561][ T8995] fuse: Bad value for 'fd'
[  277.349071][ T9001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.751'.
[  277.442137][ T9003] 9p: Bad value for 'rfdno'
[  278.444697][ T9019] netlink: 'syz.1.755': attribute type 2 has an invalid length.
[  278.777247][ T9022] fuse: Bad value for 'fd'
[  279.058083][ T9036] netlink: 40 bytes leftover after parsing attributes in process `syz.3.761'.
[  279.343312][ T9047] netlink: 'syz.0.766': attribute type 1 has an invalid length.
[  279.355085][ T9047] bond2: entered promiscuous mode
[  279.357566][ T9047] bond2: entered allmulticast mode
[  279.359335][ T9047] 8021q: adding VLAN 0 to HW filter on device bond2
[  279.378136][ T9047] erspan1: entered allmulticast mode
[  279.382004][ T9047] bond2: (slave erspan1): making interface the new active one
[  279.385285][ T9047] erspan1: entered promiscuous mode
[  279.390118][ T9047] bond2: (slave erspan1): Enslaving as an active interface with an up link
[  279.722757][ T9054] fuse: Bad value for 'fd'
[  280.177633][ T9058] netlink: 12 bytes leftover after parsing attributes in process `syz.3.770'.
[  280.214623][ T9062] netlink: 104 bytes leftover after parsing attributes in process `syz.0.768'.
[  280.218521][ T9061] netlink: 52 bytes leftover after parsing attributes in process `syz.2.769'.
[  280.221448][ T9061] netlink: 52 bytes leftover after parsing attributes in process `syz.2.769'.
[  280.224242][ T9061] netlink: 52 bytes leftover after parsing attributes in process `syz.2.769'.
[  280.357734][ T9073] overlayfs: missing 'workdir'
[  280.879576][ T9084] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  280.881743][ T9084] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  280.885542][ T9084] vhci_hcd vhci_hcd.0: Device attached
[  281.136454][ T9088] 9p: Bad value for 'wfdno'
[  281.324659][ T9085] vhci_hcd: connection closed
[  281.326043][   T12] vhci_hcd vhci_hcd.2: stop threads
[  281.329555][   T12] vhci_hcd vhci_hcd.2: release socket
[  281.331346][   T12] vhci_hcd vhci_hcd.2: disconnect device
[  281.413721][ T9099] fuse: Bad value for 'fd'
[  281.415354][ T9100] fuse: Bad value for 'fd'
[  281.496731][  T830] usb 42-1: device descriptor read/8, error -110
[  282.105083][  T830] usb usb42-port1: attempt power cycle
[  282.709289][  T830] usb usb42-port1: unable to enumerate USB device
[  283.173761][ T9139] fuse: Unknown parameter 'roo
mod0000400-0'
[  283.650892][ T9145] pimreg3: entered allmulticast mode
[  283.972566][ T9151] netlink: 'syz.0.799': attribute type 4 has an invalid length.
[  283.975145][ T9151] netlink: 17 bytes leftover after parsing attributes in process `syz.0.799'.
[  284.020289][ T9153] netlink: 'syz.0.800': attribute type 1 has an invalid length.
[  284.038058][ T9153] 8021q: adding VLAN 0 to HW filter on device bond3
[  284.055954][ T9153] bond3: (slave gretap1): making interface the new active one
[  284.060247][ T9153] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  284.232024][ T9160] netlink: 'syz.0.802': attribute type 2 has an invalid length.
[  284.235638][ T9160] netlink: 723 bytes leftover after parsing attributes in process `syz.0.802'.
[  284.242386][ T9160] netlink: 'syz.0.802': attribute type 3 has an invalid length.
[  284.246023][ T9160] netlink: 'syz.0.802': attribute type 3 has an invalid length.
[  284.566527][   T10] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  284.594052][ T9168] netlink: 20 bytes leftover after parsing attributes in process `syz.3.804'.
[  284.729108][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  284.733620][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  284.743043][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  284.753827][   T10] usb 7-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  284.759891][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.762669][   T10] usb 7-1: Product: syz
[  284.764569][ T9168] KVM: debugfs: duplicate directory 9168-11
[  284.767174][   T10] usb 7-1: Manufacturer: syz
[  284.768664][   T10] usb 7-1: SerialNumber: syz
[  284.771606][   T10] usb 7-1: config 0 descriptor??
[  284.983368][   T10] adutux 7-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  285.102778][ T9171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.805'.
[  285.280237][   T10] usb 7-1: USB disconnect, device number 12
[  285.317040][ T9158] bond2: entered promiscuous mode
[  285.318981][ T9158] 8021q: adding VLAN 0 to HW filter on device bond2
[  285.808494][ T9186] netlink: 4 bytes leftover after parsing attributes in process `syz.3.808'.
[  286.081340][ T9191] bond4: entered promiscuous mode
[  286.088188][ T9191] bridge0: port 3(syz_tun) entered blocking state
[  286.090781][ T9191] bridge0: port 3(syz_tun) entered disabled state
[  286.093066][ T9191] syz_tun: entered allmulticast mode
[  286.095869][ T9191] syz_tun: entered promiscuous mode
[  286.239689][ T9191] netlink: 'syz.0.809': attribute type 10 has an invalid length.
[  286.242841][ T9191] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.245501][ T9191] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.250841][ T9191] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.253244][ T9191] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.256132][ T9191] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.258530][ T9191] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.262632][ T9191] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  286.267862][ T9191] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  286.847766][ T9200] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  286.851759][ T9200] overlayfs: missing 'lowerdir'
[  287.235613][ T9209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.815'.
[  287.825215][ T9219] netlink: 'syz.0.817': attribute type 4 has an invalid length.
[  287.827747][ T9219] netlink: 17 bytes leftover after parsing attributes in process `syz.0.817'.
[  287.996074][ T9226] futex_wake_op: syz.0.820 tries to shift op by -1; fix this program
[  288.157142][ T9235] overlayfs: failed to clone upperpath
[  289.432214][ T9245] Cannot find add_set index 2 as target
[  289.953174][ T9251] netlink: 'syz.1.826': attribute type 4 has an invalid length.
[  289.957187][ T9251] netlink: 17 bytes leftover after parsing attributes in process `syz.1.826'.
[  290.077097][ T9263] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  290.200894][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  290.200910][   T40] audit: type=1326 audit(2000000016.950:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.230560][   T40] audit: type=1326 audit(2000000016.960:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.248832][   T40] audit: type=1326 audit(2000000016.960:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.262035][   T40] audit: type=1326 audit(2000000016.960:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.276647][   T40] audit: type=1326 audit(2000000016.960:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.294043][   T40] audit: type=1326 audit(2000000016.970:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.304219][   T40] audit: type=1326 audit(2000000016.970:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.318147][   T40] audit: type=1326 audit(2000000016.970:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.333358][   T40] audit: type=1326 audit(2000000016.970:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.341524][   T40] audit: type=1326 audit(2000000016.970:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.829" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf742d579 code=0x7ffc0000
[  290.706534][ T6922] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  290.857955][ T6922] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  290.861556][ T6922] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  290.864449][ T6922] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[  290.868114][ T6922] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  290.871621][ T6922] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.880315][ T9275] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  290.895658][ T6922] hub 7-1:1.0: bad descriptor, ignoring hub
[  290.904407][ T6922] hub 7-1:1.0: probe with driver hub failed with error -5
[  290.916894][ T6922] cdc_wdm 7-1:1.0: skipping garbage
[  290.919520][ T6922] cdc_wdm 7-1:1.0: skipping garbage
[  290.935008][ T6922] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  290.942024][ T6922] cdc_wdm 7-1:1.0: Unknown control protocol
[  291.302577][ T9288] netlink: 5 bytes leftover after parsing attributes in process `syz.1.834'.
[  291.305488][ T9288] netlink: 5 bytes leftover after parsing attributes in process `syz.1.834'.
[  291.308401][ T9288] netlink: 24 bytes leftover after parsing attributes in process `syz.1.834'.
[  291.509356][ T9274] usb 7-1: reset full-speed USB device number 13 using dummy_hcd
[  291.669846][ T9275] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  291.675497][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  291.677799][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  291.680449][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  291.890356][ T9274] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  291.892507][ T9274] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  291.895177][ T9274] vhci_hcd vhci_hcd.0: Device attached
[  291.897660][ T9299] vhci_hcd: connection closed
[  291.908181][ T1142] vhci_hcd vhci_hcd.2: stop threads
[  291.911782][ T1142] vhci_hcd vhci_hcd.2: release socket
[  291.913777][ T1142] vhci_hcd vhci_hcd.2: disconnect device
[  292.092158][  T843] usb 7-1: USB disconnect, device number 13
[  293.784094][ T9319] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  293.964544][ T9327] usb usb8: usbfs: process 9327 (syz.3.844) did not claim interface 0 before use
[  294.151787][ T9330] netlink: 'syz.3.845': attribute type 4 has an invalid length.
[  294.155457][ T9330] netlink: 17 bytes leftover after parsing attributes in process `syz.3.845'.
[  294.240123][ T9335] netlink: 'syz.1.847': attribute type 23 has an invalid length.
[  294.243264][ T9335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.847'.
[  294.819090][ T5961] Bluetooth: hci1: Invalid connection link type handle 0x00c9
[  296.128046][   T40] kauditd_printk_skb: 42 callbacks suppressed
[  296.128062][   T40] audit: type=1326 audit(2000000022.880:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.184571][   T40] audit: type=1326 audit(2000000022.880:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.199429][   T40] audit: type=1326 audit(2000000022.930:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.206752][   T40] audit: type=1326 audit(2000000022.930:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.216943][   T40] audit: type=1326 audit(2000000022.930:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.236604][   T40] audit: type=1326 audit(2000000022.930:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.243343][   T40] audit: type=1326 audit(2000000022.930:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.250260][   T40] audit: type=1326 audit(2000000022.940:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.256901][   T40] audit: type=1326 audit(2000000022.940:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.263508][   T40] audit: type=1326 audit(2000000022.950:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.0.854" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  296.605259][ T9365] netlink: 'syz.0.856': attribute type 4 has an invalid length.
[  296.607780][ T9365] netlink: 17 bytes leftover after parsing attributes in process `syz.0.856'.
[  296.903337][ T9371] netlink: 4 bytes leftover after parsing attributes in process `syz.3.858'.
[  296.907190][ T9371] netlink: 'syz.3.858': attribute type 10 has an invalid length.
[  296.923900][ T9371] tap0: tun_chr_ioctl cmd 1074025676
[  296.926135][ T9371] tap0: owner set to 0
[  297.131009][ T9382] usb usb8: usbfs: process 9382 (syz.3.862) did not claim interface 0 before use
[  297.451356][ T9392] comedi comedi0: Minor 47 could not be opened
[  302.063136][ T9439] tipc: Started in network mode
[  302.064874][ T9439] tipc: Node identity aaaaaaaaaa17, cluster identity 4711
[  302.068541][ T9439] tipc: Enabled bearer <eth:bond_slave_1>, priority 10
[  302.539178][ T9452] netlink: 'syz.0.882': attribute type 5 has an invalid length.
[  303.196503][ T6017] tipc: Node number set to 12429994
[  303.874716][ T9471] comedi comedi0: Minor 47 could not be opened
[  305.526078][ T9479] netlink: 76 bytes leftover after parsing attributes in process `syz.1.891'.
[  305.660293][ T9482] capability: warning: `syz.0.892' uses 32-bit capabilities (legacy support in use)
[  305.709559][ T9479] 9p: Bad value for 'rfdno'
[  305.924604][ T9494] mmap: syz.3.896 (9494) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  306.021764][ T9498] fuse: Bad value for 'group_id'
[  306.023834][ T9498] fuse: Bad value for 'group_id'
[  306.065087][ T9500] lo speed is unknown, defaulting to 1000
[  306.481373][ T9509] x_tables: duplicate underflow at hook 3
[  306.981886][ T9504] fuse: Unknown parameter '0xffffffffffffffff'
[  307.629038][ T9514] syz_tun: entered allmulticast mode
[  308.108232][   T40] kauditd_printk_skb: 220 callbacks suppressed
[  308.108243][   T40] audit: type=1326 audit(2000000034.860:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.904" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f57579 code=0x0
[  308.328650][ T9525] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  308.330824][ T9525] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  308.333230][ T9525] vhci_hcd vhci_hcd.0: Device attached
[  308.433122][ T9531] fuse: Bad value for 'group_id'
[  308.437153][ T9531] fuse: Bad value for 'group_id'
[  308.502651][ T9526] vhci_hcd: connection closed
[  308.502967][   T12] vhci_hcd vhci_hcd.2: stop threads
[  308.508586][   T12] vhci_hcd vhci_hcd.2: release socket
[  308.516612][   T12] vhci_hcd vhci_hcd.2: disconnect device
[  308.526496][   T59] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  310.871849][   T40] audit: type=1326 audit(2000000037.620:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  310.880934][   T40] audit: type=1326 audit(2000000037.620:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  310.888340][   T40] audit: type=1326 audit(2000000037.620:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  310.895109][   T40] audit: type=1326 audit(2000000037.620:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  310.902076][   T40] audit: type=1326 audit(2000000037.620:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  310.909240][   T40] audit: type=1326 audit(2000000037.620:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  310.915976][   T40] audit: type=1326 audit(2000000037.620:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  310.939649][ T9558] fuse: Bad value for 'group_id'
[  310.941740][ T9558] fuse: Bad value for 'group_id'
[  311.116531][   T40] audit: type=1326 audit(2000000037.620:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  311.126544][   T40] audit: type=1326 audit(2000000037.620:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9555 comm="syz.0.917" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  312.196536][   T24] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  312.409236][   T24] usb 7-1: Using ep0 maxpacket: 16
[  312.556597][ T9581] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  312.558946][ T9581] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  312.927645][   T24] usb 7-1: device descriptor read/all, error -71
[  313.126601][ T9581] vhci_hcd vhci_hcd.0: Device attached
[  313.286795][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  313.286807][   T40] audit: type=1326 audit(2000000040.030:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.306058][   T40] audit: type=1326 audit(2000000040.030:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.317256][ T1180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.319973][ T1180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.322148][   T40] audit: type=1326 audit(2000000040.030:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.337107][   T40] audit: type=1326 audit(2000000040.030:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.343965][   T40] audit: type=1326 audit(2000000040.030:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.354877][   T40] audit: type=1326 audit(2000000040.030:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.365907][   T40] audit: type=1326 audit(2000000040.030:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.375296][   T40] audit: type=1326 audit(2000000040.030:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.385526][   T40] audit: type=1326 audit(2000000040.030:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.395782][   T40] audit: type=1326 audit(2000000040.030:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.0.927" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f57579 code=0x7ffc0000
[  313.407422][ T6017] usb 44-1: SetAddress Request (14) to port 0
[  313.409488][ T6017] usb 44-1: new SuperSpeed USB device number 14 using vhci_hcd
[  313.504805][ T9582] vhci_hcd: connection reset by peer
[  313.507652][  T102] vhci_hcd vhci_hcd.3: stop threads
[  313.509373][  T102] vhci_hcd vhci_hcd.3: release socket
[  313.511185][  T102] vhci_hcd vhci_hcd.3: disconnect device
[  315.215888][ T9617] netlink: 'syz.2.932': attribute type 2 has an invalid length.
[  315.563792][ T9623] overlayfs: failed to clone upperpath
[  316.503110][ T8934] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  316.974785][ T9682] netlink: 4 bytes leftover after parsing attributes in process `syz.3.953'.
[  318.456767][ T6017] usb 44-1: device descriptor read/8, error -110
[  318.847069][ T6017] usb usb44-port1: attempt power cycle
[  319.408395][ T6017] usb usb44-port1: unable to enumerate USB device
[  321.820222][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  323.305845][ T9712] overlayfs: failed to clone upperpath
[  324.204093][ T9730] netlink: 8 bytes leftover after parsing attributes in process `syz.1.965'.
[  325.280401][ T9762] ubi31: attaching mtd0
[  325.285928][ T9762] ubi31: scanning is finished
[  325.288435][ T9762] ubi31: empty MTD device detected
[  325.369847][ T9764] xt_policy: too many policy elements
[  325.386793][ T9762] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  325.390041][ T9762] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  325.393187][ T9762] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  325.396219][ T9762] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  325.399680][ T9762] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  325.403577][ T9762] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  325.408047][ T9762] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3118038729
[  325.412052][ T9762] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  325.417730][ T9770] ubi31: background thread "ubi_bgt31d" started, PID 9770
[  325.683236][ T9797] netlink: 'syz.3.978': attribute type 4 has an invalid length.
[  325.685845][ T9797] netlink: 17 bytes leftover after parsing attributes in process `syz.3.978'.
[  326.653088][ T9810] bridge_slave_0: left allmulticast mode
[  326.655607][ T9810] bridge_slave_0: left promiscuous mode
[  326.658789][ T9810] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.664301][ T9810] bridge_slave_1: left allmulticast mode
[  326.672369][ T9810] bridge_slave_1: left promiscuous mode
[  326.675766][ T9810] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.683791][ T9810] bond0: (slave bond_slave_0): Releasing backup interface
[  326.689843][ T9810] bond0: (slave bond_slave_1): Releasing backup interface
[  326.696473][ T9810] team0: Port device team_slave_0 removed
[  326.701101][ T9810] team0: Port device team_slave_1 removed
[  326.704031][ T9810] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.709952][ T9810] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.714008][ T9810] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  327.012824][ T9821] netlink: 8 bytes leftover after parsing attributes in process `syz.0.985'.
[  327.016893][ T9821] netlink: 8 bytes leftover after parsing attributes in process `syz.0.985'.
[  327.037816][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  327.256493][ T5961] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  328.034697][ T9851] siw: device registration error -23
[  328.711159][ T9854] overlayfs: missing 'lowerdir'
[  334.834862][ T9875] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  334.903879][ T9873] netlink: 'syz.0.993': attribute type 4 has an invalid length.
[  334.907023][ T9873] netlink: 17 bytes leftover after parsing attributes in process `syz.0.993'.
[  335.105991][ T9888] bond_slave_0: entered promiscuous mode
[  335.108316][ T9888] bond_slave_1: entered promiscuous mode
[  335.110144][ T9888] bridge0: entered promiscuous mode
[  335.113123][ T9888] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  335.122858][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  335.123119][ T9888] bond4: (slave macvlan2): making interface the new active one
[  335.133053][ T9888] macvlan2: entered promiscuous mode
[  335.134896][ T9888] bond0: entered promiscuous mode
[  335.144070][ T9888] bond4: (slave macvlan2): Enslaving as an active interface with an up link
[  335.617835][ T9902] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  335.619790][ T9902] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  335.622300][ T9902] vhci_hcd vhci_hcd.0: Device attached
[  335.688553][ T9906] veth0_macvtap: left promiscuous mode
[  335.756056][ T9915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1001'.
[  335.757524][ T9912] lo speed is unknown, defaulting to 1000
[  335.762654][ T9915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1001'.
[  335.834593][ T9903] vhci_hcd: connection closed
[  335.834794][   T62] vhci_hcd vhci_hcd.2: stop threads
[  335.839189][   T62] vhci_hcd vhci_hcd.2: release socket
[  335.841685][   T62] vhci_hcd vhci_hcd.2: disconnect device
[  336.262572][ T9933] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1008'.
[  336.266524][ T9933] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1008'.
[  336.269445][ T9933] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1008'.
[  336.439375][ T9945] atomic_op ffff88804cc31198 conn xmit_atomic 0000000000000000
[  336.963829][ T9958] trusted_key: encrypted_key: insufficient parameters specified
[  337.277096][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  338.949369][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  338.949385][   T40] audit: type=1326 audit(2000000065.699:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  338.962185][   T40] audit: type=1326 audit(2000000065.699:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  338.972965][   T40] audit: type=1326 audit(2000000065.699:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  338.982843][   T40] audit: type=1326 audit(2000000065.699:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  338.991683][   T40] audit: type=1326 audit(2000000065.699:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  339.001798][   T40] audit: type=1326 audit(2000000065.699:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  339.002986][T10010] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1028'.
[  339.011757][   T40] audit: type=1326 audit(2000000065.699:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  339.024637][   T40] audit: type=1326 audit(2000000065.699:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  339.034277][   T40] audit: type=1326 audit(2000000065.699:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  339.043859][   T40] audit: type=1326 audit(2000000065.699:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.2.1027" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  345.344716][T10029] syzkaller0: entered promiscuous mode
[  345.346604][T10029] syzkaller0: entered allmulticast mode
[  345.519615][T10033] 
[  345.520478][T10033] ======================================================
[  345.522701][T10033] WARNING: possible circular locking dependency detected
[  345.524906][T10033] syzkaller #0 Tainted: G             L     
[  345.527155][T10033] ------------------------------------------------------
[  345.529662][T10033] syz.3.1032/10033 is trying to acquire lock:
[  345.532130][T10033] ffffffff8e767628 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xed8/0x1b70
[  345.535258][T10033] 
[  345.535258][T10033] but task is already holding lock:
[  345.537563][T10033] ffff888040ff5628 (&q->q_usage_counter(io)#52){++++}-{0:0}, at: blk_mq_update_nr_hw_queues+0x88e/0x1190
[  345.541083][T10033] 
[  345.541083][T10033] which lock already depends on the new lock.
[  345.541083][T10033] 
[  345.544337][T10033] 
[  345.544337][T10033] the existing dependency chain (in reverse order) is:
[  345.547188][T10033] 
[  345.547188][T10033] -> #2 (&q->q_usage_counter(io)#52){++++}-{0:0}:
[  345.549962][T10033]        blk_alloc_queue+0x610/0x750
[  345.551637][T10033]        blk_mq_alloc_queue+0x174/0x290
[  345.553387][T10033]        __blk_mq_alloc_disk+0x29/0x120
[  345.555137][T10033]        nbd_dev_add+0x492/0xb10
[  345.556709][T10033]        nbd_init+0x291/0x2b0
[  345.558267][T10033]        do_one_initcall+0x11d/0x690
[  345.559944][T10033]        kernel_init_freeable+0x6e5/0x790
[  345.561742][T10033]        kernel_init+0x1f/0x1e0
[  345.563357][T10033]        ret_from_fork+0x754/0xaf0
[  345.564991][T10033]        ret_from_fork_asm+0x1a/0x30
[  345.566690][T10033] 
[  345.566690][T10033] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  345.568963][T10033]        fs_reclaim_acquire+0xc4/0x100
[  345.570703][T10033]        prepare_alloc_pages+0x166/0x5f0
[  345.572485][T10033]        __alloc_frozen_pages_noprof+0x193/0x2410
[  345.574518][T10033]        __alloc_pages_noprof+0xb/0x1b0
[  345.576355][T10033]        pcpu_populate_chunk+0x118/0x990
[  345.578321][T10033]        pcpu_alloc_noprof+0x731/0x1b70
[  345.580122][T10033]        iommu_dma_init_fq+0x1da/0x7e0
[  345.581851][T10033]        iommu_setup_dma_ops+0x1258/0x1630
[  345.583714][T10033]        bus_iommu_probe+0x23e/0x530
[  345.585393][T10033]        iommu_device_register+0x1af/0x280
[  345.587244][T10033]        intel_iommu_init+0x2020/0x2970
[  345.589008][T10033]        pci_iommu_init+0x3c/0x80
[  345.590636][T10033]        do_one_initcall+0x11d/0x690
[  345.592321][T10033]        kernel_init_freeable+0x6e5/0x790
[  345.594131][T10033]        kernel_init+0x1f/0x1e0
[  345.595704][T10033]        ret_from_fork+0x754/0xaf0
[  345.597325][T10033]        ret_from_fork_asm+0x1a/0x30
[  345.598906][T10033] 
[  345.598906][T10033] -> #0 (pcpu_alloc_mutex){+.+.}-{4:4}:
[  345.601026][T10033]        __lock_acquire+0x14b8/0x2630
[  345.602719][T10033]        lock_acquire+0x17c/0x330
[  345.604315][T10033]        __mutex_lock+0x1a2/0x1b90
[  345.605928][T10033]        pcpu_alloc_noprof+0xed8/0x1b70
[  345.607735][T10033]        sbitmap_init_node+0x2ff/0x720
[  345.609467][T10033]        sbitmap_queue_init_node+0x40/0x4a0
[  345.611385][T10033]        blk_mq_init_tags+0x184/0x300
[  345.613084][T10033]        blk_mq_alloc_map_and_rqs+0x218/0xeb0
[  345.615015][T10033]        __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[  345.616980][T10033]        blk_mq_update_nr_hw_queues+0xaba/0x1190
[  345.619003][T10033]        nbd_start_device+0x1a6/0xbd0
[  345.620692][T10033]        nbd_ioctl+0x4a6/0xd30
[  345.622216][T10033]        compat_blkdev_ioctl+0x682/0x7b0
[  345.623984][T10033]        __ia32_compat_sys_ioctl+0x2cf/0x360
[  345.625877][T10033]        __do_fast_syscall_32+0xde/0x660
[  345.627513][T10033]        do_fast_syscall_32+0x32/0x70
[  345.629046][T10033]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  345.631201][T10033] 
[  345.631201][T10033] other info that might help us debug this:
[  345.631201][T10033] 
[  345.634380][T10033] Chain exists of:
[  345.634380][T10033]   pcpu_alloc_mutex --> fs_reclaim --> &q->q_usage_counter(io)#52
[  345.634380][T10033] 
[  345.638642][T10033]  Possible unsafe locking scenario:
[  345.638642][T10033] 
[  345.640964][T10033]        CPU0                    CPU1
[  345.642667][T10033]        ----                    ----
[  345.644345][T10033]   lock(&q->q_usage_counter(io)#52);
[  345.646037][T10033]                                lock(fs_reclaim);
[  345.648065][T10033]                                lock(&q->q_usage_counter(io)#52);
[  345.650550][T10033]   lock(pcpu_alloc_mutex);
[  345.651989][T10033] 
[  345.651989][T10033]  *** DEADLOCK ***
[  345.651989][T10033] 
[  345.654572][T10033] 4 locks held by syz.3.1032/10033:
[  345.656212][T10033]  #0: ffff8880263359d0 (&set->update_nr_hwq_lock){++++}-{4:4}, at: blk_mq_update_nr_hw_queues+0x91/0x1190
[  345.659795][T10033]  #1: ffff8880263358d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0xa4/0x1190
[  345.663219][T10033]  #2: ffff888040ff5628 (&q->q_usage_counter(io)#52){++++}-{0:0}, at: blk_mq_update_nr_hw_queues+0x88e/0x1190
[  345.666856][T10033]  #3: ffff888040ff5660 (&q->q_usage_counter(queue)#36){+.+.}-{0:0}, at: blk_mq_update_nr_hw_queues+0x88e/0x1190
[  345.670608][T10033] 
[  345.670608][T10033] stack backtrace:
[  345.672500][T10033] CPU: 0 UID: 0 PID: 10033 Comm: syz.3.1032 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  345.672517][T10033] Tainted: [L]=SOFTLOCKUP
[  345.672520][T10033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  345.672527][T10033] Call Trace:
[  345.672532][T10033]  <TASK>
[  345.672537][T10033]  dump_stack_lvl+0x100/0x190
[  345.672551][T10033]  print_circular_bug.cold+0x178/0x1c7
[  345.672569][T10033]  check_noncircular+0x146/0x160
[  345.672585][T10033]  __lock_acquire+0x14b8/0x2630
[  345.672600][T10033]  ? kernel_text_address+0x8d/0x100
[  345.672618][T10033]  lock_acquire+0x17c/0x330
[  345.672632][T10033]  ? pcpu_alloc_noprof+0xed8/0x1b70
[  345.672645][T10033]  ? __pfx___might_resched+0x10/0x10
[  345.672663][T10033]  __mutex_lock+0x1a2/0x1b90
[  345.672677][T10033]  ? pcpu_alloc_noprof+0xed8/0x1b70
[  345.672689][T10033]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  345.672701][T10033]  ? pcpu_alloc_noprof+0xed8/0x1b70
[  345.672714][T10033]  ? __pfx___mutex_lock+0x10/0x10
[  345.672727][T10033]  ? kasan_save_stack+0x30/0x50
[  345.672740][T10033]  ? kasan_save_track+0x14/0x30
[  345.672752][T10033]  ? __kasan_kmalloc+0xaa/0xb0
[  345.672764][T10033]  ? blk_mq_init_tags+0x8c/0x300
[  345.672779][T10033]  ? blk_mq_alloc_map_and_rqs+0x218/0xeb0
[  345.672792][T10033]  ? __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[  345.672806][T10033]  ? blk_mq_update_nr_hw_queues+0xaba/0x1190
[  345.672820][T10033]  ? compat_blkdev_ioctl+0x682/0x7b0
[  345.672832][T10033]  ? __ia32_compat_sys_ioctl+0x2cf/0x360
[  345.672852][T10033]  ? pcpu_alloc_noprof+0xed8/0x1b70
[  345.672864][T10033]  pcpu_alloc_noprof+0xed8/0x1b70
[  345.672879][T10033]  sbitmap_init_node+0x2ff/0x720
[  345.672892][T10033]  sbitmap_queue_init_node+0x40/0x4a0
[  345.672905][T10033]  blk_mq_init_tags+0x184/0x300
[  345.672921][T10033]  blk_mq_alloc_map_and_rqs+0x218/0xeb0
[  345.672936][T10033]  ? kfree+0x1c7/0x690
[  345.672946][T10033]  __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[  345.672961][T10033]  blk_mq_update_nr_hw_queues+0xaba/0x1190
[  345.672977][T10033]  ? __mutex_unlock_slowpath+0x15c/0x790
[  345.672991][T10033]  ? __pfx_blk_mq_update_nr_hw_queues+0x10/0x10
[  345.673007][T10033]  ? blkdev_common_ioctl+0x515/0x2ba0
[  345.673021][T10033]  nbd_start_device+0x1a6/0xbd0
[  345.673037][T10033]  nbd_ioctl+0x4a6/0xd30
[  345.673050][T10033]  ? __pfx_nbd_ioctl+0x10/0x10
[  345.673065][T10033]  ? find_held_lock+0x2b/0x80
[  345.673075][T10033]  ? __pfx_nbd_ioctl+0x10/0x10
[  345.673087][T10033]  compat_blkdev_ioctl+0x682/0x7b0
[  345.673101][T10033]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  345.673114][T10033]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  345.673127][T10033]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  345.673146][T10033]  __do_fast_syscall_32+0xde/0x660
[  345.673160][T10033]  do_fast_syscall_32+0x32/0x70
[  345.673173][T10033]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  345.673187][T10033] RIP: 0023:0xf7fc1579
[  345.673200][T10033] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  345.673210][T10033] RSP: 002b:00000000f546550c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  345.673221][T10033] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ab03
[  345.673227][T10033] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  345.673233][T10033] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  345.673240][T10033] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  345.673246][T10033] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  345.673256][T10033]  </TASK>
[  345.881266][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  345.881281][   T40] audit: type=1326 audit(2000000072.629:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10049 comm="syz.1.1036" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  345.898135][ T5961] block nbd3: Receive control failed (result -32)
[  345.899948][   T40] audit: type=1326 audit(2000000072.629:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10049 comm="syz.1.1036" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000
[  345.900329][ T5961] block nbd3: Receive control failed (result -32)
[  345.946717][T10033] block nbd3: shutting down sockets