last executing test programs:

1m48.756249838s ago: executing program 1 (id=3859):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYRESDEC], 0xb4}, 0x1, 0x0, 0x0, 0x4000844}, 0x80)
r2 = fsopen(&(0x7f0000000300)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x4)
r4 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcf\xcb\x92\xf1\x83\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='source', &(0x7f0000000400)='//\xf2/\x06\b\xa30\\\x00\x00\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas\x9d\x14\xe3\v\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7Gl\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\n\x8c<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/\xd15)\xeatn\xa3\x88\x13i\xb6\x7ft\x95\xd7\x01o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x94\x00\x00\x00\x00\x00\x00\x00g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xef\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xba\xec\x99@\xd2\t\n\xb1o', 0x0)
fchdir(r3)
openat2$dir(0xffffff9c, 0x0, 0x0, 0x38ef4533a12e79a7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b80)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x2a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000a28000/0x3000)=nil, 0x3000, 0xb635773f06ebbeef, 0x10, r0, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f00000003c0), 0x0, 0x20008050)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000001b40)=[{{&(0x7f00000005c0)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000640)=""/229, 0xe5}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000000740)=""/128, 0x80}, {&(0x7f0000001900)=""/235, 0xeb}, {&(0x7f00000007c0)=""/125, 0x7d}, {&(0x7f0000000280)=""/62, 0x3e}, {&(0x7f0000001a00)=""/203, 0xcb}], 0x7, &(0x7f0000001b00)=""/10, 0xa}, 0x6db4}], 0x1, 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
landlock_restrict_self(0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
unshare(0x2000600)

1m47.941551453s ago: executing program 1 (id=3866):
r0 = syz_open_dev$sndpcmp(&(0x7f0000003b40), 0xa8c, 0x2080)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x8)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x0)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x25}}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x2, &(0x7f0000000640)=[@ip_retopts={{0xc}}, @ip_retopts={{0x38, 0x0, 0x7, {[@timestamp_addr={0x44, 0x2c, 0x5e, 0x1, 0x2, [{@remote, 0x10e}, {@loopback, 0x1}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x56e}, {@private=0xa010101}, {@empty, 0x8}]}]}}}], 0x44}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x2c, r5, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$VIDIOC_G_PARM(r1, 0xc0cc5615, &(0x7f00000003c0)={0xa, @output={0x0, 0x0, {0x2, 0x2782}, 0x7, 0x4}})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="e4000000", @ANYRESHEX, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r6, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x800)
socket$qrtr(0x2a, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r10, @ANYBLOB="086d000000ea520000ee67de005c97424911909af0d681f73edfcb15e57ced8d673fced1ff28276fd6c33978437e1d87ee1eb2b57cf8f57faca730edc86589836d0603a30bdf67f49fa8a29a6550fa221477968177be"], 0x24}}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$CEC_DQEVENT(r1, 0xc0506107, &(0x7f00000004c0)={0x0, 0x0, 0x0, @lost_msgs})
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r13=>0x0})
r14 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_INTERFACE(r14, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x1c, r12, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r13}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004080)
close_range(r0, 0xffffffffffffffff, 0x0)
r15 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r15, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xa000000}]}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004000}, 0x200440c0)
ftruncate(r15, 0x72)

1m47.69610611s ago: executing program 1 (id=3870):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x800000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)={0x7, [0x8, 0x3, 0x4, 0xce, 0x5, 0x57a, 0xd747]})
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000001000/0x3000)=nil, r4, 0x2, 0x13, r3, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m47.456467118s ago: executing program 1 (id=3872):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x2f, 0x1, 0x0, "1c13ebdaf2f20d55806b26b1d750185ed75a206da058e85b2197edb1439b1cc2"})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x41)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$bind(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa06006, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000001c0))
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

1m47.284967524s ago: executing program 1 (id=3873):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) (async)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) (async)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=@updpolicy={0x204, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x7, 0x0, 0x2, 0x0, 0x2}, {0xfffffffffffffffe, 0xffffffffffffffff}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x4000}]}, @algo_auth_trunc={0x109, 0x14, {{'blake2s-160\x00'}, 0x5e8, 0xc0, "642cfbe7f86655c25e849215e9f8863ec2092638cf3eee23ecc8ff38d35e996804cd9debde7bf0fa42db9cf0837c849b0cafac85f6a261593e5ae55c174c59b342f719630f1a1a6ccf29674f8faeb28941f82bf12518d8f1be3ef12ac160e4f5f22a36b27278ea78fe0060447205b55741e86afdc67b7c2eb4513ea8f84c09852658b810d3970051c42358ac2a98a4456a65e6d2e44e23bacc250a1693ee00194ae82ced775d8a44f0bdd7ede94f6fcd090d830c246b7f3b14ddb0a277"}}]}, 0x204}}, 0x0) (async)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=@updpolicy={0x204, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x7, 0x0, 0x2, 0x0, 0x2}, {0xfffffffffffffffe, 0xffffffffffffffff}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x4000}]}, @algo_auth_trunc={0x109, 0x14, {{'blake2s-160\x00'}, 0x5e8, 0xc0, "642cfbe7f86655c25e849215e9f8863ec2092638cf3eee23ecc8ff38d35e996804cd9debde7bf0fa42db9cf0837c849b0cafac85f6a261593e5ae55c174c59b342f719630f1a1a6ccf29674f8faeb28941f82bf12518d8f1be3ef12ac160e4f5f22a36b27278ea78fe0060447205b55741e86afdc67b7c2eb4513ea8f84c09852658b810d3970051c42358ac2a98a4456a65e6d2e44e23bacc250a1693ee00194ae82ced775d8a44f0bdd7ede94f6fcd090d830c246b7f3b14ddb0a277"}}]}, 0x204}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0) (async)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) (async)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000000c0)={0x6, 0x1, 0xfc, 0x0, @vifc_lcl_addr=@local, @multicast1}, 0x10)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r6, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$igmp(0x2, 0x3, 0x2) (async)
socket$igmp(0x2, 0x3, 0x2)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'dummy0\x00'})
socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f00000000c0)={0x1d, r8}, 0x18)
connect$can_j1939(r7, &(0x7f0000000140)={0x1d, r8}, 0x18)
socket$nl_route(0x10, 0x3, 0x0) (async)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000380)={'vcan0\x00'})
socket$can_j1939(0x1d, 0x2, 0x7) (async)
socket$can_j1939(0x1d, 0x2, 0x7)

1m44.366363062s ago: executing program 1 (id=3891):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
bind$ax25(r0, &(0x7f0000000000)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @bcast]}, 0x48)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRESHEX=r0, @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES8=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES64=r0, @ANYRES8=r0], 0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'dummy0\x00'})
r2 = fsopen(&(0x7f0000000100)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, 0x0, 0x0, 0xffffffffffffff9c)
r3 = socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r3, 0x10e, 0x8, &(0x7f0000000000)=0x3, 0x4)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x24000840, 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e20, 0xfff, @remote, 0x3}, 0xfffffffffffffe1a)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000200)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
chdir(0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f00000005c0), 0x10)
recvmmsg(r6, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x4251}, {{0x0, 0x0, &(0x7f0000007040)=[{&(0x7f0000006040)=""/4086, 0x1000}], 0x1}, 0x8000}], 0x3fffffffffffdfc, 0x10002, 0x0)
sendmsg$can_bcm(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)

1m44.307996667s ago: executing program 32 (id=3891):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
bind$ax25(r0, &(0x7f0000000000)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @bcast]}, 0x48)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRESHEX=r0, @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES8=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES64=r0, @ANYRES8=r0], 0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'dummy0\x00'})
r2 = fsopen(&(0x7f0000000100)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, 0x0, 0x0, 0xffffffffffffff9c)
r3 = socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r3, 0x10e, 0x8, &(0x7f0000000000)=0x3, 0x4)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x24000840, 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e20, 0xfff, @remote, 0x3}, 0xfffffffffffffe1a)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000200)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
chdir(0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f00000005c0), 0x10)
recvmmsg(r6, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x4251}, {{0x0, 0x0, &(0x7f0000007040)=[{&(0x7f0000006040)=""/4086, 0x1000}], 0x1}, 0x8000}], 0x3fffffffffffdfc, 0x10002, 0x0)
sendmsg$can_bcm(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)

6.054984199s ago: executing program 0 (id=4429):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'hsr0\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xd40, 0x1200}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r3}, @IFLA_HSR_SLAVE1={0x8, 0x1, r2}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40010}, 0x8000)
r4 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
epoll_create(0x7f)
bind$llc(r4, &(0x7f0000000140)={0x1a, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x10)
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0xc00, 0x0, <r5=>0xffffffffffffffff})
recvfrom$l2tp6(r5, &(0x7f0000000380)=""/89, 0x59, 0x10000, 0x0, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, &(0x7f00000002c0))
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r6 = syz_open_dev$vim2m(0x0, 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
unshare(0x62040200)
r7 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r7, 0x0, 0x0)
syz_usb_connect(0x0, 0x4a, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, 0x0)
write$dsp(r7, 0x0, 0x0)
unshare(0x2000000)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008001240000000000500140008000000050005000a000000050001000600000011000300686173683a69702c706f7274"], 0x60}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

5.739507393s ago: executing program 2 (id=4433):
bpf$MAP_CREATE(0x0, 0x0, 0xb285f305e6b16ca5)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$xdp(0x2c, 0x3, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r1, &(0x7f0000001300)=ANY=[@ANYBLOB="370200007d02000005f600000000000005830000000008000000000000000000404900000000e0e5000005000000000000001b00046e6f6465767b65766f6f7e0545c60005080037d93a8b920000003300704a86cec602007dfa673effeb09b5351f5bde05"], 0x237)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r2)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0b062dbd700000400000300000000a00011a7770616e30200000050033000300000081ddd15e4cdec0124bdbfead042f36ffd209795ab0ddb67f"], 0x28}, 0x1, 0x8000000, 0x0, 0x1}, 0x0)

5.392910407s ago: executing program 3 (id=4435):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, 0x23, 0x301, 0x270bd24, 0x25dfdbfa, {0x1}}, 0x14}}, 0xc004)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x10, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x8, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x38)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'macsec0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x400000000000000}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x24, [0x8000, 0xc95a, 0x8, 0x8, 0x80, 0x8, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x1a, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x6, 0x5, 0x4, 0x0, 0x7, 0x3c57, 0x0, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x5, 0x7, 0x83, 0x9, 0x4c74, 0x0, 0x242, 0x2, 0xe, 0x0, 0x400, 0x7, 0x17, 0x21, 0x7, 0x5, 0x3e, 0x93, 0x6, 0x6, 0x0, 0x81, 0x6, 0xffff8001, 0x3ff, 0x83, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0x88, 0xf9, 0x388000, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2b, 0xe, 0x312, 0x78, 0xea4, 0x0, 0xfff, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0xfe, 0x0, 0xa, 0x5, 0x1000005, 0x6, 0xf, 0xd86, 0x2, 0x4, 0x8, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0xbc2, 0x1, 0xfe000000, 0x8, 0x2, 0x200004, 0x9, 0x3, 0x3, 0x3, 0x4, 0x3, 0x5, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x1, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x3, 0x5, 0x800000, 0x1ef, 0x8, 0x8, 0x86, 0x3, 0x3038, 0xff, 0xb, 0x2, 0x2, 0x2, 0x7, 0x20000008, 0x4, 0x16d01, 0x6, 0x38, 0x800003, 0x600, 0x80, 0xbf7, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x4a9, 0x5, 0x6, 0x47dc, 0x5, 0x7, 0x2000003, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x3, 0x5, 0x1b, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x0, 0x80000000], [0x9, 0xbb33, 0xa, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x400002, 0x57, 0x4, 0x3, 0x3, 0x10000, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x7, 0x1, 0x699c, 0x14c, 0x60a7, 0x6, 0x10000016, 0xffffffff, 0x80000000, 0x5, 0xffffffff, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xae, 0x8, 0x6, 0x226, 0x3, 0x100, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x8, 0x4, 0x5, 0x40b1e, 0xd7, 0x200, 0xffff3441, 0x4]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x10, 0x3, 0x0)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000009c0)=ANY=[@ANYBLOB="df255504000000d9321b21ee48a91c000000020303000000000000000008000100010000000000000000"], 0x1c}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
syz_pidfd_open(0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f0000000b00)=0x6)
io_setup(0x7, &(0x7f0000000280)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])

5.071979738s ago: executing program 3 (id=4437):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
bind$ax25(r0, &(0x7f0000000000)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @bcast]}, 0x48)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRESHEX=r0, @ANYRES64=r0, @ANYRES8=r0, @ANYRESDEC=r0, @ANYRES8=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES64=r0, @ANYRES8=r0], 0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, 0x0, 0xffffffffffffff9c)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000200)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
chdir(0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000005c0), 0x10)
recvmmsg(r4, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x4251}], 0x1, 0x10002, 0x0)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)

4.014646707s ago: executing program 2 (id=4438):
syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x448141)
ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000800000095"], &(0x7f00000003c0)='GPL\x00', 0x1, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='bcache_btree_write\x00', 0xffffffffffffffff, 0x0, 0x80e4}, 0x18)
r0 = openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff}, 0x106, 0xa}}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYRES8=r0, @ANYRESHEX=r1, @ANYRES32=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x48)
syz_emit_ethernet(0x4e, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141002)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x7)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x1e, &(0x7f0000000000)=0xa, 0x4)
sendto$inet6(r3, &(0x7f0000000100), 0x0, 0x10, 0x0, 0x0)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x21fffffc}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r5 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
openat$cgroup(r6, 0x0, 0x200002, 0x0)

4.012951775s ago: executing program 0 (id=4439):
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, &(0x7f0000000240)="23591363adf94c4a3525c373b8be3e8d2672540e4fff5fe7", 0x0, 0x18})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, 0x0, &(0x7f0000000080)='GPL\x00'}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f01b, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0x0, 0x0, 0x7, 0x8, 0x0, 0xf1, 0x3, 0x0, 0x8, 0x6}, {0xffff1000, 0x10000, 0xc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0xff}, {0x2000, 0x8080000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x0, 0x8, 0x3, 0x0, 0xfc}, {0xeeef0000, 0x33331000, 0xc, 0x9, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0x4}, {0x80a0000, 0xeeee8000, 0xe, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c}, {0x100000, 0x0, 0x0, 0x78, 0x5, 0xff, 0x2, 0x0, 0x0, 0xff, 0x1}, {0x0, 0xeeee0000, 0x3, 0x4, 0x0, 0x0, 0xa1, 0x20, 0x0, 0x0, 0x8}, {0x2, 0x6000, 0xc, 0x0, 0x0, 0x7, 0x8, 0x40, 0x26, 0x0, 0x0, 0x2}, {0x80a0000, 0x8cc}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x110, 0x0, 0xf801, 0x0, [0x80000001, 0x0, 0x1, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.01063171s ago: executing program 3 (id=4446):
ioperm(0x3, 0x5, 0x7)
r0 = openat$ttyprintk(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
read$FUSE(r0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8931, &(0x7f0000000080)={'bond0\x00', @random="e700"})
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, &(0x7f0000000180)='%\x00\x00\x00\x00\r\xcc:', 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000001cc0)={0x2, 0x0, [{0x0, 0x24, &(0x7f0000000000)=""/36}, {0x0, 0xffb, &(0x7f0000001d80)=""/4091}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000340)=0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

3.846410297s ago: executing program 0 (id=4441):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, 0x23, 0x301, 0x270bd24, 0x25dfdbfa, {0x1}}, 0x14}}, 0xc004)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x10, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x8, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x38)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'macsec0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x400000000000000}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x24, [0x8000, 0xc95a, 0x8, 0x8, 0x80, 0x8, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x1a, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x6, 0x5, 0x4, 0x0, 0x7, 0x3c57, 0x0, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x5, 0x7, 0x83, 0x9, 0x4c74, 0x0, 0x242, 0x2, 0xe, 0x0, 0x400, 0x7, 0x17, 0x21, 0x7, 0x5, 0x3e, 0x93, 0x6, 0x6, 0x0, 0x81, 0x6, 0xffff8001, 0x3ff, 0x83, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0x88, 0xf9, 0x388000, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2b, 0xe, 0x312, 0x78, 0xea4, 0x0, 0xfff, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0xfe, 0x0, 0xa, 0x5, 0x1000005, 0x6, 0xf, 0xd86, 0x2, 0x4, 0x8, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0xbc2, 0x1, 0xfe000000, 0x8, 0x2, 0x200004, 0x9, 0x3, 0x3, 0x3, 0x4, 0x3, 0x5, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x1, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x3, 0x5, 0x800000, 0x1ef, 0x8, 0x8, 0x86, 0x3, 0x3038, 0xff, 0xb, 0x2, 0x2, 0x2, 0x7, 0x20000008, 0x4, 0x16d01, 0x6, 0x38, 0x800003, 0x600, 0x80, 0xbf7, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x4a9, 0x5, 0x6, 0x47dc, 0x5, 0x7, 0x2000003, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x3, 0x5, 0x1b, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x0, 0x80000000], [0x9, 0xbb33, 0xa, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x400002, 0x57, 0x4, 0x3, 0x3, 0x10000, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x7, 0x1, 0x699c, 0x14c, 0x60a7, 0x6, 0x10000016, 0xffffffff, 0x80000000, 0x5, 0xffffffff, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xae, 0x8, 0x6, 0x226, 0x3, 0x100, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x8, 0x4, 0x5, 0x40b1e, 0xd7, 0x200, 0xffff3441, 0x4]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x10, 0x3, 0x0)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000009c0)=ANY=[@ANYBLOB="df255504000000d9321b21ee48a91c000000020303000000000000000008000100010000000000000000"], 0x1c}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
syz_pidfd_open(0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f0000000b00)=0x6)
io_setup(0x7, &(0x7f0000000280)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])

3.641164615s ago: executing program 2 (id=4444):
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x13, {0xffffffffffffffa2}}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
semctl$SETVAL(0x0, 0xff7f0000, 0x10, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)=[0xb1, 0x5, 0xf0d3])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

3.408050228s ago: executing program 4 (id=4445):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, 0x2, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_REPLY={0x4}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1d, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x40, r2, 0x1, 0x70bd27, 0x25dfd3fb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="6f2cf92d7132965156a4d53626a683bbc7a4a77fccf9c8228bd923d4e8cec323a1c6eb1bade3c21aba58d20ccf76446e4d31f8fd2ed44ab1832c1d9c5d162ba6d478d555ee99c3c9b01989ff47b1f1f82f5dc88820b780216e4c3d41c41e4f93e0eac47c7d9fc2aa4baed4da66972f59a148a3f8f344e5a4d3837f5feec8f53c490a66f40f0e0d53"], 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f0000000b40)=0x1, 0xb, 0x1, 0x0, &(0x7f0000000bc0), 0x0)

2.677301823s ago: executing program 3 (id=4447):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, 0x2, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_REPLY={0x4}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1d, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x40, r2, 0x1, 0x70bd27, 0x25dfd3fb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="6f2cf92d7132965156a4d53626a683bbc7a4a77fccf9c8228bd923d4e8cec323a1c6eb1bade3c21aba58d20ccf76446e4d31f8fd2ed44ab1832c1d9c5d162ba6d478d555ee99c3c9b01989ff47b1f1f82f5dc88820b780216e4c3d41c41e4f93e0eac47c7d9fc2aa4baed4da66972f59a148a3f8f344e5a4d3837f5feec8f53c490a66f40f0e0d53"], 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f0000000b40)=0x1, 0xb, 0x1, 0x0, &(0x7f0000000bc0), 0x0)

2.676862125s ago: executing program 2 (id=4448):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
bind$ax25(r0, &(0x7f0000000000)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @bcast]}, 0x48)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRESHEX=r0, @ANYRES64=r0, @ANYRES8=r0, @ANYRESDEC=r0, @ANYRES8=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES64=r0, @ANYRES8=r0], 0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, 0x0, 0xffffffffffffff9c)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000200)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
chdir(0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f00000005c0), 0x10)
recvmmsg(r4, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x4251}], 0x1, 0x10002, 0x0)
sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)

2.533932146s ago: executing program 0 (id=4449):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, 0x23, 0x301, 0x270bd24, 0x25dfdbfa, {0x1}}, 0x14}}, 0xc004)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x10, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x8, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x38)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'macsec0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x400000000000000}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x24, [0x8000, 0xc95a, 0x8, 0x8, 0x80, 0x8, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x1a, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x6, 0x5, 0x4, 0x0, 0x7, 0x3c57, 0x0, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x5, 0x7, 0x83, 0x9, 0x4c74, 0x0, 0x242, 0x2, 0xe, 0x0, 0x400, 0x7, 0x17, 0x21, 0x7, 0x5, 0x3e, 0x93, 0x6, 0x6, 0x0, 0x81, 0x6, 0xffff8001, 0x3ff, 0x83, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0x88, 0xf9, 0x388000, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2b, 0xe, 0x312, 0x78, 0xea4, 0x0, 0xfff, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0xfe, 0x0, 0xa, 0x5, 0x1000005, 0x6, 0xf, 0xd86, 0x2, 0x4, 0x8, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0xbc2, 0x1, 0xfe000000, 0x8, 0x2, 0x200004, 0x9, 0x3, 0x3, 0x3, 0x4, 0x3, 0x5, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x1, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x3, 0x5, 0x800000, 0x1ef, 0x8, 0x8, 0x86, 0x3, 0x3038, 0xff, 0xb, 0x2, 0x2, 0x2, 0x7, 0x20000008, 0x4, 0x16d01, 0x6, 0x38, 0x800003, 0x600, 0x80, 0xbf7, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x4a9, 0x5, 0x6, 0x47dc, 0x5, 0x7, 0x2000003, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x3, 0x5, 0x1b, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x0, 0x80000000], [0x9, 0xbb33, 0xa, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x400002, 0x57, 0x4, 0x3, 0x3, 0x10000, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x7, 0x1, 0x699c, 0x14c, 0x60a7, 0x6, 0x10000016, 0xffffffff, 0x80000000, 0x5, 0xffffffff, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xae, 0x8, 0x6, 0x226, 0x3, 0x100, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x8, 0x4, 0x5, 0x40b1e, 0xd7, 0x200, 0xffff3441, 0x4]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x10, 0x3, 0x0)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000009c0)=ANY=[@ANYBLOB="df255504000000d9321b21ee48a91c00000002030300000000000000000800010001000000000000"], 0x1c}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
syz_pidfd_open(0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f0000000b00)=0x6)
io_setup(0x7, &(0x7f0000000280)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])

2.464959517s ago: executing program 2 (id=4450):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, 0x2, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_REPLY={0x4}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1d, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x40, r2, 0x1, 0x70bd27, 0x25dfd3fb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
add_key$user(&(0x7f0000000380), 0x0, &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="6f2cf92d7132965156a4d53626a683bbc7a4a77fccf9c8228bd923d4e8cec323a1c6eb1bade3c21aba58d20ccf76446e4d31f8fd2ed44ab1832c1d9c5d162ba6d478d555ee99c3c9b01989ff47b1f1f82f5dc88820b780216e4c3d41c41e4f93e0eac47c7d9fc2aa4baed4da66972f59a148a3f8f344e5a4d3837f5feec8f53c490a66f40f0e0d53"], 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f0000000b40)=0x1, 0xb, 0x1, 0x0, &(0x7f0000000bc0), 0x0)

2.35946542s ago: executing program 4 (id=4451):
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0xaaa, &(0x7f0000000240)="23591363adf94c4a3525c373b8be3e8d2672540e4fff5fe7", 0x0, 0x18})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f01b, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0x0, 0x0, 0x7, 0x8, 0x0, 0xf1, 0x3, 0x0, 0x8, 0x6}, {0xffff1000, 0x10000, 0xc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0xff}, {0x2000, 0x8080000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x0, 0x8, 0x3, 0x0, 0xfc}, {0xeeef0000, 0x33331000, 0xc, 0x9, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0x4}, {0x80a0000, 0xeeee8000, 0xe, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c}, {0x100000, 0x0, 0x0, 0x78, 0x5, 0xff, 0x2, 0x0, 0x0, 0xff, 0x1}, {0x0, 0xeeee0000, 0x3, 0x4, 0x0, 0x0, 0xa1, 0x20, 0x0, 0x0, 0x8}, {0x2, 0x6000, 0xc, 0x0, 0x0, 0x7, 0x8, 0x40, 0x26, 0x0, 0x0, 0x2}, {0x80a0000, 0x8cc}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x0, 0x110, 0x0, 0xf801, 0x0, [0x80000001, 0x0, 0x1, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.045224776s ago: executing program 4 (id=4452):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000600)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00010000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000000000000000580000000a000008000000feffffffff7f400002000000000000080000000000000000010000004400050000000000000000000000000000000000000000003c0000"], 0xfc}}, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000180)="0000000000000002", 0x8)
socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdfafa51cdd, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @loopback, 0xffffffff}, 0x1c)

1.965078893s ago: executing program 4 (id=4453):
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000040)=@generic={0x0, 0x0, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002d40)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff48700000020000005c0000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9ea4318123341cf9d90a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a22a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666963c474c2a19eed87b277be335c75e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44aeaced3641110bec4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d4dcecb0c005d2a1bcf9436e101040000f73902ebcf0200822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2aa7f1521bc9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757ca1e6bfdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d2502000000d9051f22614d1f62734d678039a97d2b74f9e8e97f4e8e7025123e783df8b8a17e3aa9fe9c502f9acee4f1b56e1f23128d743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcd7cd6dfc06b02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76ef29f7f6e0a2be625eae975e02069f6f24e1e1bc976d965ddabb01085f16bff63a06578d6d184f5de7bfb6aaa75f16996d8d60bd0111a8a237a1536256c02284cb1d3a6fb8eae87691fae365a70c3f15871565bba8dd8a8ca049f798bbe646f738bebdfc9d8a5edd7a19ca6a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c6e6f80d215c9e16e0c4736c81936315418f26770cca4e2f89800d18c89d7f46f679df6c9e2005f209dda94302a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41df7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9cde5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea8a1850c4f83306dbca02ee3686da707b6d85db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09834b4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e8e0d6fd5644b0ebde330289d6348d183ed9d3dae3cccf109f7c78e8479a345e805e47dfa82cafc6b64b1f4659834aecbeded44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c2061d22156b1b7d5f80c580dc31b0963ff953ce09148e8dfea9d03a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e96c247b6025d4376067e25357d3b521a5b927d3392a7503718aea24179528f6a0c6de4e61b49cad1e4d6b000000000000005b2d16877299acefc0655bc1422c3d425d988eedebcf242b780a687c9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905925e611be56e9ebe20cab20c290a1f6c09272dbc3b2c0ab2b5baa1b07b16e81f278e54a479f1a06bc06e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4d57b741eb66c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce788c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b41dd0843cf3d85bb820656a88a9e52a4cd7b3eeadfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f709294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b132876159972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1bc225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf067fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b773ef4c8a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a270ee0cca35b1331ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a3be30f50b2d9479c5bde0beb38030d0c0ce0598700130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57b5f4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80014ff11d9dbceba41d8dfce410333a054e82b1d050331ce0aeacb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6bb956fac1ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70cea5fc1083a169a8263e9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd7d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e661f4b6d430adad1e2116bc385f888405d48f0d386da0cc6747b33395772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c4207000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8955076578f44ffb8895f11bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1ba89dfb12be7a7c6dd18f6148354df7e60a489dc543ccdee1fff9d8f8d78844de27a77ef1181d5055c2a193a5763ed7749a17296c76818b60426082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d64100cc000000008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be07278dd12fa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3be5f9329dcaf33bf2c87cc510557460d14421e1d26322ab64388f2ceae70922989f66827fe9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168e32d7bd6800000000a21008b8d26dabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d91134927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2935d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997c83e178be287eb6e8c95badaf8ed85cd5b03a7352a0fb83398566d1bc133582ce2d9f601cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3bd095229ee3cbb86883d574c5af4bb78370561de3fbf55bfcd2db3979eb1be120b5795443324023353c959fd965702f1cd5bcb3c16d4b8bdd9fc87c862c247e140379ef098c7b3fa79a6638a245b6a74f14dde9bd4ee48e62cdc70f486ce38641e4e4309aa9f4bd097fa1530db966d9919544ab4890301e51f9525436f5d9591460340f5093161a78a249783945407f2576d6f35a99e3521d7991e3fdfde5ee7f6a8ff8181a68ef15a2ebfe9e22d7c745949ab5cc15b9f5659799b5e00debbf9f623f75bfd4d83c4859ca9b652cea33daeeef07b60c78a21965bcf91919071c7ded19317dc0b7587d9322f8cec9e32675a187465bdfa101bcd9ac680839b375af12c160247dd960e70eb7ee60c52a900440aa9bd9a6b15a4a34dc73c3c4936d8986300fdc264b28537df387e6442c3355fa2a31d24c1ed888a57fcc50400a084a38a3630ffc465f36a4b770fab0946148161184be39134542e934f3a538b011cb3928b430630b8ccc800000000881d4361e7fbd1fc2331b4e34733480bc497662a8234a7eeab3e65d6b0f5d92edff04416eedcd15b9ddbcb3cf9228afda6b17d44a276b205eabd0069f7e26aea50f537dc77b683ed83d2f9110e00a705f48e9d13378cf09bca22e8f45c4f360d5fff8ba35f21c4513bcc0800000000000000dc5cc7ad7290c60bc609bff9be7cd922f474c3faa78fd42cba7c78d6d912656b6313497625e2f9afaba05b17ca242b7ca8d6556175aee38142a8aac5f677c2f8a6967f2cb5e97aae97a5e5579a706243688ac4d38a4601b4aadb2d319fe7d6bf1272fa3fa701338d7bce390e8bf959081ed39e63a431901d615a26ff95e1620a6c26eda4f92d83499a173e7217001f58ed5406bdb59acbc997e8fd3d53b4c2c2a1b314bfe611e5958458af7b3c5319fdb4c40b8d01365fdee93af6fad7c7a8da86460f45c9e99d43264c921b090000000000000000000000000000000000007cf90000008f8a9da7a8a167815c6ffcd1b6863cde9ab45ecd8f06423198bb00cdf76877f407be46b000000000afbb4cb3a8de259a8beb2223f28b855e2bdf4b31b91e5062a42a55bd95e93f77f2499391cf0000000000000000000000000000195007ad27d1d61dc4d5512f117f0ed554c2c88c1713000000000000bb1ff447d6e12da22ee9f0422a84f361684861169f498909c4841f4d5a0f5807a3b7d833075fdcd9c1d169b03d7df7f4150fad8b9e92eaf86992adbda360dd91de51c6df335445492608162fb0804dabdeac6fb71042f906eefd37f1d190a1c8a0d9de7f34dcc8cbd7b565fc675f3bf7aac559411808ee703ec3ad461c6ddc571994cb504c46eabbc2ff4b97df394bc75b5e7f45b4450753b5d2b8b8414a7fe6a17661bdb5b1d080cfd974811e1d60763d8d9509c75aa729a334b55ee76b0c2d5027e81ceec1a6d7441d0b538d7a4d048d156ebcff102e45c15d2a73b40d74807f5182a319d50edbf430f00b1c29a9e4bd92111caacbb1d4541545c2d262646070da42f76e3f3c6d139eed89cc9300000000000000000000000000000000000072d7e605eb8e978d76796d9d3a728c51a3145da8e1ca4973aa8fed855328e9d2509335c5386cac74e862eac50e9ba95b6a2a29e8ef08a9ae29792e77fb9952b1ac5c816db5c23a656d9a28f81f6a9465aec94d701ee8646b30650c84b9510a337e82702baf368d29281d3d54b39014756ca5a1be184d4ebb942f99581a6fbac0b9c9f97c920dfac7e2379ef6bb076118aa9bbb4ee12e64aa530f852bf4f970a08a55531934e39fbae483129949a918115571d76740ca6a1cea59df290f2e63675ca30a289775825fe3e5d6f206f3f395346c0738035dc74368bb035fc65a40f8124369b8950ded31af64855cb18b23517ca935a0fa1b630d70c4ca9acbaf0f08910f327fba506d834029a90d47701102045fff90675adb3c83983d125ae730b9497c681a912a6bb70300a2d7fba051f82b9d6f710426b5bd0d0bc0b08a0f801276789613da406905011bd6ebbac91ff17a21d1ed0882e73394025772f31dc8a3048789c703f920c55746f6fc955046f9332d72150be23c26cbb08d1b438e84b83fefc6a16958fd46dc7b8cbea1da2d541324e373e9157696d698a0b4bc84d7cc2fdb069db8a5a491a9d2bbc0a61b73f75d81d07d778a1577db3b06d20a21b19ea17ecd996d7dea947ee8ce55fa2dea5a000000000000000000000000006f0143d8d4038ef9f57d9e9336f3559558710d1febe7394cf8b02f59dab24d07db3d3c1ebff58f973ba3fc0c3e2fb2c2a674a188614520ecb1d22b49e3550263bf9d669fba198b65ee3512db0e710d2070b5847face7ada12c83f0aea3a8c9e84e6c7406732c952c5695d43bca33d481ef9d442697875e114f4c759af306b3fc8224fdec89bf199234bff488b81438cbe89e4cabdc007139352b5cb69d7987cdf37ab549b7639eeadafd5315d9c9f0e8c9223102e6deaca4ae9cb943a3ad188bcad95e8f97d7fee7c47ea50d222fe67085b4fb3fecfb67dec23b6ab5ee19a5ca5367bff058149acf90a6c4014dea2b763389f77301ea8574d112625300906f480c36f41f82f84991800c37863de349f7"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x12, &(0x7f0000000000)=0xfffffff3, 0x4)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x800000, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)={0x7, [0x8, 0x3, 0x4, 0xce, 0x5, 0x57a, 0xd747]})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000001000/0x3000)=nil, r5, 0x2, 0x13, r4, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.461612903s ago: executing program 2 (id=4454):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000300), 0x80800, 0x0)
chown(&(0x7f0000000240)='./cgroup.net/devices.allow\x00', 0x0, 0xffffffffffffffff)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x3c1, 0x3, 0x4a8, 0x2f4, 0x18c, 0x203, 0x2f4, 0x19030000, 0x3e0, 0x2e0, 0x2e0, 0x3e0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d4, 0x2f4, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x1d}, {}, {0x4}, {0x0, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3, 0xfffffffd}, {0x2}, {0x3}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {0x0, 0x0, 0x0, 0x2000000}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84, 0x0, 0x2, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x4}]}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa4, 0xec}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x504)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r3, &(0x7f0000000040)="240000001a005f0214f9f407000904001f0000000000000000000000080d110001000000", 0x24)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x20000000ec072, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
openat$kvm(0xffffff9c, 0x0, 0x0, 0x0)
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000140))
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
syz_usb_control_io$hid(r6, &(0x7f00000005c0)={0x24, 0x0, 0x0, &(0x7f0000000380)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x8, "48b603de"}]}}, 0x0}, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2)
ioctl$UFFDIO_COPY(r5, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000fcffffff00000000000000008500000036000000180100006420002500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000001800000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r9, &(0x7f0000000200)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r10, 0x25, 0x0, @void}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)

1.443827587s ago: executing program 3 (id=4455):
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000040)=@generic={0x0, 0x0, 0x6})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002d40)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff48700000020000005c0000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9ea4318123341cf9d90a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a22a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666963c474c2a19eed87b277be335c75e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44aeaced3641110bec4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d4dcecb0c005d2a1bcf9436e101040000f73902ebcf0200822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2aa7f1521bc9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757ca1e6bfdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d2502000000d9051f22614d1f62734d678039a97d2b74f9e8e97f4e8e7025123e783df8b8a17e3aa9fe9c502f9acee4f1b56e1f23128d743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcd7cd6dfc06b02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76ef29f7f6e0a2be625eae975e02069f6f24e1e1bc976d965ddabb01085f16bff63a06578d6d184f5de7bfb6aaa75f16996d8d60bd0111a8a237a1536256c02284cb1d3a6fb8eae87691fae365a70c3f15871565bba8dd8a8ca049f798bbe646f738bebdfc9d8a5edd7a19ca6a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c6e6f80d215c9e16e0c4736c81936315418f26770cca4e2f89800d18c89d7f46f679df6c9e2005f209dda94302a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41df7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9cde5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea8a1850c4f83306dbca02ee3686da707b6d85db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09834b4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e8e0d6fd5644b0ebde330289d6348d183ed9d3dae3cccf109f7c78e8479a345e805e47dfa82cafc6b64b1f4659834aecbeded44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c2061d22156b1b7d5f80c580dc31b0963ff953ce09148e8dfea9d03a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e96c247b6025d4376067e25357d3b521a5b927d3392a7503718aea24179528f6a0c6de4e61b49cad1e4d6b000000000000005b2d16877299acefc0655bc1422c3d425d988eedebcf242b780a687c9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905925e611be56e9ebe20cab20c290a1f6c09272dbc3b2c0ab2b5baa1b07b16e81f278e54a479f1a06bc06e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4d57b741eb66c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce788c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b41dd0843cf3d85bb820656a88a9e52a4cd7b3eeadfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f709294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b132876159972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1bc225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf067fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b773ef4c8a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a270ee0cca35b1331ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a3be30f50b2d9479c5bde0beb38030d0c0ce0598700130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57b5f4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80014ff11d9dbceba41d8dfce410333a054e82b1d050331ce0aeacb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6bb956fac1ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70cea5fc1083a169a8263e9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd7d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e661f4b6d430adad1e2116bc385f888405d48f0d386da0cc6747b33395772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c4207000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8955076578f44ffb8895f11bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1ba89dfb12be7a7c6dd18f6148354df7e60a489dc543ccdee1fff9d8f8d78844de27a77ef1181d5055c2a193a5763ed7749a17296c76818b60426082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d64100cc000000008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be07278dd12fa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3be5f9329dcaf33bf2c87cc510557460d14421e1d26322ab64388f2ceae70922989f66827fe9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168e32d7bd6800000000a21008b8d26dabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d91134927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2935d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997c83e178be287eb6e8c95badaf8ed85cd5b03a7352a0fb83398566d1bc133582ce2d9f601cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3bd095229ee3cbb86883d574c5af4bb78370561de3fbf55bfcd2db3979eb1be120b5795443324023353c959fd965702f1cd5bcb3c16d4b8bdd9fc87c862c247e140379ef098c7b3fa79a6638a245b6a74f14dde9bd4ee48e62cdc70f486ce38641e4e4309aa9f4bd097fa1530db966d9919544ab4890301e51f9525436f5d9591460340f5093161a78a249783945407f2576d6f35a99e3521d7991e3fdfde5ee7f6a8ff8181a68ef15a2ebfe9e22d7c745949ab5cc15b9f5659799b5e00debbf9f623f75bfd4d83c4859ca9b652cea33daeeef07b60c78a21965bcf91919071c7ded19317dc0b7587d9322f8cec9e32675a187465bdfa101bcd9ac680839b375af12c160247dd960e70eb7ee60c52a900440aa9bd9a6b15a4a34dc73c3c4936d8986300fdc264b28537df387e6442c3355fa2a31d24c1ed888a57fcc50400a084a38a3630ffc465f36a4b770fab0946148161184be39134542e934f3a538b011cb3928b430630b8ccc800000000881d4361e7fbd1fc2331b4e34733480bc497662a8234a7eeab3e65d6b0f5d92edff04416eedcd15b9ddbcb3cf9228afda6b17d44a276b205eabd0069f7e26aea50f537dc77b683ed83d2f9110e00a705f48e9d13378cf09bca22e8f45c4f360d5fff8ba35f21c4513bcc0800000000000000dc5cc7ad7290c60bc609bff9be7cd922f474c3faa78fd42cba7c78d6d912656b6313497625e2f9afaba05b17ca242b7ca8d6556175aee38142a8aac5f677c2f8a6967f2cb5e97aae97a5e5579a706243688ac4d38a4601b4aadb2d319fe7d6bf1272fa3fa701338d7bce390e8bf959081ed39e63a431901d615a26ff95e1620a6c26eda4f92d83499a173e7217001f58ed5406bdb59acbc997e8fd3d53b4c2c2a1b314bfe611e5958458af7b3c5319fdb4c40b8d01365fdee93af6fad7c7a8da86460f45c9e99d43264c921b090000000000000000000000000000000000007cf90000008f8a9da7a8a167815c6ffcd1b6863cde9ab45ecd8f06423198bb00cdf76877f407be46b000000000afbb4cb3a8de259a8beb2223f28b855e2bdf4b31b91e5062a42a55bd95e93f77f2499391cf0000000000000000000000000000195007ad27d1d61dc4d5512f117f0ed554c2c88c1713000000000000bb1ff447d6e12da22ee9f0422a84f361684861169f498909c4841f4d5a0f5807a3b7d833075fdcd9c1d169b03d7df7f4150fad8b9e92eaf86992adbda360dd91de51c6df335445492608162fb0804dabdeac6fb71042f906eefd37f1d190a1c8a0d9de7f34dcc8cbd7b565fc675f3bf7aac559411808ee703ec3ad461c6ddc571994cb504c46eabbc2ff4b97df394bc75b5e7f45b4450753b5d2b8b8414a7fe6a17661bdb5b1d080cfd974811e1d60763d8d9509c75aa729a334b55ee76b0c2d5027e81ceec1a6d7441d0b538d7a4d048d156ebcff102e45c15d2a73b40d74807f5182a319d50edbf430f00b1c29a9e4bd92111caacbb1d4541545c2d262646070da42f76e3f3c6d139eed89cc9300000000000000000000000000000000000072d7e605eb8e978d76796d9d3a728c51a3145da8e1ca4973aa8fed855328e9d2509335c5386cac74e862eac50e9ba95b6a2a29e8ef08a9ae29792e77fb9952b1ac5c816db5c23a656d9a28f81f6a9465aec94d701ee8646b30650c84b9510a337e82702baf368d29281d3d54b39014756ca5a1be184d4ebb942f99581a6fbac0b9c9f97c920dfac7e2379ef6bb076118aa9bbb4ee12e64aa530f852bf4f970a08a55531934e39fbae483129949a918115571d76740ca6a1cea59df290f2e63675ca30a289775825fe3e5d6f206f3f395346c0738035dc74368bb035fc65a40f8124369b8950ded31af64855cb18b23517ca935a0fa1b630d70c4ca9acbaf0f08910f327fba506d834029a90d47701102045fff90675adb3c83983d125ae730b9497c681a912a6bb70300a2d7fba051f82b9d6f710426b5bd0d0bc0b08a0f801276789613da406905011bd6ebbac91ff17a21d1ed0882e73394025772f31dc8a3048789c703f920c55746f6fc955046f9332d72150be23c26cbb08d1b438e84b83fefc6a16958fd46dc7b8cbea1da2d541324e373e9157696d698a0b4bc84d7cc2fdb069db8a5a491a9d2bbc0a61b73f75d81d07d778a1577db3b06d20a21b19ea17ecd996d7dea947ee8ce55fa2dea5a000000000000000000000000006f0143d8d4038ef9f57d9e9336f3559558710d1febe7394cf8b02f59dab24d07db3d3c1ebff58f973ba3fc0c3e2fb2c2a674a188614520ecb1d22b49e3550263bf9d669fba198b65ee3512db0e710d2070b5847face7ada12c83f0aea3a8c9e84e6c7406732c952c5695d43bca33d481ef9d442697875e114f4c759af306b3fc8224fdec89bf199234bff488b81438cbe89e4cabdc007139352b5cb69d7987cdf37ab549b7639eeadafd5315d9c9f0e8c9223102e6deaca4ae9cb943a3ad188bcad95e8f97d7fee7c47ea50d222fe67085b4fb3fecfb67dec23b6ab5ee19a5ca5367bff058149acf90a6c4014dea2b763389f77301ea8574d112625300906f480c36f41f82f84991800c37863de349f7"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x12, &(0x7f0000000000)=0xfffffff3, 0x4)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x800000, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)={0x7, [0x8, 0x3, 0x4, 0xce, 0x5, 0x57a, 0xd747]})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000001000/0x3000)=nil, r5, 0x2, 0x13, r4, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.442215603s ago: executing program 0 (id=4456):
ioperm(0x3, 0x5, 0x7)
r0 = openat$ttyprintk(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
read$FUSE(r0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8931, &(0x7f0000000080)={'bond0\x00', @random="e700"})
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, &(0x7f0000000180)='%\x00\x00\x00\x00\r\xcc:', 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000001cc0)={0x2, 0x0, [{0x0, 0x24, &(0x7f0000000000)=""/36}, {0x0, 0xffb, &(0x7f0000001d80)=""/4091}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000340)=0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

852.422406ms ago: executing program 4 (id=4457):
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x13, {0xffffffffffffffa2}}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
semctl$SETVAL(0x0, 0xff7f0000, 0x10, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)=[0xb1, 0x5, 0xf0d3])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

154.567506ms ago: executing program 4 (id=4458):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
socket$key(0xf, 0x3, 0x2)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x0, 0x0)
gettid()
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_int(r4, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1)
write$binfmt_misc(r4, &(0x7f0000000300), 0x6)

14.205537ms ago: executing program 3 (id=4459):
socket$alg(0x26, 0x5, 0x0)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x801, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x4c7285e17a1e6440, 0x0, {0x7, 0x1f, 0x4, 0x20008000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x50)
r0 = socket$inet6(0xa, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0)
r2 = syz_io_uring_setup(0x496, &(0x7f0000000f80)={0x0, 0x79af, 0x3180, 0x7ffc, 0x40024e}, &(0x7f0000000340), &(0x7f0000000180))
syz_io_uring_setup(0x641a, &(0x7f0000000300)={0x0, 0x235d, 0x10100, 0x0, 0x400002d8, 0x0, r2}, 0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000140)=@IORING_OP_UNLINKAT={0x24, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200, 0x1})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0xee01, 0x1000)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
unshare(0x2060600)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sync_file_range(r4, 0x7fff, 0x5, 0xf)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000740)=[@cswp={0x58, 0x114, 0x7, {{0x5}, &(0x7f00000003c0)=0xdf, 0x0, 0x55, 0x5, 0x4, 0x8, 0x30, 0x2}}], 0x58}, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
ioctl$SIOCGETLINKNAME(r5, 0x89e0, &(0x7f0000000400)={0x0, 0x3})
shutdown(r0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
openat$rfkill(0xffffff9c, &(0x7f0000000040), 0x8080, 0x0)

0s ago: executing program 0 (id=4460):
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(0xffffffffffffffff, 0x8982, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001000000800000", @ANYRES32, @ANYRESHEX, @ANYRES32=0x0], 0x50)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x203, 0x8401)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x2e288501978821b, 0x80)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0xbf, 0x42}}}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000034}, 0x40)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r3 = dup3(r1, r0, 0x0)
recvmmsg$unix(r3, &(0x7f0000001280)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000005140)=""/4111, 0x100f}], 0x1}}], 0x1, 0x58ca2280, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r4, 0xffffffffffffffff, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r5, 0x4014563c, 0x0)
ioctl$VIDIOC_S_SELECTION(r5, 0xc040565f, &(0x7f0000000040)={0x2, 0x0, 0x6, {0x9, 0x2c0, 0x7, 0x4f46}})
get_robust_list(0x0, &(0x7f0000000400)=0x0, &(0x7f0000000580))
r6 = socket$inet_icmp(0x2, 0x2, 0x1)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000d600000000000000000000008500000041000000850000000f00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
setsockopt$inet_int(r6, 0x0, 0x32, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 _copy_to_user+0x32/0xd0
[  576.070810][T18038]  simple_read_from_buffer+0xcb/0x170
[  576.070826][T18038]  proc_fail_nth_read+0x197/0x240
[  576.070844][T18038]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  576.070862][T18038]  ? rw_verify_area+0xcf/0x6c0
[  576.070875][T18038]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  576.070892][T18038]  vfs_read+0x1e4/0xcf0
[  576.070907][T18038]  ? __pfx___mutex_lock+0x10/0x10
[  576.070919][T18038]  ? __pfx_vfs_read+0x10/0x10
[  576.070932][T18038]  ? find_held_lock+0x2b/0x80
[  576.070949][T18038]  ? __fget_files+0x20e/0x3c0
[  576.070967][T18038]  ksys_read+0x12a/0x250
[  576.070981][T18038]  ? __pfx_ksys_read+0x10/0x10
[  576.070996][T18038]  ? fput+0x70/0xf0
[  576.071008][T18038]  __do_fast_syscall_32+0xe8/0x680
[  576.071020][T18038]  do_fast_syscall_32+0x32/0x80
[  576.071031][T18038]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  576.071044][T18038] RIP: 0023:0xf7f17579
[  576.071053][T18038] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  576.071063][T18038] RSP: 002b:00000000f5406590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  576.071073][T18038] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5406620
[  576.071080][T18038] RDX: 000000000000000f RSI: 00000000f73a6ff4 RDI: 0000000000000000
[  576.071086][T18038] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  576.071091][T18038] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  576.071097][T18038] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  576.071110][T18038]  </TASK>
[  576.579712][T15468] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  576.688431][T18055] vlan3: entered allmulticast mode
[  576.736585][T18056] binder: 18054:18056 unknown command 0
[  576.738394][T18056] binder: 18054:18056 ioctl c0306201 80000080 returned -22
[  576.769453][T15468] usb 8-1: config 0 has no interfaces?
[  576.773849][T15468] usb 8-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  576.777438][T15468] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.781085][T15468] usb 8-1: Product: syz
[  576.786131][T15468] usb 8-1: Manufacturer: syz
[  576.787895][T15468] usb 8-1: SerialNumber: syz
[  576.807482][T18058] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  576.810181][T15468] usb 8-1: config 0 descriptor??
[  577.206843][T18072] sp0: Synchronizing with TNC
[  578.034252][T18070] [U] �`
[  578.325229][T18085] =======================================================
[  578.325229][T18085] WARNING: The mand mount option has been deprecated and
[  578.325229][T18085]          and is ignored by this kernel. Remove the mand
[  578.325229][T18085]          option from the mount to silence this warning.
[  578.325229][T18085] =======================================================
[  578.342440][T18084] overlayfs: maximum fs stacking depth exceeded
[  578.524905][ T1150] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.596508][ T1150] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.677113][ T1150] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.692333][ T5946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  578.695691][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  578.698664][ T5946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  578.702875][ T5946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  578.706689][ T5946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  578.734605][T18094] lo speed is unknown, defaulting to 1000
[  578.756311][ T1150] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.866552][ T1150] bridge_slave_1: left allmulticast mode
[  578.868978][ T1150] bridge_slave_1: left promiscuous mode
[  578.871786][ T1150] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.876710][ T1150] bridge_slave_0: left allmulticast mode
[  578.878793][ T1150] bridge_slave_0: left promiscuous mode
[  578.881172][ T1150] bridge0: port 1(bridge_slave_0) entered disabled state
[  579.395181][T15468] usb 8-1: USB disconnect, device number 4
[  579.430603][T18115] FAULT_INJECTION: forcing a failure.
[  579.430603][T18115] name failslab, interval 1, probability 0, space 0, times 0
[  579.434721][T18115] CPU: 3 UID: 0 PID: 18115 Comm: syz.2.3897 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  579.434738][T18115] Tainted: [L]=SOFTLOCKUP
[  579.434747][T18115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  579.434753][T18115] Call Trace:
[  579.434758][T18115]  <TASK>
[  579.434763][T18115]  dump_stack_lvl+0x16c/0x1f0
[  579.434783][T18115]  should_fail_ex+0x512/0x640
[  579.434795][T18115]  ? __kmalloc_noprof+0xca/0x910
[  579.434808][T18115]  should_failslab+0xc2/0x120
[  579.434825][T18115]  __kmalloc_noprof+0xeb/0x910
[  579.434837][T18115]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  579.434853][T18115]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  579.434864][T18115]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  579.434878][T18115]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  579.434891][T18115]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  579.434902][T18115]  ? genl_get_cmd+0x194/0x580
[  579.434914][T18115]  ? bpf_lsm_capable+0x9/0x10
[  579.434929][T18115]  ? security_capable+0x7e/0x260
[  579.434947][T18115]  ? ns_capable+0xd7/0x110
[  579.434962][T18115]  genl_rcv_msg+0x55c/0x800
[  579.434975][T18115]  ? __pfx_genl_rcv_msg+0x10/0x10
[  579.434985][T18115]  ? __pfx_l2tp_nl_cmd_tunnel_create+0x10/0x10
[  579.435003][T18115]  ? __lock_acquire+0x436/0x2890
[  579.435016][T18115]  netlink_rcv_skb+0x158/0x420
[  579.435032][T18115]  ? __pfx_genl_rcv_msg+0x10/0x10
[  579.435043][T18115]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  579.435063][T18115]  ? netlink_deliver_tap+0x1ae/0xd30
[  579.435080][T18115]  genl_rcv+0x28/0x40
[  579.435089][T18115]  netlink_unicast+0x5aa/0x870
[  579.435107][T18115]  ? __pfx_netlink_unicast+0x10/0x10
[  579.435127][T18115]  netlink_sendmsg+0x8c8/0xdd0
[  579.435145][T18115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  579.435162][T18115]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  579.435182][T18115]  ____sys_sendmsg+0xa5d/0xc30
[  579.435195][T18115]  ? __pfx_____sys_sendmsg+0x10/0x10
[  579.435204][T18115]  ? get_compat_msghdr+0x11a/0x170
[  579.435224][T18115]  ___sys_sendmsg+0x134/0x1d0
[  579.435239][T18115]  ? __pfx____sys_sendmsg+0x10/0x10
[  579.435259][T18115]  ? find_held_lock+0x2b/0x80
[  579.435281][T18115]  __sys_sendmsg+0x16d/0x220
[  579.435295][T18115]  ? __pfx___sys_sendmsg+0x10/0x10
[  579.435317][T18115]  __do_fast_syscall_32+0xe8/0x680
[  579.435330][T18115]  do_fast_syscall_32+0x32/0x80
[  579.435340][T18115]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  579.435353][T18115] RIP: 0023:0xf7fe4579
[  579.435362][T18115] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  579.435372][T18115] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  579.435382][T18115] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  579.435389][T18115] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  579.435394][T18115] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  579.435400][T18115] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  579.435406][T18115] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  579.435419][T18115]  </TASK>
[  579.581774][ T1150] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  579.585894][ T1150] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  579.589391][ T1150] bond0 (unregistering): Released all slaves
[  579.648851][ T1150] bond1 (unregistering): Released all slaves
[  579.655637][T18094] chnl_net:caif_netlink_parms(): no params data found
[  579.729553][T18094] bridge0: port 1(bridge_slave_0) entered blocking state
[  579.733387][T18094] bridge0: port 1(bridge_slave_0) entered disabled state
[  579.736123][T18094] bridge_slave_0: entered allmulticast mode
[  579.739573][T18094] bridge_slave_0: entered promiscuous mode
[  579.743735][T18094] bridge0: port 2(bridge_slave_1) entered blocking state
[  579.746447][T18094] bridge0: port 2(bridge_slave_1) entered disabled state
[  579.749165][T18094] bridge_slave_1: entered allmulticast mode
[  579.758643][T18094] bridge_slave_1: entered promiscuous mode
[  579.782454][T18094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  579.788054][T18094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  579.811105][T18094] team0: Port device team_slave_0 added
[  579.814248][T18094] team0: Port device team_slave_1 added
[  579.823168][ T1150] tipc: Disabling bearer <eth:syzkaller0>
[  579.826419][ T1150] tipc: Left network mode
[  579.844430][T18094] batman_adv: batadv0: Adding interface: batadv_slave_0
[  579.846688][T18094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  579.855374][T18094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  579.859576][T18094] batman_adv: batadv0: Adding interface: batadv_slave_1
[  579.862201][T18094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  579.870947][T18094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  579.918458][T18094] hsr_slave_0: entered promiscuous mode
[  579.921299][T18139] loop7: detected capacity change from 0 to 16384
[  579.921611][T18094] hsr_slave_1: entered promiscuous mode
[  580.128020][T18094] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  580.138915][T18094] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  580.149356][T18094] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  580.165180][T18094] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  580.174760][ T1150] hsr_slave_0: left promiscuous mode
[  580.176949][ T1150] hsr_slave_1: left promiscuous mode
[  580.178879][ T1150] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  580.182156][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_0
[  580.186122][ T1150] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  580.188405][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_1
[  580.199151][ T1150] veth1_macvtap: left promiscuous mode
[  580.203526][ T1150] veth0_macvtap: left promiscuous mode
[  580.205283][ T1150] veth1_vlan: left promiscuous mode
[  580.207032][ T1150] veth0_vlan: left promiscuous mode
[  580.834048][ T5949] Bluetooth: hci3: command tx timeout
[  581.404979][T18157] netlink: 112 bytes leftover after parsing attributes in process `syz.2.3906'.
[  581.405017][T18156] netlink: 112 bytes leftover after parsing attributes in process `syz.2.3906'.
[  581.520126][ T6024] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  581.621292][T18159] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.623441][T18159] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.697404][T18159] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  581.701277][ T6024] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  581.704609][ T6024] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  581.707549][ T6024] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  581.708740][T18159] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  581.712337][ T6024] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  581.716528][ T6024] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.722071][ T6024] usb 8-1: config 0 descriptor??
[  581.765832][T18159] gtp0: left promiscuous mode
[  581.767484][T18159] gtp0: left allmulticast mode
[  581.779189][   T12] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  581.783262][   T12] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  581.794207][T18161] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  581.802350][   T12] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  581.868299][T18094] 8021q: adding VLAN 0 to HW filter on device bond0
[  581.881750][T18094] 8021q: adding VLAN 0 to HW filter on device team0
[  581.886715][T10259] bridge0: port 1(bridge_slave_0) entered blocking state
[  581.889048][T10259] bridge0: port 1(bridge_slave_0) entered forwarding state
[  581.898376][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  581.900655][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  582.018375][T18094] 8021q: adding VLAN 0 to HW filter on device batadv0
[  582.143987][ T6024] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  582.181821][T18094] veth0_vlan: entered promiscuous mode
[  582.186731][T18094] veth1_vlan: entered promiscuous mode
[  582.204248][T18094] veth0_macvtap: entered promiscuous mode
[  582.208354][T18094] veth1_macvtap: entered promiscuous mode
[  582.218542][T18094] batman_adv: batadv0: Interface activated: batadv_slave_0
[  582.226035][T18094] batman_adv: batadv0: Interface activated: batadv_slave_1
[  582.237043][   T61] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  582.240913][   T61] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  582.244968][   T61] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  582.248011][   T61] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  582.293937][T10259] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  582.296529][T10259] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  582.312366][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  582.315037][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  582.393106][T18155] FAULT_INJECTION: forcing a failure.
[  582.393106][T18155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  582.398042][T18155] CPU: 2 UID: 0 PID: 18155 Comm: syz.3.3907 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  582.398068][T18155] Tainted: [L]=SOFTLOCKUP
[  582.398074][T18155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  582.398084][T18155] Call Trace:
[  582.398090][T18155]  <TASK>
[  582.398097][T18155]  dump_stack_lvl+0x16c/0x1f0
[  582.398126][T18155]  should_fail_ex+0x512/0x640
[  582.398148][T18155]  _copy_from_user+0x2e/0xd0
[  582.398168][T18155]  hiddev_ioctl+0x4d3/0x15a0
[  582.398194][T18155]  ? __pfx_hiddev_ioctl+0x10/0x10
[  582.398221][T18155]  ? find_held_lock+0x2b/0x80
[  582.398258][T18155]  ? hook_file_ioctl_common+0x144/0x410
[  582.398284][T18155]  ? __fget_files+0x20e/0x3c0
[  582.398303][T18155]  ? __fput_deferred+0x480/0x480
[  582.398321][T18155]  ? __pfx_hiddev_ioctl+0x10/0x10
[  582.398343][T18155]  compat_ptr_ioctl+0x6e/0xa0
[  582.398361][T18155]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  582.398378][T18155]  __ia32_compat_sys_ioctl+0x242/0x370
[  582.398401][T18155]  __do_fast_syscall_32+0xe8/0x680
[  582.398419][T18155]  do_fast_syscall_32+0x32/0x80
[  582.398434][T18155]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  582.398453][T18155] RIP: 0023:0xf7f17579
[  582.398466][T18155] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  582.398481][T18155] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  582.398497][T18155] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000400c4808
[  582.398507][T18155] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  582.398516][T18155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  582.398524][T18155] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  582.398533][T18155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  582.398556][T18155]  </TASK>
[  582.469999][   T60] usb 8-1: USB disconnect, device number 5
[  582.598622][T11829] libceph: connect (1)[c::]:6789 error -101
[  582.601738][T11829] libceph: mon0 (1)[c::]:6789 connect error
[  582.763657][T18204] netlink: 'syz.4.3892': attribute type 1 has an invalid length.
[  582.767869][T18207] ceph: No mds server is up or the cluster is laggy
[  582.770212][ T6025] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  582.879800][ T5949] Bluetooth: hci3: command tx timeout
[  582.880495][   T60] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  583.008138][T18219] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  583.035582][   T60] usb 7-1: unable to get BOS descriptor or descriptor too short
[  583.046073][   T60] usb 7-1: no configurations
[  583.048121][   T60] usb 7-1: can't read configurations, error -22
[  583.918019][T18244] : entered promiscuous mode
[  584.222258][T18254] FAULT_INJECTION: forcing a failure.
[  584.222258][T18254] name failslab, interval 1, probability 0, space 0, times 0
[  584.227356][T18254] CPU: 3 UID: 0 PID: 18254 Comm: syz.3.3922 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  584.227381][T18254] Tainted: [L]=SOFTLOCKUP
[  584.227386][T18254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  584.227397][T18254] Call Trace:
[  584.227403][T18254]  <TASK>
[  584.227411][T18254]  dump_stack_lvl+0x16c/0x1f0
[  584.227441][T18254]  should_fail_ex+0x512/0x640
[  584.227461][T18254]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  584.227483][T18254]  should_failslab+0xc2/0x120
[  584.227509][T18254]  kmem_cache_alloc_noprof+0x83/0x770
[  584.227530][T18254]  ? skb_clone+0x190/0x3f0
[  584.227558][T18254]  ? skb_clone+0x190/0x3f0
[  584.227579][T18254]  skb_clone+0x190/0x3f0
[  584.227602][T18254]  netlink_deliver_tap+0xabd/0xd30
[  584.227632][T18254]  netlink_unicast+0x64c/0x870
[  584.227690][T18254]  ? __pfx_netlink_unicast+0x10/0x10
[  584.227724][T18254]  netlink_sendmsg+0x8c8/0xdd0
[  584.227754][T18254]  ? __pfx_netlink_sendmsg+0x10/0x10
[  584.227782][T18254]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  584.227815][T18254]  ____sys_sendmsg+0xa5d/0xc30
[  584.227835][T18254]  ? __pfx_____sys_sendmsg+0x10/0x10
[  584.227851][T18254]  ? get_compat_msghdr+0x11a/0x170
[  584.227886][T18254]  ___sys_sendmsg+0x134/0x1d0
[  584.227909][T18254]  ? __pfx____sys_sendmsg+0x10/0x10
[  584.227945][T18254]  ? find_held_lock+0x2b/0x80
[  584.227984][T18254]  __sys_sendmsg+0x16d/0x220
[  584.228007][T18254]  ? __pfx___sys_sendmsg+0x10/0x10
[  584.228039][T18254]  ? do_user_addr_fault+0x843/0x1370
[  584.228065][T18254]  __do_fast_syscall_32+0xe8/0x680
[  584.228083][T18254]  do_fast_syscall_32+0x32/0x80
[  584.228100][T18254]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  584.228120][T18254] RIP: 0023:0xf7f17579
[  584.228133][T18254] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  584.228149][T18254] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  584.228166][T18254] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  584.228177][T18254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  584.228186][T18254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  584.228195][T18254] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  584.228205][T18254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  584.228230][T18254]  </TASK>
[  584.228635][T18254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3922'.
[  584.320928][T18254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3922'.
[  584.367380][T18254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3922'.
[  584.371257][T18254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3922'.
[  584.457234][T18254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3922'.
[  584.465421][T18254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3922'.
[  584.542533][T18263] syzkaller0: entered promiscuous mode
[  584.544303][T18263] syzkaller0: entered allmulticast mode
[  584.853448][T18276] mac80211_hwsim hwsim19 syzkaller0: entered promiscuous mode
[  584.892713][T18276] mac80211_hwsim hwsim19 syzkaller0: entered allmulticast mode
[  584.950549][T18280] Bluetooth: MGMT ver 1.23
[  584.953035][ T5949] Bluetooth: hci3: command tx timeout
[  585.088888][T18285] fuse: Unknown parameter '00000000000000000000x�K�ⷞ_z�)��Ll>����E���z���&^�㴳�fG��>��>%���C^K4Q�{�������w�M�Fr���00000000000000000000000000000000000000000000000000000000000000000000000000000000000004'
[  585.669772][ T6042] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  585.818906][T18293] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  585.822445][T18293] FAULT_INJECTION: forcing a failure.
[  585.822445][T18293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  585.828235][T18293] CPU: 3 UID: 0 PID: 18293 Comm: syz.0.3931 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  585.828263][T18293] Tainted: [L]=SOFTLOCKUP
[  585.828268][T18293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  585.828279][T18293] Call Trace:
[  585.828284][T18293]  <TASK>
[  585.828291][T18293]  dump_stack_lvl+0x16c/0x1f0
[  585.828321][T18293]  should_fail_ex+0x512/0x640
[  585.828342][T18293]  _copy_to_user+0x32/0xd0
[  585.828362][T18293]  simple_read_from_buffer+0xcb/0x170
[  585.828386][T18293]  proc_fail_nth_read+0x197/0x240
[  585.828412][T18293]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  585.828438][T18293]  ? rw_verify_area+0xcf/0x6c0
[  585.828458][T18293]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  585.828483][T18293]  vfs_read+0x1e4/0xcf0
[  585.828505][T18293]  ? __pfx___mutex_lock+0x10/0x10
[  585.828523][T18293]  ? __pfx_vfs_read+0x10/0x10
[  585.828542][T18293]  ? find_held_lock+0x2b/0x80
[  585.828568][T18293]  ? __fget_files+0x20e/0x3c0
[  585.828596][T18293]  ksys_read+0x12a/0x250
[  585.828617][T18293]  ? __pfx_ksys_read+0x10/0x10
[  585.828645][T18293]  ? fput+0x70/0xf0
[  585.828663][T18293]  __do_fast_syscall_32+0xe8/0x680
[  585.828679][T18293]  do_fast_syscall_32+0x32/0x80
[  585.828692][T18293]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  585.828710][T18293] RIP: 0023:0xf7f47579
[  585.828721][T18293] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  585.828734][T18293] RSP: 002b:00000000f5436590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  585.828748][T18293] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5436620
[  585.828757][T18293] RDX: 000000000000000f RSI: 00000000f73d6ff4 RDI: 0000000000000000
[  585.828765][T18293] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  585.828772][T18293] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  585.828780][T18293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  585.828800][T18293]  </TASK>
[  585.906588][ T6042] usb 9-1: Using ep0 maxpacket: 16
[  586.006641][ T6042] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  586.017578][ T6042] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  586.021169][ T6042] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.024405][ T6042] usb 9-1: Product: syz
[  586.026030][ T6042] usb 9-1: Manufacturer: syz
[  586.027805][ T6042] usb 9-1: SerialNumber: syz
[  586.037557][ T6042] usb 9-1: config 0 descriptor??
[  586.045405][ T6042] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  586.048634][ T6042] em28xx 9-1:0.0: DVB interface 0 found: bulk
[  586.269788][T18304] syz.2.3933 uses obsolete (PF_INET,SOCK_PACKET)
[  586.273676][T18304] ip6_vti0: entered promiscuous mode
[  586.276107][T18304] ip6_vti0: entered allmulticast mode
[  586.539778][T15468] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  586.645696][ T6042] em28xx 9-1:0.0: unknown em28xx chip ID (0)
[  586.692641][T15468] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  586.699378][T15468] usb 7-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  586.703710][T15468] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.706954][T15468] usb 7-1: Product: syz
[  586.708800][T15468] usb 7-1: Manufacturer: syz
[  586.710980][T15468] usb 7-1: SerialNumber: syz
[  586.715848][T15468] usb 7-1: config 0 descriptor??
[  587.039763][ T5949] Bluetooth: hci3: command tx timeout
[  587.076542][ T6042] em28xx 9-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  587.079226][ T6042] em28xx 9-1:0.0: board has no eeprom
[  587.339724][ T6042] em28xx 9-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  587.342300][ T6042] em28xx 9-1:0.0: dvb set to bulk mode.
[  587.345968][   T10] em28xx 9-1:0.0: Binding DVB extension
[  587.351124][ T6042] usb 9-1: USB disconnect, device number 2
[  587.361218][ T6042] em28xx 9-1:0.0: Disconnecting em28xx
[  587.386674][   T10] em28xx 9-1:0.0: Registering input extension
[  587.388830][ T6042] em28xx 9-1:0.0: Closing input extension
[  587.397969][ T6042] em28xx 9-1:0.0: Freeing device
[  587.702162][T18333] FAULT_INJECTION: forcing a failure.
[  587.702162][T18333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  587.707796][T18333] CPU: 0 UID: 0 PID: 18333 Comm: syz.0.3942 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  587.707822][T18333] Tainted: [L]=SOFTLOCKUP
[  587.707828][T18333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  587.707838][T18333] Call Trace:
[  587.707845][T18333]  <TASK>
[  587.707861][T18333]  dump_stack_lvl+0x16c/0x1f0
[  587.707917][T18333]  should_fail_ex+0x512/0x640
[  587.707949][T18333]  _copy_from_user+0x2e/0xd0
[  587.707971][T18333]  get_compat_msghdr+0xa7/0x170
[  587.707996][T18333]  ? __pfx_get_compat_msghdr+0x10/0x10
[  587.708028][T18333]  ___sys_sendmsg+0x1ae/0x1d0
[  587.708053][T18333]  ? __pfx____sys_sendmsg+0x10/0x10
[  587.708087][T18333]  ? find_held_lock+0x2b/0x80
[  587.708126][T18333]  __sys_sendmsg+0x16d/0x220
[  587.708150][T18333]  ? __pfx___sys_sendmsg+0x10/0x10
[  587.708182][T18333]  ? do_user_addr_fault+0x843/0x1370
[  587.708208][T18333]  __do_fast_syscall_32+0xe8/0x680
[  587.708229][T18333]  do_fast_syscall_32+0x32/0x80
[  587.708246][T18333]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  587.708267][T18333] RIP: 0023:0xf7f47579
[  587.708282][T18333] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  587.708297][T18333] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  587.708315][T18333] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008000c2c0
[  587.708326][T18333] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  587.708337][T18333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  587.708346][T18333] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  587.708357][T18333] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  587.708380][T18333]  </TASK>
[  589.149594][T18360] FAULT_INJECTION: forcing a failure.
[  589.149594][T18360] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  589.155777][T18360] CPU: 1 UID: 0 PID: 18360 Comm: syz.4.3948 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  589.155818][T18360] Tainted: [L]=SOFTLOCKUP
[  589.155824][T18360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  589.155835][T18360] Call Trace:
[  589.155843][T18360]  <TASK>
[  589.155851][T18360]  dump_stack_lvl+0x16c/0x1f0
[  589.155883][T18360]  should_fail_ex+0x512/0x640
[  589.155907][T18360]  strncpy_from_user+0x3b/0x2e0
[  589.155926][T18360]  getname_flags.part.0+0x8f/0x550
[  589.155944][T18360]  ? rcu_is_watching+0x12/0xc0
[  589.155969][T18360]  getname_flags+0x93/0xf0
[  589.155992][T18360]  __ia32_sys_mkdirat+0x75/0xb0
[  589.156016][T18360]  __do_fast_syscall_32+0xe8/0x680
[  589.156035][T18360]  do_fast_syscall_32+0x32/0x80
[  589.156051][T18360]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  589.156072][T18360] RIP: 0023:0xf70dd579
[  589.156084][T18360] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  589.156101][T18360] RSP: 002b:00000000f548b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000128
[  589.156118][T18360] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[  589.156128][T18360] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000000
[  589.156137][T18360] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  589.156145][T18360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  589.156155][T18360] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  589.156178][T18360]  </TASK>
[  589.248383][T15468] keyspan 7-1:0.0: Keyspan 1 port adapter converter detected
[  589.251070][T15468] keyspan 7-1:0.0: found no endpoint descriptor for endpoint 82
[  589.256979][T15468] keyspan 7-1:0.0: found no endpoint descriptor for endpoint 81
[  589.261112][T15468] keyspan 7-1:0.0: found no endpoint descriptor for endpoint 1
[  589.264527][T15468] keyspan 7-1:0.0: found no endpoint descriptor for endpoint 2
[  589.275652][T15468] usb 7-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  589.283835][T15468] usb 7-1: USB disconnect, device number 5
[  589.311664][T15468] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  589.318307][T15468] keyspan 7-1:0.0: device disconnected
[  589.516916][T18368] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3951'.
[  591.023677][T18391] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  591.041112][T18387] team0 (unregistering): Port device team_slave_0 removed
[  591.081828][T18378] FAULT_INJECTION: forcing a failure.
[  591.081828][T18378] name failslab, interval 1, probability 0, space 0, times 0
[  591.085860][T18378] CPU: 3 UID: 0 PID: 18378 Comm: syz.0.3953 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  591.085891][T18378] Tainted: [L]=SOFTLOCKUP
[  591.085896][T18378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  591.085902][T18378] Call Trace:
[  591.085906][T18378]  <TASK>
[  591.085911][T18378]  dump_stack_lvl+0x16c/0x1f0
[  591.085931][T18378]  should_fail_ex+0x512/0x640
[  591.085944][T18378]  ? fs_reclaim_acquire+0xae/0x150
[  591.085962][T18378]  should_failslab+0xc2/0x120
[  591.085978][T18378]  __kmalloc_noprof+0xeb/0x910
[  591.085990][T18378]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  591.086008][T18378]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  591.086022][T18378]  tomoyo_realpath_from_path+0xc2/0x6e0
[  591.086038][T18378]  ? tomoyo_profile+0x47/0x60
[  591.086055][T18378]  tomoyo_path_number_perm+0x245/0x580
[  591.086067][T18378]  ? tomoyo_path_number_perm+0x237/0x580
[  591.086080][T18378]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  591.086106][T18378]  ? find_held_lock+0x2b/0x80
[  591.086120][T18378]  ? hook_file_ioctl_common+0x144/0x410
[  591.086136][T18378]  ? __fget_files+0x20e/0x3c0
[  591.086150][T18378]  ? __fput_deferred+0x480/0x480
[  591.086163][T18378]  security_file_ioctl_compat+0x9b/0x240
[  591.086178][T18378]  __ia32_compat_sys_ioctl+0xc3/0x370
[  591.086192][T18378]  __do_fast_syscall_32+0xe8/0x680
[  591.086205][T18378]  do_fast_syscall_32+0x32/0x80
[  591.086215][T18378]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  591.086228][T18378] RIP: 0023:0xf7f47579
[  591.086236][T18378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  591.086247][T18378] RSP: 002b:00000000f541555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  591.086257][T18378] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000000ae80
[  591.086263][T18378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  591.086269][T18378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  591.086275][T18378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  591.086281][T18378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  591.086294][T18378]  </TASK>
[  591.155574][T18387] team0 (unregistering): Port device team_slave_1 removed
[  591.279548][T18378] ERROR: Out of memory at tomoyo_realpath_from_path.
[  591.434062][T18396] FAULT_INJECTION: forcing a failure.
[  591.434062][T18396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  591.438187][T18396] CPU: 3 UID: 0 PID: 18396 Comm: syz.2.3958 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  591.438203][T18396] Tainted: [L]=SOFTLOCKUP
[  591.438207][T18396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  591.438214][T18396] Call Trace:
[  591.438218][T18396]  <TASK>
[  591.438223][T18396]  dump_stack_lvl+0x16c/0x1f0
[  591.438243][T18396]  should_fail_ex+0x512/0x640
[  591.438258][T18396]  _copy_from_iter+0x2a4/0x16c0
[  591.438272][T18396]  ? __alloc_skb+0x220/0x410
[  591.438284][T18396]  ? __alloc_skb+0x35d/0x410
[  591.438295][T18396]  ? __pfx__copy_from_iter+0x10/0x10
[  591.438307][T18396]  ? netlink_autobind.isra.0+0x158/0x370
[  591.438328][T18396]  netlink_sendmsg+0x820/0xdd0
[  591.438346][T18396]  ? __pfx_netlink_sendmsg+0x10/0x10
[  591.438363][T18396]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  591.438383][T18396]  ____sys_sendmsg+0xa5d/0xc30
[  591.438394][T18396]  ? __pfx_____sys_sendmsg+0x10/0x10
[  591.438403][T18396]  ? get_compat_msghdr+0x11a/0x170
[  591.438423][T18396]  ___sys_sendmsg+0x134/0x1d0
[  591.438438][T18396]  ? __pfx____sys_sendmsg+0x10/0x10
[  591.438457][T18396]  ? find_held_lock+0x2b/0x80
[  591.438479][T18396]  __sys_sendmsg+0x16d/0x220
[  591.438493][T18396]  ? __pfx___sys_sendmsg+0x10/0x10
[  591.438511][T18396]  ? do_user_addr_fault+0x843/0x1370
[  591.438527][T18396]  __do_fast_syscall_32+0xe8/0x680
[  591.438539][T18396]  do_fast_syscall_32+0x32/0x80
[  591.438549][T18396]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  591.438562][T18396] RIP: 0023:0xf7fe4579
[  591.438571][T18396] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  591.438581][T18396] RSP: 002b:00000000f54b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  591.438591][T18396] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  591.438597][T18396] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  591.438603][T18396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  591.438609][T18396] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  591.438615][T18396] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  591.438628][T18396]  </TASK>
[  591.700906][T18400] FAULT_INJECTION: forcing a failure.
[  591.700906][T18400] name failslab, interval 1, probability 0, space 0, times 0
[  591.709756][T18400] CPU: 2 UID: 0 PID: 18400 Comm: syz.3.3960 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  591.709793][T18400] Tainted: [L]=SOFTLOCKUP
[  591.709797][T18400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  591.709804][T18400] Call Trace:
[  591.709808][T18400]  <TASK>
[  591.709813][T18400]  dump_stack_lvl+0x16c/0x1f0
[  591.709841][T18400]  should_fail_ex+0x512/0x640
[  591.709859][T18400]  ? kmem_cache_alloc_noprof+0x62/0x770
[  591.709880][T18400]  should_failslab+0xc2/0x120
[  591.709904][T18400]  kmem_cache_alloc_noprof+0x83/0x770
[  591.709919][T18400]  ? getname_flags.part.0+0x4c/0x550
[  591.709934][T18400]  ? getname_flags.part.0+0x4c/0x550
[  591.709950][T18400]  getname_flags.part.0+0x4c/0x550
[  591.709966][T18400]  ? _copy_from_user+0x93/0xd0
[  591.709984][T18400]  getname_flags+0x93/0xf0
[  591.710004][T18400]  user_path_at+0x24/0x60
[  591.710022][T18400]  __ia32_sys_mount+0x1fa/0x310
[  591.710036][T18400]  ? __pfx___ia32_sys_mount+0x10/0x10
[  591.710053][T18400]  ? do_user_addr_fault+0x843/0x1370
[  591.710076][T18400]  __do_fast_syscall_32+0xe8/0x680
[  591.710094][T18400]  do_fast_syscall_32+0x32/0x80
[  591.710109][T18400]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  591.710124][T18400] RIP: 0023:0xf7f17579
[  591.710136][T18400] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  591.710151][T18400] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  591.710167][T18400] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[  591.710177][T18400] RDX: 0000000080004500 RSI: 0000000000000000 RDI: 0000000080000100
[  591.710186][T18400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  591.710195][T18400] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  591.710204][T18400] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  591.710220][T18400]  </TASK>
[  591.715638][T18402] program syz.0.3961 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  591.724796][T18398] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  591.929187][T18413] 9p: Bad value for 'wfdno'
[  591.931112][T18413] capability: warning: `syz.0.3963' uses 32-bit capabilities (legacy support in use)
[  594.590765][   T10] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  594.739703][   T10] usb 7-1: Using ep0 maxpacket: 32
[  594.743220][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 41, changing to 9
[  594.746605][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid maxpacket 1246, setting to 1024
[  594.750144][   T10] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  594.753892][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 79, changing to 10
[  594.757620][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 34258, setting to 1024
[  594.759237][T18483] FAULT_INJECTION: forcing a failure.
[  594.759237][T18483] name failslab, interval 1, probability 0, space 0, times 0
[  594.764922][   T10] usb 7-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  594.765781][T18483] CPU: 2 UID: 0 PID: 18483 Comm: syz.4.3978 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  594.765798][T18483] Tainted: [L]=SOFTLOCKUP
[  594.765802][T18483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  594.765808][T18483] Call Trace:
[  594.765812][T18483]  <TASK>
[  594.765816][T18483]  dump_stack_lvl+0x16c/0x1f0
[  594.765843][T18483]  should_fail_ex+0x512/0x640
[  594.765855][T18483]  ? fs_reclaim_acquire+0xae/0x150
[  594.765874][T18483]  should_failslab+0xc2/0x120
[  594.765890][T18483]  __kmalloc_noprof+0xeb/0x910
[  594.765902][T18483]  ? tomoyo_encode2+0x100/0x3e0
[  594.765919][T18483]  ? tomoyo_encode2+0x100/0x3e0
[  594.765932][T18483]  tomoyo_encode2+0x100/0x3e0
[  594.765948][T18483]  tomoyo_encode+0x29/0x50
[  594.765961][T18483]  tomoyo_realpath_from_path+0x18f/0x6e0
[  594.765979][T18483]  tomoyo_check_open_permission+0x2ab/0x3c0
[  594.765992][T18483]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  594.766018][T18483]  ? do_raw_spin_lock+0x12c/0x2b0
[  594.766033][T18483]  tomoyo_file_open+0x6b/0x90
[  594.766051][T18483]  security_file_open+0x84/0x1e0
[  594.766065][T18483]  do_dentry_open+0x597/0x1590
[  594.766082][T18483]  ? security_inode_permission+0xbf/0x260
[  594.766097][T18483]  vfs_open+0x82/0x3f0
[  594.766110][T18483]  path_openat+0x2078/0x3140
[  594.766130][T18483]  ? __pfx_path_openat+0x10/0x10
[  594.766148][T18483]  ? __lock_acquire+0x436/0x2890
[  594.766159][T18483]  do_filp_open+0x20b/0x470
[  594.766175][T18483]  ? __pfx_do_filp_open+0x10/0x10
[  594.766200][T18483]  ? _raw_spin_unlock+0x28/0x50
[  594.766214][T18483]  ? alloc_fd+0x471/0x7d0
[  594.766233][T18483]  do_sys_openat2+0x121/0x290
[  594.766245][T18483]  ? __pfx_do_sys_openat2+0x10/0x10
[  594.766258][T18483]  ? __fget_files+0x20e/0x3c0
[  594.766275][T18483]  __ia32_compat_sys_openat+0x16d/0x210
[  594.766289][T18483]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  594.766301][T18483]  ? ksys_write+0x1ac/0x250
[  594.766316][T18483]  ? do_user_addr_fault+0x843/0x1370
[  594.766332][T18483]  __do_fast_syscall_32+0xe8/0x680
[  594.766344][T18483]  do_fast_syscall_32+0x32/0x80
[  594.766354][T18483]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  594.766367][T18483] RIP: 0023:0xf70dd579
[  594.766377][T18483] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  594.766387][T18483] RSP: 002b:00000000f54cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  594.766397][T18483] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040
[  594.766403][T18483] RDX: 0000000000080000 RSI: 0000000000000000 RDI: 0000000000000000
[  594.766409][T18483] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  594.766415][T18483] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  594.766421][T18483] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  594.766435][T18483]  </TASK>
[  594.766446][T18483] ERROR: Out of memory at tomoyo_realpath_from_path.
[  594.768605][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.772231][T18481] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  594.866901][T18481] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  594.870291][   T10] usb 7-1: Product: syz
[  594.871764][   T10] usb 7-1: Manufacturer: syz
[  594.873250][   T10] usb 7-1: SerialNumber: syz
[  594.880382][   T10] usb 7-1: config 0 descriptor??
[  594.882771][T18481] vhci_hcd vhci_hcd.0: Device attached
[  594.897518][T18472] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  594.905342][T18472] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  594.911428][   T10] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input7
[  594.991665][T18474] tmpfs: Unknown parameter 'pu��o'
[  595.159864][ T1470] usb 44-1: SetAddress Request (98) to port 0
[  595.162598][ T1470] usb 44-1: new SuperSpeed USB device number 98 using vhci_hcd
[  595.186252][ T5995] usb 7-1: USB disconnect, device number 6
[  595.188190][    C2] xpad 7-1:0.0: xpad_irq_out - usb_submit_urb failed with result -19
[  595.257913][T18484] vhci_hcd: connection reset by peer
[  595.260420][T14698] vhci_hcd vhci_hcd.3: stop threads
[  595.262092][T14698] vhci_hcd vhci_hcd.3: release socket
[  595.268011][T14698] vhci_hcd vhci_hcd.3: disconnect device
[  595.647670][T18510] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  595.650318][T18510] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  595.659821][T18510] vhci_hcd vhci_hcd.0: Device attached
[  595.742753][T18516] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  595.858887][T18512] vhci_hcd: connection closed
[  595.880185][ T1142] vhci_hcd vhci_hcd.4: stop threads
[  595.890695][ T1142] vhci_hcd vhci_hcd.4: release socket
[  595.892482][ T1142] vhci_hcd vhci_hcd.4: disconnect device
[  596.176481][T18529] FAULT_INJECTION: forcing a failure.
[  596.176481][T18529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  596.182758][T18529] CPU: 1 UID: 0 PID: 18529 Comm: syz.3.3990 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  596.182785][T18529] Tainted: [L]=SOFTLOCKUP
[  596.182808][T18529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  596.182819][T18529] Call Trace:
[  596.182825][T18529]  <TASK>
[  596.182833][T18529]  dump_stack_lvl+0x16c/0x1f0
[  596.182864][T18529]  should_fail_ex+0x512/0x640
[  596.182889][T18529]  _copy_to_user+0x32/0xd0
[  596.182910][T18529]  simple_read_from_buffer+0xcb/0x170
[  596.182937][T18529]  proc_fail_nth_read+0x197/0x240
[  596.182967][T18529]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  596.182993][T18529]  ? rw_verify_area+0xcf/0x6c0
[  596.183015][T18529]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  596.183040][T18529]  vfs_read+0x1e4/0xcf0
[  596.183065][T18529]  ? __pfx___mutex_lock+0x10/0x10
[  596.183085][T18529]  ? __pfx_vfs_read+0x10/0x10
[  596.183105][T18529]  ? find_held_lock+0x2b/0x80
[  596.183135][T18529]  ? __fget_files+0x20e/0x3c0
[  596.183167][T18529]  ksys_read+0x12a/0x250
[  596.183189][T18529]  ? __pfx_ksys_read+0x10/0x10
[  596.183213][T18529]  ? fput+0x70/0xf0
[  596.183235][T18529]  __do_fast_syscall_32+0xe8/0x680
[  596.183255][T18529]  do_fast_syscall_32+0x32/0x80
[  596.183272][T18529]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  596.183292][T18529] RIP: 0023:0xf7f17579
[  596.183306][T18529] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  596.183322][T18529] RSP: 002b:00000000f5406590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  596.183340][T18529] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5406620
[  596.183351][T18529] RDX: 000000000000000f RSI: 00000000f73a6ff4 RDI: 0000000000000000
[  596.183361][T18529] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  596.183371][T18529] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  596.183381][T18529] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  596.183405][T18529]  </TASK>
[  596.650252][   T29] usb 9-1: new low-speed USB device number 3 using dummy_hcd
[  596.851166][   T29] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  596.853731][   T29] usb 9-1: config 0 has no interface number 0
[  596.855707][   T29] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  596.881827][   T29] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  596.885159][   T29] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  596.888762][   T29] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  596.893237][   T29] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  596.896707][   T29] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  596.902864][   T29] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  596.905707][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  596.913449][   T29] usb 9-1: config 0 descriptor??
[  596.940978][T18528] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  596.943325][T18528] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  596.967636][   T29] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  597.016960][T18547] netlink: 'syz.2.3997': attribute type 3 has an invalid length.
[  597.170561][T18528] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  597.172767][T18528] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  597.309749][T18528] vhci_hcd vhci_hcd.0: Device attached
[  597.394298][T18556] comedi comedi3: bad chanlist[0]=0x00000008 chan=8 range length=1
[  597.579775][   T60] usb 46-1: SetAddress Request (3) to port 0
[  597.581850][   T60] usb 46-1: new SuperSpeed USB device number 3 using vhci_hcd
[  597.872208][T18550] vhci_hcd: connection reset by peer
[  597.874006][T13152] vhci_hcd vhci_hcd.4: stop threads
[  597.875620][T13152] vhci_hcd vhci_hcd.4: release socket
[  597.877364][T13152] vhci_hcd vhci_hcd.4: disconnect device
[  597.878625][   T29] usb 9-1: USB disconnect, device number 3
[  597.912771][   T29] ldusb 9-1:0.55: LD USB Device #0 now disconnected
[  598.461231][T18537] Set syz1 is full, maxelem 65536 reached
[  598.526947][T18583] FAULT_INJECTION: forcing a failure.
[  598.526947][T18583] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  598.533338][T18583] CPU: 3 UID: 0 PID: 18583 Comm: syz.3.4011 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  598.533356][T18583] Tainted: [L]=SOFTLOCKUP
[  598.533359][T18583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  598.533365][T18583] Call Trace:
[  598.533370][T18583]  <TASK>
[  598.533374][T18583]  dump_stack_lvl+0x16c/0x1f0
[  598.533395][T18583]  should_fail_ex+0x512/0x640
[  598.533410][T18583]  _copy_to_user+0x32/0xd0
[  598.533423][T18583]  simple_read_from_buffer+0xcb/0x170
[  598.533440][T18583]  proc_fail_nth_read+0x197/0x240
[  598.533458][T18583]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  598.533475][T18583]  ? rw_verify_area+0xcf/0x6c0
[  598.533489][T18583]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  598.533506][T18583]  vfs_read+0x1e4/0xcf0
[  598.533526][T18583]  ? __pfx___mutex_lock+0x10/0x10
[  598.533538][T18583]  ? __pfx_vfs_read+0x10/0x10
[  598.533551][T18583]  ? find_held_lock+0x2b/0x80
[  598.533568][T18583]  ? __fget_files+0x20e/0x3c0
[  598.533587][T18583]  ksys_read+0x12a/0x250
[  598.533601][T18583]  ? __pfx_ksys_read+0x10/0x10
[  598.533616][T18583]  ? do_user_addr_fault+0x843/0x1370
[  598.533632][T18583]  __do_fast_syscall_32+0xe8/0x680
[  598.533643][T18583]  do_fast_syscall_32+0x32/0x80
[  598.533654][T18583]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  598.533667][T18583] RIP: 0023:0xf7f17579
[  598.533675][T18583] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  598.533685][T18583] RSP: 002b:00000000f5406590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  598.533696][T18583] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5406620
[  598.533702][T18583] RDX: 000000000000000f RSI: 00000000f73a6ff4 RDI: 0000000000000000
[  598.533708][T18583] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  598.533714][T18583] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  598.533720][T18583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  598.533733][T18583]  </TASK>
[  598.604540][T18586] netlink: 'syz.2.4009': attribute type 30 has an invalid length.
[  598.663033][T18584] netlink: 'syz.2.4009': attribute type 30 has an invalid length.
[  598.929324][ T5949] Bluetooth: hci0: unexpected event for opcode 0x0000
[  598.971421][T18600] netlink: 'syz.0.4014': attribute type 5 has an invalid length.
[  599.183060][T18614] netlink: 'syz.2.4016': attribute type 4 has an invalid length.
[  600.008808][T18625] netlink: 'syz.0.4022': attribute type 1 has an invalid length.
[  600.045385][T18625] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  600.050274][T18625] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4022'.
[  600.055403][T18625] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  600.063793][T18625] bond1 (unregistering): Released all slaves
[  600.199046][T18635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4025'.
[  600.203237][T18635] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.4025'.
[  600.229981][ T1470] usb 44-1: device descriptor read/8, error -110
[  600.259282][T18639] ptrace attach of "/syz-executor exec"[12508] was attempted by "/syz-executor exec"[18639]
[  600.531886][T18657] FAULT_INJECTION: forcing a failure.
[  600.531886][T18657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  600.536402][T18657] CPU: 3 UID: 0 PID: 18657 Comm: syz.3.4033 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  600.536419][T18657] Tainted: [L]=SOFTLOCKUP
[  600.536423][T18657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  600.536430][T18657] Call Trace:
[  600.536434][T18657]  <TASK>
[  600.536439][T18657]  dump_stack_lvl+0x16c/0x1f0
[  600.536460][T18657]  should_fail_ex+0x512/0x640
[  600.536475][T18657]  _copy_from_iter+0x2a4/0x16c0
[  600.536489][T18657]  ? __alloc_skb+0x220/0x410
[  600.536501][T18657]  ? __alloc_skb+0x35d/0x410
[  600.536513][T18657]  ? __pfx__copy_from_iter+0x10/0x10
[  600.536524][T18657]  ? unwind_get_return_address+0x59/0xa0
[  600.536540][T18657]  ? __pfx___might_resched+0x10/0x10
[  600.536558][T18657]  netlink_sendmsg+0x820/0xdd0
[  600.536577][T18657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  600.536594][T18657]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  600.536614][T18657]  ____sys_sendmsg+0xa5d/0xc30
[  600.536626][T18657]  ? __pfx_____sys_sendmsg+0x10/0x10
[  600.536635][T18657]  ? get_compat_msghdr+0x11a/0x170
[  600.536655][T18657]  ___sys_sendmsg+0x134/0x1d0
[  600.536670][T18657]  ? __pfx____sys_sendmsg+0x10/0x10
[  600.536689][T18657]  ? find_held_lock+0x2b/0x80
[  600.536712][T18657]  __sys_sendmsg+0x16d/0x220
[  600.536727][T18657]  ? __pfx___sys_sendmsg+0x10/0x10
[  600.536748][T18657]  __do_fast_syscall_32+0xe8/0x680
[  600.536760][T18657]  do_fast_syscall_32+0x32/0x80
[  600.536770][T18657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  600.536784][T18657] RIP: 0023:0xf7f17579
[  600.536793][T18657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  600.536803][T18657] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  600.536817][T18657] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040
[  600.536823][T18657] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  600.536830][T18657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  600.536836][T18657] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  600.536842][T18657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  600.536855][T18657]  </TASK>
[  600.640254][ T1470] usb usb44-port1: attempt power cycle
[  600.663614][T18659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4034'.
[  601.123392][T18691] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  601.171171][T18690] tipc: Disabling bearer <eth:syzkaller0>
[  601.210698][ T1470] usb usb44-port1: unable to enumerate USB device
[  601.398243][T18697] FAULT_INJECTION: forcing a failure.
[  601.398243][T18697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  601.402995][T18697] CPU: 2 UID: 0 PID: 18697 Comm: syz.2.4045 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  601.403013][T18697] Tainted: [L]=SOFTLOCKUP
[  601.403017][T18697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  601.403023][T18697] Call Trace:
[  601.403028][T18697]  <TASK>
[  601.403032][T18697]  dump_stack_lvl+0x16c/0x1f0
[  601.403053][T18697]  should_fail_ex+0x512/0x640
[  601.403068][T18697]  _copy_from_user+0x2e/0xd0
[  601.403080][T18697]  kstrtouint_from_user+0xd6/0x1d0
[  601.403096][T18697]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  601.403110][T18697]  ? __lock_acquire+0x436/0x2890
[  601.403126][T18697]  proc_fail_nth_write+0x83/0x220
[  601.403138][T18697]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  601.403152][T18697]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  601.403161][T18697]  vfs_write+0x2a0/0x11d0
[  601.403178][T18697]  ? __pfx___mutex_lock+0x10/0x10
[  601.403190][T18697]  ? __pfx_vfs_write+0x10/0x10
[  601.403203][T18697]  ? find_held_lock+0x2b/0x80
[  601.403220][T18697]  ? __fget_files+0x20e/0x3c0
[  601.403239][T18697]  ksys_write+0x12a/0x250
[  601.403267][T18697]  ? __pfx_ksys_write+0x10/0x10
[  601.403283][T18697]  ? do_user_addr_fault+0x843/0x1370
[  601.403299][T18697]  __do_fast_syscall_32+0xe8/0x680
[  601.403311][T18697]  do_fast_syscall_32+0x32/0x80
[  601.403321][T18697]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  601.403335][T18697] RIP: 0023:0xf7fe4579
[  601.403344][T18697] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  601.403354][T18697] RSP: 002b:00000000f54d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  601.403365][T18697] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f54d6620
[  601.403371][T18697] RDX: 0000000000000001 RSI: 00000000f7476ff4 RDI: 0000000000000000
[  601.403377][T18697] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  601.403383][T18697] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  601.403389][T18697] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  601.403403][T18697]  </TASK>
[  601.403719][T18702] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  601.486143][T18702] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  601.513609][T18702] vhci_hcd vhci_hcd.0: Device attached
[  601.553894][T18711] netlink: 14 bytes leftover after parsing attributes in process `syz.4.4047'.
[  601.809816][ T5995] usb 38-1: SetAddress Request (95) to port 0
[  601.812221][ T5995] usb 38-1: new SuperSpeed USB device number 95 using vhci_hcd
[  601.872565][T18722] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  601.874673][T18722] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  601.882625][T18722] vhci_hcd vhci_hcd.0: Device attached
[  601.905062][T18722] netlink: 52 bytes leftover after parsing attributes in process `syz.4.4048'.
[  601.972940][T18704] vhci_hcd: connection reset by peer
[  601.975623][   T12] vhci_hcd vhci_hcd.0: stop threads
[  601.978059][   T12] vhci_hcd vhci_hcd.0: release socket
[  601.980610][   T12] vhci_hcd vhci_hcd.0: disconnect device
[  602.422349][T18723] vhci_hcd: connection closed
[  602.422816][   T61] vhci_hcd vhci_hcd.4: stop threads
[  602.427340][   T61] vhci_hcd vhci_hcd.4: release socket
[  602.432572][   T61] vhci_hcd vhci_hcd.4: disconnect device
[  602.630048][   T60] usb 46-1: device descriptor read/8, error -110
[  602.710027][ T5949] Bluetooth: hci3: command tx timeout
[  602.965451][ T5949] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  602.968420][ T5949] Bluetooth: hci0: Injecting HCI hardware error event
[  602.974050][ T5946] Bluetooth: hci0: hardware error 0x00
[  603.040404][   T60] usb usb46-port1: attempt power cycle
[  603.216160][T18755] FAULT_INJECTION: forcing a failure.
[  603.216160][T18755] name failslab, interval 1, probability 0, space 0, times 0
[  603.220411][T18755] CPU: 3 UID: 0 PID: 18755 Comm: syz.4.4062 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  603.220440][T18755] Tainted: [L]=SOFTLOCKUP
[  603.220444][T18755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  603.220450][T18755] Call Trace:
[  603.220455][T18755]  <TASK>
[  603.220459][T18755]  dump_stack_lvl+0x16c/0x1f0
[  603.220479][T18755]  should_fail_ex+0x512/0x640
[  603.220491][T18755]  ? fs_reclaim_acquire+0xae/0x150
[  603.220509][T18755]  should_failslab+0xc2/0x120
[  603.220525][T18755]  __kmalloc_noprof+0xeb/0x910
[  603.220537][T18755]  ? tomoyo_encode2+0x100/0x3e0
[  603.220553][T18755]  ? tomoyo_encode2+0x100/0x3e0
[  603.220566][T18755]  tomoyo_encode2+0x100/0x3e0
[  603.220582][T18755]  tomoyo_encode+0x29/0x50
[  603.220596][T18755]  tomoyo_realpath_from_path+0x18f/0x6e0
[  603.220612][T18755]  ? tomoyo_profile+0x47/0x60
[  603.220629][T18755]  tomoyo_path_number_perm+0x245/0x580
[  603.220640][T18755]  ? tomoyo_path_number_perm+0x237/0x580
[  603.220653][T18755]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  603.220670][T18755]  ? __pfx___schedule+0x10/0x10
[  603.220697][T18755]  ? from_kgid+0x8f/0xd0
[  603.220713][T18755]  ? __pfx_from_kgid+0x10/0x10
[  603.220731][T18755]  tomoyo_path_chown+0x14b/0x1b0
[  603.220751][T18755]  ? __pfx_tomoyo_path_chown+0x10/0x10
[  603.220769][T18755]  ? from_vfsuid+0xea/0x140
[  603.220781][T18755]  ? __pfx_from_vfsuid+0x10/0x10
[  603.220795][T18755]  security_path_chown+0x12a/0x2e0
[  603.220807][T18755]  chown_common+0x3d3/0x680
[  603.220821][T18755]  ? __pfx_chown_common+0x10/0x10
[  603.220836][T18755]  ? mnt_get_write_access+0x26c/0x2f0
[  603.220851][T18755]  do_fchownat+0x1a7/0x200
[  603.220862][T18755]  ? __pfx_do_fchownat+0x10/0x10
[  603.220877][T18755]  __ia32_sys_fchownat+0xba/0x150
[  603.220887][T18755]  ? lockdep_hardirqs_on+0x7c/0x110
[  603.220904][T18755]  __do_fast_syscall_32+0xe8/0x680
[  603.220916][T18755]  do_fast_syscall_32+0x32/0x80
[  603.220926][T18755]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  603.220939][T18755] RIP: 0023:0xf70dd579
[  603.220948][T18755] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  603.220958][T18755] RSP: 002b:00000000f54ac55c EFLAGS: 00000296 ORIG_RAX: 000000000000012a
[  603.220968][T18755] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000100
[  603.220975][T18755] RDX: 000000000000ee01 RSI: 000000000000ee01 RDI: 0000000000001000
[  603.220981][T18755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  603.220987][T18755] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  603.220992][T18755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  603.221006][T18755]  </TASK>
[  603.221031][T18755] ERROR: Out of memory at tomoyo_realpath_from_path.
[  603.601325][   T60] usb usb46-port1: unable to enumerate USB device
[  603.931753][   T40] audit: type=1326 audit(1768358070.638:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18760 comm="syz.3.4065" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f17579 code=0x0
[  603.982750][   T40] audit: type=1326 audit(1768358070.688:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18760 comm="syz.3.4065" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f17579 code=0x0
[  604.028699][T18762] FAULT_INJECTION: forcing a failure.
[  604.028699][T18762] name failslab, interval 1, probability 0, space 0, times 0
[  604.032809][T18762] CPU: 0 UID: 0 PID: 18762 Comm: syz.0.4063 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  604.032837][T18762] Tainted: [L]=SOFTLOCKUP
[  604.032841][T18762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  604.032847][T18762] Call Trace:
[  604.032851][T18762]  <TASK>
[  604.032855][T18762]  dump_stack_lvl+0x16c/0x1f0
[  604.032875][T18762]  should_fail_ex+0x512/0x640
[  604.032888][T18762]  ? __kvmalloc_node_noprof+0x129/0xa40
[  604.032903][T18762]  should_failslab+0xc2/0x120
[  604.032920][T18762]  __kvmalloc_node_noprof+0x14a/0xa40
[  604.032935][T18762]  ? io_alloc_cache_init+0x38/0x170
[  604.032949][T18762]  ? io_alloc_cache_init+0x38/0x170
[  604.032957][T18762]  io_alloc_cache_init+0x38/0x170
[  604.032968][T18762]  io_uring_setup+0x592/0x1f80
[  604.032983][T18762]  ? __pfx_io_uring_setup+0x10/0x10
[  604.032998][T18762]  ? __mutex_unlock_slowpath+0x161/0x790
[  604.033010][T18762]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  604.033026][T18762]  ? fput+0x70/0xf0
[  604.033036][T18762]  ? ksys_write+0x1ac/0x250
[  604.033051][T18762]  ? __pfx_ksys_write+0x10/0x10
[  604.033068][T18762]  __ia32_sys_io_uring_setup+0xc2/0x170
[  604.033083][T18762]  __do_fast_syscall_32+0xe8/0x680
[  604.033094][T18762]  do_fast_syscall_32+0x32/0x80
[  604.033104][T18762]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  604.033117][T18762] RIP: 0023:0xf7f47579
[  604.033126][T18762] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  604.033137][T18762] RSP: 002b:00000000f541550c EFLAGS: 00000206 ORIG_RAX: 00000000000001a9
[  604.033147][T18762] RAX: ffffffffffffffda RBX: 000000000000641a RCX: 0000000080000300
[  604.033153][T18762] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  604.033160][T18762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  604.033166][T18762] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  604.033171][T18762] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  604.033184][T18762]  </TASK>
[  604.411186][ T5949] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  604.418782][ T5949] Bluetooth: hci3: Injecting HCI hardware error event
[  604.433772][ T5949] Bluetooth: hci3: hardware error 0x00
[  605.043833][ T5946] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  605.628607][T18784] tmpfs: Unknown parameter ''
[  606.744250][T18786] afs: Unknown parameter 'dyn000000000000000000'
[  606.869762][ T5995] usb 38-1: device descriptor read/8, error -110
[  607.034033][ T5949] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  607.088477][T18810] bridge0: port 2(bridge_slave_1) entered disabled state
[  607.090939][T18810] bridge0: port 1(bridge_slave_0) entered disabled state
[  607.131414][T18810] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  607.141712][T18810] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  607.260353][ T5995] usb usb38-port1: attempt power cycle
[  607.285819][ T6025] lo speed is unknown, defaulting to 1000
[  607.287826][   T61] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  607.291146][ T6025] syz0: Port: 1 Link DOWN
[  607.292874][   T61] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  607.295785][   T61] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  607.298585][   T61] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  607.380727][T18817] nbd0: detected capacity change from 0 to 8589934655
[  607.819297][ T5949] block nbd0: Receive control failed (result -104)
[  607.890880][ T5995] usb usb38-port1: unable to enumerate USB device
[  609.943367][T18854] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  609.946793][T18854] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  610.106813][T18867] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  610.117379][T18867] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4089'.
[  610.225002][T18871] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  610.286710][T18871] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  610.293938][T18871] kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  610.294006][T18874] FAULT_INJECTION: forcing a failure.
[  610.294006][T18874] name failslab, interval 1, probability 0, space 0, times 0
[  610.294106][T18874] CPU: 0 UID: 0 PID: 18874 Comm: syz.0.4091 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  610.294122][T18874] Tainted: [L]=SOFTLOCKUP
[  610.294125][T18874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  610.294131][T18874] Call Trace:
[  610.294135][T18874]  <TASK>
[  610.294139][T18874]  dump_stack_lvl+0x16c/0x1f0
[  610.294160][T18874]  should_fail_ex+0x512/0x640
[  610.294173][T18874]  ? fs_reclaim_acquire+0xae/0x150
[  610.294191][T18874]  should_failslab+0xc2/0x120
[  610.294207][T18874]  __kmalloc_noprof+0xeb/0x910
[  610.294219][T18874]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  610.294236][T18874]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  610.294250][T18874]  tomoyo_realpath_from_path+0xc2/0x6e0
[  610.294265][T18874]  ? tomoyo_profile+0x47/0x60
[  610.294282][T18874]  tomoyo_path_number_perm+0x245/0x580
[  610.294294][T18874]  ? tomoyo_path_number_perm+0x237/0x580
[  610.294307][T18874]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  610.294333][T18874]  ? find_held_lock+0x2b/0x80
[  610.294346][T18874]  ? hook_file_ioctl_common+0x144/0x410
[  610.294362][T18874]  ? __fget_files+0x20e/0x3c0
[  610.294376][T18874]  ? __fput_deferred+0x480/0x480
[  610.294390][T18874]  security_file_ioctl_compat+0x9b/0x240
[  610.294404][T18874]  __ia32_compat_sys_ioctl+0xc3/0x370
[  610.294419][T18874]  __do_fast_syscall_32+0xe8/0x680
[  610.294431][T18874]  do_fast_syscall_32+0x32/0x80
[  610.294441][T18874]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  610.294455][T18874] RIP: 0023:0xf7f47579
[  610.294464][T18874] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  610.294474][T18874] RSP: 002b:00000000f53f455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  610.294484][T18874] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000004070aea0
[  610.294491][T18874] RDX: 0000000080002400 RSI: 0000000000000000 RDI: 0000000000000000
[  610.294497][T18874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  610.294503][T18874] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  610.294509][T18874] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  610.294522][T18874]  </TASK>
[  610.294526][T18874] ERROR: Out of memory at tomoyo_realpath_from_path.
[  610.297959][T18871] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  610.381912][   T10] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  610.611767][   T10] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  610.615306][   T10] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  610.619518][   T10] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  610.623281][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.735814][T18879] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  610.743251][T18879] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4093'.
[  610.750251][T18879] FAULT_INJECTION: forcing a failure.
[  610.750251][T18879] name failslab, interval 1, probability 0, space 0, times 0
[  610.755235][T18879] CPU: 1 UID: 0 PID: 18879 Comm: syz.0.4093 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  610.755276][T18879] Tainted: [L]=SOFTLOCKUP
[  610.755283][T18879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  610.755292][T18879] Call Trace:
[  610.755300][T18879]  <TASK>
[  610.755307][T18879]  dump_stack_lvl+0x16c/0x1f0
[  610.755338][T18879]  should_fail_ex+0x512/0x640
[  610.755357][T18879]  ? fs_reclaim_acquire+0xae/0x150
[  610.755385][T18879]  should_failslab+0xc2/0x120
[  610.755409][T18879]  __kmalloc_noprof+0xeb/0x910
[  610.755454][T18879]  ? tomoyo_encode2+0x100/0x3e0
[  610.755480][T18879]  ? tomoyo_encode2+0x100/0x3e0
[  610.755500][T18879]  tomoyo_encode2+0x100/0x3e0
[  610.755522][T18879]  tomoyo_encode+0x29/0x50
[  610.755539][T18879]  tomoyo_realpath_from_path+0x18f/0x6e0
[  610.755557][T18879]  tomoyo_check_open_permission+0x2ab/0x3c0
[  610.755571][T18879]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  610.755597][T18879]  ? do_raw_spin_lock+0x12c/0x2b0
[  610.755614][T18879]  tomoyo_file_open+0x6b/0x90
[  610.755631][T18879]  security_file_open+0x84/0x1e0
[  610.755645][T18879]  do_dentry_open+0x597/0x1590
[  610.755662][T18879]  ? security_inode_permission+0xbf/0x260
[  610.755678][T18879]  vfs_open+0x82/0x3f0
[  610.755692][T18879]  path_openat+0x2078/0x3140
[  610.755712][T18879]  ? __pfx_path_openat+0x10/0x10
[  610.755729][T18879]  ? __pfx___schedule+0x10/0x10
[  610.755744][T18879]  ? __lock_acquire+0x436/0x2890
[  610.755755][T18879]  do_filp_open+0x20b/0x470
[  610.755771][T18879]  ? __pfx_do_filp_open+0x10/0x10
[  610.755785][T18879]  ? irqentry_exit+0x1dd/0x8c0
[  610.755794][T18879]  ? rcu_is_watching+0x12/0xc0
[  610.755817][T18879]  ? _raw_spin_unlock+0x28/0x50
[  610.755831][T18879]  ? alloc_fd+0x471/0x7d0
[  610.755850][T18879]  do_sys_openat2+0x121/0x290
[  610.755862][T18879]  ? __pfx_do_sys_openat2+0x10/0x10
[  610.755875][T18879]  ? __fget_files+0x20e/0x3c0
[  610.755892][T18879]  __ia32_compat_sys_openat+0x16d/0x210
[  610.755905][T18879]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  610.755922][T18879]  ? ksys_write+0x1ac/0x250
[  610.755941][T18879]  ? do_user_addr_fault+0x843/0x1370
[  610.755957][T18879]  __do_fast_syscall_32+0xe8/0x680
[  610.755969][T18879]  do_fast_syscall_32+0x32/0x80
[  610.755979][T18879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  610.755993][T18879] RIP: 0023:0xf7f47579
[  610.756001][T18879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  610.756012][T18879] RSP: 002b:00000000f53f455c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  610.756022][T18879] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[  610.756029][T18879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  610.756035][T18879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  610.756041][T18879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  610.756046][T18879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  610.756060][T18879]  </TASK>
[  610.756123][T18879] ERROR: Out of memory at tomoyo_realpath_from_path.
[  610.870614][   T10] usb 9-1: usb_control_msg returned -32
[  610.872431][   T10] usbtmc 9-1:16.0: can't read capabilities
[  611.189736][ T5949] Bluetooth: hci2: command 0x040f tx timeout
[  611.215431][T18890] usbtmc 9-1:16.0: usb_control_msg returned -32
[  611.300932][T18890] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  611.305264][T18890] block device autoloading is deprecated and will be removed.
[  611.316134][   T10] usb 9-1: USB disconnect, device number 4
[  611.633973][T18895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4098'.
[  611.999817][ T5949] Bluetooth: hci1: command 0x0c1a tx timeout
[  612.019972][   T60] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  612.179740][   T60] usb 5-1: Using ep0 maxpacket: 16
[  612.189946][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  612.193574][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  612.197774][   T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  612.202669][   T60] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  612.205842][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.214734][   T60] usb 5-1: config 0 descriptor??
[  612.645919][T18896] random: crng reseeded on system resumption
[  612.665071][   T60] input: HID 0955:7214 Haptics as /devices/virtual/input/input8
[  612.685656][   T60] shield 0003:0955:7214.0004: Registered Thunderstrike controller
[  612.688372][   T60] shield 0003:0955:7214.0004: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0
[  612.870105][ T5995] usb 5-1: USB disconnect, device number 4
[  612.872105][ T6025] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  612.880949][ T6025] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  612.884435][ T6025] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  612.893930][ T6025] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  613.026518][T18914] FAULT_INJECTION: forcing a failure.
[  613.026518][T18914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  613.031109][T18914] CPU: 1 UID: 0 PID: 18914 Comm: syz.0.4103 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  613.031137][T18914] Tainted: [L]=SOFTLOCKUP
[  613.031141][T18914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  613.031147][T18914] Call Trace:
[  613.031152][T18914]  <TASK>
[  613.031157][T18914]  dump_stack_lvl+0x16c/0x1f0
[  613.031177][T18914]  should_fail_ex+0x512/0x640
[  613.031191][T18914]  _copy_to_user+0x32/0xd0
[  613.031204][T18914]  simple_read_from_buffer+0xcb/0x170
[  613.031221][T18914]  proc_fail_nth_read+0x197/0x240
[  613.031248][T18914]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  613.031269][T18914]  ? rw_verify_area+0xcf/0x6c0
[  613.031288][T18914]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  613.031308][T18914]  vfs_read+0x1e4/0xcf0
[  613.031330][T18914]  ? __pfx___mutex_lock+0x10/0x10
[  613.031342][T18914]  ? __pfx_vfs_read+0x10/0x10
[  613.031355][T18914]  ? find_held_lock+0x2b/0x80
[  613.031373][T18914]  ? __fget_files+0x20e/0x3c0
[  613.031391][T18914]  ksys_read+0x12a/0x250
[  613.031433][T18914]  ? __pfx_ksys_read+0x10/0x10
[  613.031448][T18914]  ? do_user_addr_fault+0x843/0x1370
[  613.031464][T18914]  __do_fast_syscall_32+0xe8/0x680
[  613.031481][T18914]  do_fast_syscall_32+0x32/0x80
[  613.031492][T18914]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  613.031506][T18914] RIP: 0023:0xf7f47579
[  613.031514][T18914] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  613.031525][T18914] RSP: 002b:00000000f5436590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  613.031535][T18914] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5436620
[  613.031543][T18914] RDX: 000000000000000f RSI: 00000000f73d6ff4 RDI: 0000000000000000
[  613.031549][T18914] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  613.031555][T18914] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  613.031561][T18914] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  613.031574][T18914]  </TASK>
[  613.122168][T18918] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4101'.
[  613.125596][T18918] bridge_slave_1: left allmulticast mode
[  613.127637][T18918] bridge_slave_1: left promiscuous mode
[  613.129668][T18918] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.238940][T15746] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  613.256495][T18918] bridge_slave_0: left allmulticast mode
[  613.258796][T18918] bridge_slave_0: left promiscuous mode
[  613.269411][T18918] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.409679][T15746] usb 8-1: Using ep0 maxpacket: 16
[  613.425573][T15746] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  613.437929][T15746] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  613.448050][T15746] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  613.505254][T15746] usb 8-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  613.509271][T15746] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  613.520244][T15746] usb 8-1: config 0 descriptor??
[  614.189118][T18933] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4102'.
[  614.249401][T18935] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  615.140116][   T40] audit: type=1326 audit(1768358081.848:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.147068][   T40] audit: type=1326 audit(1768358081.848:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.171164][   T40] audit: type=1326 audit(1768358081.858:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.181654][   T40] audit: type=1326 audit(1768358081.858:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.199705][   T40] audit: type=1326 audit(1768358081.858:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.207903][   T40] audit: type=1326 audit(1768358081.858:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.219711][   T40] audit: type=1326 audit(1768358081.858:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.236801][   T40] audit: type=1326 audit(1768358081.858:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.254252][   T40] audit: type=1326 audit(1768358081.858:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.264333][   T40] audit: type=1326 audit(1768358081.858:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18943 comm="syz.4.4111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  615.358291][T18953] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  615.423995][T18957] input: syz0 as /devices/virtual/input/input9
[  615.867527][T18964] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  616.350762][T18977] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  617.412344][T18983] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  617.565746][T18996] syz.2.4126 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  618.674469][T18982] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4121'.
[  618.756583][T19015] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  618.928413][T19022] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4132'.
[  618.950272][T15746] usbhid 8-1:0.0: can't add hid device: -32
[  618.952340][T15746] usbhid 8-1:0.0: probe with driver usbhid failed with error -32
[  619.453700][T19037] afs: Unknown parameter 'autoce'
[  619.496276][T19038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4137'.
[  619.510163][T19038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4137'.
[  619.513340][T19038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4137'.
[  619.516410][T19038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4137'.
[  619.519813][T19038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4137'.
[  619.936795][T19052] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  619.971362][T19050] [U] 
[  619.972374][T19050] [U] 
[  619.973271][T19050] [U] 
[  619.974182][T19050] [U] 
[  619.975121][T19050] [U] 
[  619.976027][T19050] [U] 
[  619.976919][T19050] [U] 
[  619.977813][T19050] [U] 
[  619.978773][T19050] [U] 
[  619.979680][T19050] [U] 
[  619.980570][T19050] [U] 
[  619.981454][T19050] [U] 
[  619.982713][T19050] [U] 
[  619.983627][T19050] [U] 
[  619.984513][T19050] [U] 
[  619.985399][T19050] [U] 
[  619.986409][T19050] [U] 
[  619.987274][T19050] [U] 
[  619.988173][T19050] [U] 
[  619.989076][T19050] [U] 
[  619.990144][T19050] [U] 
[  619.991474][T19050] [U] 
[  619.992360][T19050] [U] 
[  619.993245][T19050] [U] 
[  619.994306][T19050] [U] 
[  619.995191][T19050] [U] 
[  619.996091][T19050] [U] 
[  619.996977][T19050] [U] 
[  619.998004][T19050] [U] 
[  619.998920][T19050] [U] 
[  619.999824][T19050] [U] 
[  620.000712][T19050] [U] 
[  620.001890][T19050] [U] 
[  620.002782][T19050] [U] 
[  620.003678][T19050] [U] 
[  620.004564][T19050] [U] 
[  620.005488][T19050] [U] 
[  620.006374][T19050] [U] 
[  620.007259][T19050] [U] 
[  620.008149][T19050] [U] 
[  620.009294][T19050] [U] 
[  620.010195][T19050] [U] 
[  620.011081][T19050] [U] 
[  620.011980][T19050] [U] 
[  620.013193][T19050] [U] 
[  620.014087][T19050] [U] 
[  620.014973][T19050] [U] 
[  620.015870][T19050] [U] 
[  620.016813][T19050] [U] 
[  620.017703][T19050] [U] 
[  620.018607][T19050] [U] 
[  620.019510][T19050] [U] 
[  620.020563][T19050] [U] 
[  620.021464][T19050] [U] 
[  620.022349][T19050] [U] 
[  620.023236][T19050] [U] 
[  620.025340][T19050] [U] 
[  620.026246][T19050] [U] 
[  620.027135][T19050] [U] 
[  620.028040][T19050] [U] 
[  620.029213][T19050] [U] 
[  620.030115][T19050] [U] 
[  620.031001][T19050] [U] 
[  620.031914][T19050] [U] 
[  620.032969][T19050] [U] 
[  620.033867][T19050] [U] 
[  620.034752][T19050] [U] 
[  620.035654][T19050] [U] 
[  620.036570][T19050] [U] 
[  620.037455][T19050] [U] 
[  620.038357][T19050] [U] 
[  620.039276][T19050] [U] 
[  620.040537][T19050] [U] 
[  620.041433][T19050] [U] 
[  620.042320][T19050] [U] 
[  620.043204][T19050] [U] 
[  620.044112][T19050] [U] 
[  620.045010][T19050] [U] 
[  620.045895][T19050] [U] 
[  620.046804][T19050] [U] 
[  620.048062][T19050] [U] 
[  620.048985][T19050] [U] 
[  620.049875][T19050] [U] 
[  620.050761][T19050] [U] 
[  620.051948][T19050] [U] 
[  620.052848][T19050] [U] 
[  620.053766][T19050] [U] 
[  620.054637][T19050] [U] 
[  620.056894][T19050] [U] 
[  620.057807][T19050] [U] 
[  620.058710][T19050] [U] 
[  620.059619][T19050] [U] 
[  620.060621][T19050] [U] 
[  620.061522][T19050] [U] 
[  620.062410][T19050] [U] 
[  620.063293][T19050] [U] 
[  620.064369][T19050] [U] 
[  620.065275][T19050] [U] 
[  620.066162][T19050] [U] 
[  620.067046][T19050] [U] 
[  620.067961][T19050] [U] 
[  620.068884][T19050] [U] 
[  620.069778][T19050] [U] 
[  620.070667][T19050] [U] 
[  620.071737][T19050] [U] 
[  620.072671][T19050] [U] 
[  620.073569][T19050] [U] 
[  620.074451][T19050] [U] 
[  620.075366][T19050] [U] 
[  620.076263][T19050] [U] 
[  620.077147][T19050] [U] 
[  620.078036][T19050] [U] 
[  620.078997][T19050] [U] 
[  620.079914][T19050] [U] 
[  620.080802][T19050] [U] 
[  620.081687][T19050] [U] 
[  620.082677][T19050] [U] 
[  620.083598][T19050] [U] 
[  620.084485][T19050] [U] 
[  620.085375][T19050] [U] 
[  620.086338][T19050] [U] 
[  620.087241][T19050] [U] 
[  620.088146][T19050] [U] 
[  620.089046][T19050] [U] 
[  620.090017][T19050] [U] 
[  620.090916][T19050] [U] 
[  620.091820][T19050] [U] 
[  620.430226][T19047] [U] 
[  620.538911][ T5949] Bluetooth: hci1: unexpected event for opcode 0x0809
[  620.754286][T19078] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  621.149813][   T29] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  621.310003][   T29] usb 5-1: Using ep0 maxpacket: 16
[  621.312875][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  621.316256][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  621.319444][   T29] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  621.323810][   T29] usb 5-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  621.326615][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.330737][   T29] usb 5-1: config 0 descriptor??
[  621.585659][T19086] FAULT_INJECTION: forcing a failure.
[  621.585659][T19086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  621.589864][T19086] CPU: 2 UID: 0 PID: 19086 Comm: syz.4.4154 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  621.589881][T19086] Tainted: [L]=SOFTLOCKUP
[  621.589885][T19086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  621.589891][T19086] Call Trace:
[  621.589896][T19086]  <TASK>
[  621.589901][T19086]  dump_stack_lvl+0x16c/0x1f0
[  621.589921][T19086]  should_fail_ex+0x512/0x640
[  621.589936][T19086]  _copy_to_user+0x32/0xd0
[  621.589950][T19086]  simple_read_from_buffer+0xcb/0x170
[  621.589966][T19086]  proc_fail_nth_read+0x197/0x240
[  621.589984][T19086]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  621.590002][T19086]  ? rw_verify_area+0xcf/0x6c0
[  621.590015][T19086]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  621.590032][T19086]  vfs_read+0x1e4/0xcf0
[  621.590047][T19086]  ? __pfx___mutex_lock+0x10/0x10
[  621.590059][T19086]  ? __pfx_vfs_read+0x10/0x10
[  621.590072][T19086]  ? find_held_lock+0x2b/0x80
[  621.590089][T19086]  ? __fget_files+0x20e/0x3c0
[  621.590107][T19086]  ksys_read+0x12a/0x250
[  621.590121][T19086]  ? __pfx_ksys_read+0x10/0x10
[  621.590136][T19086]  ? fput+0x70/0xf0
[  621.590148][T19086]  __do_fast_syscall_32+0xe8/0x680
[  621.590160][T19086]  do_fast_syscall_32+0x32/0x80
[  621.590170][T19086]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  621.590184][T19086] RIP: 0023:0xf70dd579
[  621.590193][T19086] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  621.590203][T19086] RSP: 002b:00000000f54cd590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  621.590214][T19086] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54cd620
[  621.590220][T19086] RDX: 000000000000000f RSI: 00000000f7476ff4 RDI: 0000000000000000
[  621.590226][T19086] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  621.590232][T19086] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  621.590238][T19086] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  621.590251][T19086]  </TASK>
[  621.925982][T19096] [U] 
[  621.927014][T19096] [U] 
[  621.927930][T19096] [U] 
[  621.928865][T19096] [U] 
[  621.930269][T19096] [U] 
[  621.931532][T19096] [U] 
[  621.932717][T19096] [U] 
[  621.933901][T19096] [U] 
[  621.935253][T19096] [U] 
[  621.936471][T19096] [U] 
[  621.937663][T19096] [U] 
[  621.938870][T19096] [U] 
[  621.940263][T19096] [U] 
[  621.941462][T19096] [U] 
[  621.943364][T19096] [U] 
[  621.943664][T19083] lo speed is unknown, defaulting to 1000
[  621.944506][T19096] [U] 
[  621.946402][T19083] lo speed is unknown, defaulting to 1000
[  621.949067][T19096] [U] 
[  621.949968][T19083] lo speed is unknown, defaulting to 1000
[  621.950740][T19096] [U] 
[  621.953807][T19096] [U] 
[  621.954973][T19096] [U] 
[  621.956214][T19096] [U] 
[  621.956873][T19083] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  621.957104][T19096] [U] 
[  621.960312][T19096] [U] 
[  621.961384][T19096] [U] 
[  621.962819][T19096] [U] 
[  621.964052][T19096] [U] 
[  621.965360][T19096] [U] 
[  621.966417][T19096] [U] 
[  621.967432][T19096] [U] 
[  621.968381][T19096] [U] 
[  621.968620][T19083] lo speed is unknown, defaulting to 1000
[  621.969258][T19096] [U] 
[  621.972269][T19096] [U] 
[  621.973173][T19083] lo speed is unknown, defaulting to 1000
[  621.973415][T19096] [U] 
[  621.976002][T19096] [U] 
[  621.976091][T19083] lo speed is unknown, defaulting to 1000
[  621.976888][T19096] [U] 
[  621.979453][T19083] lo speed is unknown, defaulting to 1000
[  621.979994][T19096] [U] 
[  621.980139][T19096] [U] 
[  621.980182][T19096] [U] 
[  621.983536][T19083] lo speed is unknown, defaulting to 1000
[  621.984384][T19096] [U] 
[  621.989037][T19096] [U] 
[  621.990183][T19096] [U] 
[  621.991130][T19096] [U] 
[  621.992280][T19096] [U] 
[  621.993557][T19096] [U] 
[  621.995469][T19096] [U] 
[  621.996431][T19096] [U] 
[  621.997457][T19096] [U] 
[  621.998356][T19096] [U] 
[  621.999482][T19096] [U] 
[  622.000379][T19096] [U] 
[  622.001367][T19096] [U] 
[  622.002497][T19096] [U] 
[  622.003798][T19096] [U] 
[  622.004954][T19096] [U] 
[  622.006033][T19096] [U] 
[  622.007188][T19096] [U] 
[  622.008401][T19096] [U] 
[  622.009333][T19096] [U] 
[  622.010373][T19096] [U] 
[  622.011482][T19096] [U] 
[  622.012863][T19096] [U] 
[  622.014217][T19096] [U] 
[  622.015452][T19096] [U] 
[  622.016249][T19083] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4152'.
[  622.016329][T19096] [U] 
[  622.020292][T19096] [U] 
[  622.021181][T19096] [U] 
[  622.022256][T19096] [U] 
[  622.023456][T19096] [U] 
[  622.024706][T19096] [U] 
[  622.025902][T19096] [U] 
[  622.027115][T19096] [U] 
[  622.028319][T19096] [U] 
[  622.029621][T19096] [U] 
[  622.030784][T19096] [U] 
[  622.031829][T19096] [U] 
[  622.032736][T19096] [U] 
[  622.033784][T19096] [U] 
[  622.034676][T19096] [U] 
[  622.035569][T19096] [U] 
[  622.036483][T19096] [U] 
[  622.037550][T19096] [U] 
[  622.038464][T19096] [U] 
[  622.039358][T19096] [U] 
[  622.040254][T19096] [U] 
[  622.041285][T19096] [U] 
[  622.042185][T19096] [U] 
[  622.043361][T19096] [U] 
[  622.044475][T19096] [U] 
[  622.045740][T19096] [U] 
[  622.046933][T19096] [U] 
[  622.048130][T19096] [U] 
[  622.049315][T19096] [U] 
[  622.050897][T19096] [U] 
[  622.052120][T19096] [U] 
[  622.053277][T19096] [U] 
[  622.054164][T19096] [U] 
[  622.055106][T19096] [U] 
[  622.056458][T19096] [U] 
[  622.057623][T19096] [U] 
[  622.058780][T19096] [U] 
[  622.062686][T19096] [U] 
[  622.064142][T19096] [U] 
[  622.065403][T19096] [U] 
[  622.066481][T19096] [U] 
[  622.067586][T19096] [U] 
[  622.068494][T19096] [U] 
[  622.069393][T19096] [U] 
[  622.070862][T19096] [U] 
[  622.071981][T19096] [U] 
[  622.073231][T19096] [U] 
[  622.074119][T19096] [U] 
[  622.075028][T19096] [U] 
[  622.076636][T19096] [U] 
[  622.077835][T19096] [U] 
[  622.078990][T19096] [U] 
[  622.080564][T19096] [U] 
[  622.082005][T19096] [U] 
[  622.083390][T19096] [U] 
[  622.084584][T19096] [U] 
[  622.085883][T19096] [U] 
[  622.086966][T19096] [U] 
[  622.087918][T19096] [U] 
[  622.088810][T19096] [U] 
[  622.089694][T19096] [U] 
[  622.091214][T19096] [U] 
[  622.092140][T19096] [U] 
[  622.093154][T19096] [U] 
[  622.670722][T19107] kvm: emulating exchange as write
[  622.831648][T19092] [U] 
[  623.320994][T19113] FAULT_INJECTION: forcing a failure.
[  623.320994][T19113] name failslab, interval 1, probability 0, space 0, times 0
[  623.327023][T19113] CPU: 0 UID: 0 PID: 19113 Comm: syz.2.4162 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  623.327051][T19113] Tainted: [L]=SOFTLOCKUP
[  623.327058][T19113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  623.327068][T19113] Call Trace:
[  623.327075][T19113]  <TASK>
[  623.327082][T19113]  dump_stack_lvl+0x16c/0x1f0
[  623.327114][T19113]  should_fail_ex+0x512/0x640
[  623.327134][T19113]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  623.327158][T19113]  should_failslab+0xc2/0x120
[  623.327184][T19113]  kmem_cache_alloc_node_noprof+0x86/0x800
[  623.327205][T19113]  ? __alloc_skb+0x156/0x410
[  623.327231][T19113]  ? __alloc_skb+0x156/0x410
[  623.327249][T19113]  __alloc_skb+0x156/0x410
[  623.327266][T19113]  ? __alloc_skb+0x35d/0x410
[  623.327285][T19113]  ? __pfx___alloc_skb+0x10/0x10
[  623.327328][T19113]  ? genl_rcv_msg+0x4bb/0x800
[  623.327354][T19113]  netlink_ack+0x15d/0xb80
[  623.327393][T19113]  netlink_rcv_skb+0x332/0x420
[  623.327418][T19113]  ? __pfx_genl_rcv_msg+0x10/0x10
[  623.327437][T19113]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  623.327473][T19113]  ? netlink_deliver_tap+0x1ae/0xd30
[  623.327502][T19113]  genl_rcv+0x28/0x40
[  623.327516][T19113]  netlink_unicast+0x5aa/0x870
[  623.327546][T19113]  ? __pfx_netlink_unicast+0x10/0x10
[  623.327581][T19113]  netlink_sendmsg+0x8c8/0xdd0
[  623.327609][T19113]  ? __pfx_netlink_sendmsg+0x10/0x10
[  623.327638][T19113]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  623.327671][T19113]  ____sys_sendmsg+0xa5d/0xc30
[  623.327687][T19113]  ? btrfs_backref_cleanup_node.part.0+0x30/0x3b0
[  623.327716][T19113]  ? __pfx_____sys_sendmsg+0x10/0x10
[  623.327732][T19113]  ? get_compat_msghdr+0x11a/0x170
[  623.327767][T19113]  ___sys_sendmsg+0x134/0x1d0
[  623.327792][T19113]  ? __pfx____sys_sendmsg+0x10/0x10
[  623.327827][T19113]  ? find_held_lock+0x2b/0x80
[  623.327866][T19113]  __sys_sendmsg+0x16d/0x220
[  623.327890][T19113]  ? __pfx___sys_sendmsg+0x10/0x10
[  623.327929][T19113]  __do_fast_syscall_32+0xe8/0x680
[  623.327950][T19113]  do_fast_syscall_32+0x32/0x80
[  623.327967][T19113]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  623.327989][T19113] RIP: 0023:0xf7fe4579
[  623.328003][T19113] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  623.328020][T19113] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  623.328038][T19113] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000cc0
[  623.328049][T19113] RDX: 0000000004004040 RSI: 0000000000000000 RDI: 0000000000000000
[  623.328059][T19113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  623.328069][T19113] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  623.328079][T19113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  623.328103][T19113]  </TASK>
[  623.748476][T19127] FAULT_INJECTION: forcing a failure.
[  623.748476][T19127] name failslab, interval 1, probability 0, space 0, times 0
[  623.762114][T19127] CPU: 0 UID: 0 PID: 19127 Comm: syz.2.4166 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  623.762153][T19127] Tainted: [L]=SOFTLOCKUP
[  623.762158][T19127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  623.762164][T19127] Call Trace:
[  623.762168][T19127]  <TASK>
[  623.762173][T19127]  dump_stack_lvl+0x16c/0x1f0
[  623.762194][T19127]  should_fail_ex+0x512/0x640
[  623.762206][T19127]  ? kmem_cache_alloc_noprof+0x62/0x770
[  623.762220][T19127]  should_failslab+0xc2/0x120
[  623.762237][T19127]  kmem_cache_alloc_noprof+0x83/0x770
[  623.762249][T19127]  ? __pmd_alloc+0xbf/0x9c0
[  623.762267][T19127]  ? __pmd_alloc+0xbf/0x9c0
[  623.762282][T19127]  __pmd_alloc+0xbf/0x9c0
[  623.762299][T19127]  __handle_mm_fault+0xbeb/0x2bb0
[  623.762314][T19127]  ? __pfx___handle_mm_fault+0x10/0x10
[  623.762333][T19127]  ? find_vma+0xbf/0x140
[  623.762346][T19127]  ? __pfx_find_vma+0x10/0x10
[  623.762362][T19127]  handle_mm_fault+0x3fe/0xad0
[  623.762375][T19127]  do_user_addr_fault+0x7a6/0x1370
[  623.762391][T19127]  ? rcu_is_watching+0x12/0xc0
[  623.762408][T19127]  exc_page_fault+0x64/0xc0
[  623.762425][T19127]  asm_exc_page_fault+0x26/0x30
[  623.762435][T19127] RIP: 0010:_copy_to_user+0xb6/0xd0
[  623.762448][T19127] Code: 89 ee 48 89 ef e8 0a be 13 fd 4d 85 ff 75 a8 e8 f0 c3 13 fd 89 de 4c 89 e7 e8 c6 ab 7c fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 e6 <f3> a4 0f 1f 00 0f 01 ca 48 89 cb eb 80 66 2e 0f 1f 84 00 00 00 00
[  623.762458][T19127] RSP: 0018:ffffc90007cefc20 EFLAGS: 00050297
[  623.762467][T19127] RAX: 0000000000000001 RBX: 0000000000000024 RCX: 0000000000000024
[  623.762474][T19127] RDX: fffff52000f9dfa5 RSI: ffffc90007cefd08 RDI: 0000000080000080
[  623.762480][T19127] RBP: 0000000080000080 R08: 0000000000000000 R09: fffff52000f9dfa5
[  623.762486][T19127] R10: 0000000000000003 R11: ffff888026fd54b0 R12: ffffc90007cefd08
[  623.762492][T19127] R13: 00000000800000a4 R14: 00007ffffffff000 R15: 0000000000000000
[  623.762507][T19127]  compat_ksys_shmctl+0x5e7/0x610
[  623.762523][T19127]  ? __pfx_compat_ksys_shmctl+0x10/0x10
[  623.762541][T19127]  ? find_held_lock+0x2b/0x80
[  623.762558][T19127]  ? __mutex_unlock_slowpath+0x161/0x790
[  623.762574][T19127]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  623.762597][T19127]  __do_fast_syscall_32+0xe8/0x680
[  623.762609][T19127]  do_fast_syscall_32+0x32/0x80
[  623.762619][T19127]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  623.762632][T19127] RIP: 0023:0xf7fe4579
[  623.762640][T19127] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  623.762650][T19127] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 000000000000018c
[  623.762659][T19127] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000003
[  623.762665][T19127] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  623.762671][T19127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  623.762677][T19127] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  623.762683][T19127] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  623.762696][T19127]  </TASK>
[  625.562169][T19154] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  625.565273][T19154] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  625.721639][T19160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4171'.
[  625.729832][T19160] bridge_slave_1: left allmulticast mode
[  625.732419][T19160] bridge_slave_1: left promiscuous mode
[  625.760306][T19160] bridge0: port 2(bridge_slave_1) entered disabled state
[  625.772241][T19164] FAULT_INJECTION: forcing a failure.
[  625.772241][T19164] name failslab, interval 1, probability 0, space 0, times 0
[  625.786702][T19164] CPU: 3 UID: 0 PID: 19164 Comm: syz.3.4173 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  625.786732][T19164] Tainted: [L]=SOFTLOCKUP
[  625.786738][T19164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  625.786763][T19164] Call Trace:
[  625.786769][T19164]  <TASK>
[  625.786776][T19164]  dump_stack_lvl+0x16c/0x1f0
[  625.786809][T19164]  should_fail_ex+0x512/0x640
[  625.786826][T19164]  ? __kmalloc_node_noprof+0xcd/0x930
[  625.786848][T19164]  should_failslab+0xc2/0x120
[  625.786865][T19164]  __kmalloc_node_noprof+0xee/0x930
[  625.786879][T19164]  ? alloc_slab_obj_exts+0x43/0xf0
[  625.786892][T19164]  ? alloc_slab_obj_exts+0x43/0xf0
[  625.786903][T19164]  alloc_slab_obj_exts+0x43/0xf0
[  625.786914][T19164]  __memcg_slab_post_alloc_hook+0x24b/0x880
[  625.786935][T19164]  ? kasan_save_track+0x14/0x30
[  625.786951][T19164]  kmem_cache_alloc_node_noprof+0x5cd/0x800
[  625.786964][T19164]  ? __alloc_skb+0x156/0x410
[  625.786976][T19164]  ? __alloc_skb+0x35d/0x410
[  625.786989][T19164]  ? __alloc_skb+0x156/0x410
[  625.787000][T19164]  __alloc_skb+0x156/0x410
[  625.787011][T19164]  ? __alloc_skb+0x35d/0x410
[  625.787022][T19164]  ? __pfx___alloc_skb+0x10/0x10
[  625.787039][T19164]  alloc_skb_with_frags+0xe0/0x860
[  625.787058][T19164]  sock_alloc_send_pskb+0x7f9/0x980
[  625.787071][T19164]  ? get_page_from_freelist+0xd0b/0x31a0
[  625.787087][T19164]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  625.787099][T19164]  ? __pfx___might_resched+0x10/0x10
[  625.787116][T19164]  ? should_fail_alloc_page+0xee/0x130
[  625.787135][T19164]  unix_dgram_sendmsg+0x3bc/0x1830
[  625.787150][T19164]  ? __lock_acquire+0x436/0x2890
[  625.787159][T19164]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  625.787177][T19164]  ? tomoyo_socket_sendmsg_permission+0x14c/0x3c0
[  625.787193][T19164]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  625.787212][T19164]  unix_seqpacket_sendmsg+0x12a/0x1c0
[  625.787226][T19164]  ____sys_sendmsg+0xa5d/0xc30
[  625.787242][T19164]  ? __pfx_____sys_sendmsg+0x10/0x10
[  625.787256][T19164]  ? get_compat_msghdr+0x11a/0x170
[  625.787307][T19164]  ? __pfx__kstrtoull+0x10/0x10
[  625.787336][T19164]  ___sys_sendmsg+0x134/0x1d0
[  625.787358][T19164]  ? __pfx____sys_sendmsg+0x10/0x10
[  625.787389][T19164]  __sys_sendmmsg+0x2f9/0x420
[  625.787404][T19164]  ? __pfx___sys_sendmmsg+0x10/0x10
[  625.787423][T19164]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  625.787440][T19164]  ? fput+0x70/0xf0
[  625.787449][T19164]  ? ksys_write+0x1ac/0x250
[  625.787464][T19164]  ? __pfx_ksys_write+0x10/0x10
[  625.787481][T19164]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  625.787496][T19164]  ? lockdep_hardirqs_on+0x7c/0x110
[  625.787512][T19164]  __do_fast_syscall_32+0xe8/0x680
[  625.787523][T19164]  do_fast_syscall_32+0x32/0x80
[  625.787533][T19164]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  625.787547][T19164] RIP: 0023:0xf7f17579
[  625.787556][T19164] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  625.787566][T19164] RSP: 002b:00000000f53e555c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  625.787577][T19164] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080001c00
[  625.787583][T19164] RDX: 0000000000000159 RSI: 0000000000040840 RDI: 0000000000000000
[  625.787589][T19164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  625.787595][T19164] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  625.787601][T19164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  625.787619][T19164]  </TASK>
[  626.010835][T19160] bridge_slave_0: left promiscuous mode
[  626.027470][T19160] bridge0: port 1(bridge_slave_0) entered disabled state
[  626.458772][ T5949] Bluetooth: hci1: unexpected event for opcode 0x0c26
[  626.496830][T19174] syzkaller0: tun_chr_ioctl cmd 1074025678
[  626.499389][T19174] syzkaller0: group set to 0
[  626.502233][T19174] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4178'.
[  626.510826][T19174] geneve2: entered promiscuous mode
[  626.512637][T19174] geneve2: entered allmulticast mode
[  626.516897][T10259] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  626.521244][T10259] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  626.529054][T10259] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  626.533199][T10259] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  626.797937][   T29] usbhid 5-1:0.0: can't add hid device: -32
[  626.800411][   T29] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[  628.873523][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  628.875596][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  632.449720][ T6025] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  632.599765][ T6025] usb 9-1: Using ep0 maxpacket: 8
[  632.602849][ T6025] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  632.606453][ T6025] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  632.609538][ T6025] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.613760][ T6025] usb 9-1: config 0 descriptor??
[  632.850900][ T6025] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  633.142294][T19276] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  633.144680][T19276] overlayfs: failed to set xattr on upper
[  633.146638][T19276] overlayfs: ...falling back to redirect_dir=nofollow.
[  633.148900][T19276] overlayfs: ...falling back to index=off.
[  633.151417][T19276] overlayfs: ...falling back to uuid=null.
[  633.311291][ T6025] usb 9-1: USB disconnect, device number 5
[  633.342412][T19281] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  633.393575][T19276] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  633.395736][T19276] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  633.398601][T19276] vhci_hcd vhci_hcd.0: Device attached
[  633.670276][ T6025] usb 44-1: SetAddress Request (102) to port 0
[  633.672774][ T6025] usb 44-1: new SuperSpeed USB device number 102 using vhci_hcd
[  633.952066][T19282] vhci_hcd: connection reset by peer
[  633.954556][T10259] vhci_hcd vhci_hcd.3: stop threads
[  633.956838][T10259] vhci_hcd vhci_hcd.3: release socket
[  633.959301][T10259] vhci_hcd vhci_hcd.3: disconnect device
[  634.563825][T19304] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  634.571642][T19304] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  635.071802][T19306] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  635.171106][T19311] veth0_to_team: entered promiscuous mode
[  636.305790][T19344] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  637.651693][T19374] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  637.839817][   T35] block nbd0: Possible stuck request ffff888026c08000: control (read@0,1024B). Runtime 30 seconds
[  637.844006][   T35] block nbd0: Possible stuck request ffff888026c08200: control (read@1024,1024B). Runtime 30 seconds
[  637.847824][   T35] block nbd0: Possible stuck request ffff888026c08400: control (read@2048,1024B). Runtime 30 seconds
[  637.852164][   T35] block nbd0: Possible stuck request ffff888026c08600: control (read@3072,1024B). Runtime 30 seconds
[  638.719906][ T6025] usb 44-1: device descriptor read/8, error -110
[  639.110369][ T6025] usb usb44-port1: attempt power cycle
[  639.680154][ T6025] usb usb44-port1: unable to enumerate USB device
[  647.663073][T19534] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  648.715756][T19554] netlink: 'syz.4.4289': attribute type 4 has an invalid length.
[  648.776031][T19554] netlink: 'syz.4.4289': attribute type 4 has an invalid length.
[  649.767640][T19569] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  651.045370][T19586] FAULT_INJECTION: forcing a failure.
[  651.045370][T19586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  651.049546][T19586] CPU: 3 UID: 0 PID: 19586 Comm: syz.3.4301 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  651.049563][T19586] Tainted: [L]=SOFTLOCKUP
[  651.049567][T19586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  651.049573][T19586] Call Trace:
[  651.049578][T19586]  <TASK>
[  651.049583][T19586]  dump_stack_lvl+0x16c/0x1f0
[  651.049639][T19586]  should_fail_ex+0x512/0x640
[  651.049659][T19586]  _copy_from_user+0x2e/0xd0
[  651.049672][T19586]  kstrtouint_from_user+0xd6/0x1d0
[  651.049687][T19586]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  651.049701][T19586]  ? __lock_acquire+0x436/0x2890
[  651.049719][T19586]  proc_fail_nth_write+0x83/0x220
[  651.049730][T19586]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  651.049744][T19586]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  651.049753][T19586]  vfs_write+0x2a0/0x11d0
[  651.049770][T19586]  ? __pfx___mutex_lock+0x10/0x10
[  651.049782][T19586]  ? __pfx_vfs_write+0x10/0x10
[  651.049795][T19586]  ? find_held_lock+0x2b/0x80
[  651.049813][T19586]  ? __fget_files+0x20e/0x3c0
[  651.049832][T19586]  ksys_write+0x12a/0x250
[  651.049846][T19586]  ? __pfx_ksys_write+0x10/0x10
[  651.049861][T19586]  ? getname_flags.part.0+0x1c5/0x550
[  651.049875][T19586]  __do_fast_syscall_32+0xe8/0x680
[  651.049887][T19586]  do_fast_syscall_32+0x32/0x80
[  651.049898][T19586]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  651.049911][T19586] RIP: 0023:0xf7f17579
[  651.049920][T19586] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  651.049930][T19586] RSP: 002b:00000000f5406590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  651.049940][T19586] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5406620
[  651.049947][T19586] RDX: 0000000000000001 RSI: 00000000f73a6ff4 RDI: 0000000000000000
[  651.049953][T19586] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  651.049959][T19586] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  651.049965][T19586] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  651.049979][T19586]  </TASK>
[  651.123465][T19587] comedi comedi0: Minor 47 could not be opened
[  653.180337][T19595] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  653.361347][T19603] tmpfs: Unknown parameter '�size��m&r�CA����e���ڍL�lL����`�n�R�V'
[  653.461813][T19611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4307'.
[  653.579444][T19593] netlink: 'syz.3.4302': attribute type 4 has an invalid length.
[  653.621629][T19593] netlink: 'syz.3.4302': attribute type 4 has an invalid length.
[  653.641042][T11829] lo speed is unknown, defaulting to 1000
[  653.642960][T11829] syz0: Port: 1 Link ACTIVE
[  654.207321][T19624] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4312'.
[  654.293642][T19627] lo speed is unknown, defaulting to 1000
[  654.296659][T19627] lo speed is unknown, defaulting to 1000
[  654.375391][T19629] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  654.391717][T19633] siw: device registration error -23
[  654.559810][T15746] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  654.711319][T15746] usb 9-1: config 0 has no interfaces?
[  654.715665][T15746] usb 9-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  654.719430][T15746] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  654.723235][T15746] usb 9-1: Product: syz
[  654.725135][T15746] usb 9-1: Manufacturer: syz
[  654.727200][T15746] usb 9-1: SerialNumber: syz
[  654.738915][T15746] usb 9-1: config 0 descriptor??
[  655.053508][T19627] veth0_vlan: left promiscuous mode
[  655.056296][T19627] veth0_vlan: entered promiscuous mode
[  655.078765][   T10] usb 9-1: USB disconnect, device number 6
[  655.172687][T19647] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4317'.
[  655.721641][T19650] FAULT_INJECTION: forcing a failure.
[  655.721641][T19650] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  655.729744][T19650] CPU: 3 UID: 0 PID: 19650 Comm: syz.3.4318 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  655.729772][T19650] Tainted: [L]=SOFTLOCKUP
[  655.729778][T19650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  655.729788][T19650] Call Trace:
[  655.729799][T19650]  <TASK>
[  655.729807][T19650]  dump_stack_lvl+0x16c/0x1f0
[  655.729841][T19650]  should_fail_ex+0x512/0x640
[  655.729863][T19650]  _copy_from_user+0x2e/0xd0
[  655.729882][T19650]  cmsghdr_from_user_compat_to_kern+0x4ec/0x7d0
[  655.729913][T19650]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  655.729944][T19650]  ____sys_sendmsg+0x488/0xc30
[  655.729965][T19650]  ? __pfx_____sys_sendmsg+0x10/0x10
[  655.729980][T19650]  ? get_compat_msghdr+0x11a/0x170
[  655.730012][T19650]  ___sys_sendmsg+0x134/0x1d0
[  655.730036][T19650]  ? __pfx____sys_sendmsg+0x10/0x10
[  655.730069][T19650]  ? find_held_lock+0x2b/0x80
[  655.730105][T19650]  __sys_sendmsg+0x16d/0x220
[  655.730128][T19650]  ? __pfx___sys_sendmsg+0x10/0x10
[  655.730160][T19650]  ? do_user_addr_fault+0x843/0x1370
[  655.730186][T19650]  __do_fast_syscall_32+0xe8/0x680
[  655.730209][T19650]  do_fast_syscall_32+0x32/0x80
[  655.730225][T19650]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  655.730250][T19650] RIP: 0023:0xf7f17579
[  655.730263][T19650] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  655.730279][T19650] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  655.730295][T19650] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  655.730311][T19650] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  655.730321][T19650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  655.730330][T19650] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  655.730340][T19650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  655.730363][T19650]  </TASK>
[  656.992041][T19669] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4326'.
[  657.074669][T19674] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4326'.
[  657.078779][T19674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4326'.
[  657.913581][T19683] netlink: 'syz.0.4323': attribute type 4 has an invalid length.
[  658.051466][T19683] netlink: 'syz.0.4323': attribute type 4 has an invalid length.
[  658.275642][ T6024] lo speed is unknown, defaulting to 1000
[  658.278134][ T6024] syz2: Port: 1 Link ACTIVE
[  659.008601][T19693] netlink: 'syz.4.4330': attribute type 54 has an invalid length.
[  659.324619][T19704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4333'.
[  660.906645][T19724] tmpfs: Unknown parameter '�size��m&r�CA����e���ڍL�lL����`�n�R�V'
[  661.186214][T19730] netlink: 'syz.4.4340': attribute type 1 has an invalid length.
[  661.375532][T19730] bond1: entered promiscuous mode
[  661.378010][T19730] 8021q: adding VLAN 0 to HW filter on device bond1
[  661.471926][T19737] 8021q: adding VLAN 0 to HW filter on device bond1
[  661.475986][T19737] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  661.479579][T19737] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  661.485406][T19737] bond1: (slave gre1): making interface the new active one
[  661.487978][T19737] gre1: entered promiscuous mode
[  661.493429][T19737] bond1: (slave gre1): Enslaving as an active interface with an up link
[  661.617097][T19741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4343'.
[  662.772023][T19765] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4349'.
[  662.936981][T19767] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4349'.
[  662.941590][T19767] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4349'.
[  663.013222][T19769] xt_ecn: cannot match TCP bits for non-tcp packets
[  663.025313][T19769] netlink: 'syz.2.4351': attribute type 1 has an invalid length.
[  663.041166][T19769] bond1: entered promiscuous mode
[  663.043557][T19769] 8021q: adding VLAN 0 to HW filter on device bond1
[  663.089354][T19769] 8021q: adding VLAN 0 to HW filter on device bond1
[  663.092336][T19769] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  663.095643][T19769] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  663.102692][T19769] bond1: (slave gre1): making interface the new active one
[  663.105538][T19769] gre1: entered promiscuous mode
[  663.110589][T19769] bond1: (slave gre1): Enslaving as an active interface with an up link
[  665.070509][T19802] cdrom: dropping to single frame dma
[  665.932434][T19817] fuseblk: Unknown parameter 'subj_type'
[  666.686364][T19832] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  666.835156][T19835] xt_ecn: cannot match TCP bits for non-tcp packets
[  666.845951][T19835] netlink: 'syz.0.4373': attribute type 1 has an invalid length.
[  666.885543][T19835] bond1: entered promiscuous mode
[  666.888280][T19835] 8021q: adding VLAN 0 to HW filter on device bond1
[  666.931645][T19837] 8021q: adding VLAN 0 to HW filter on device bond1
[  666.934023][T19837] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  666.937259][T19837] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  667.003425][T19837] bond1: (slave gre1): making interface the new active one
[  667.006178][T19837] gre1: entered promiscuous mode
[  667.072366][T19837] bond1: (slave gre1): Enslaving as an active interface with an up link
[  667.915035][   T35] block nbd0: Possible stuck request ffff888026c08000: control (read@0,1024B). Runtime 60 seconds
[  667.920399][   T35] block nbd0: Possible stuck request ffff888026c08200: control (read@1024,1024B). Runtime 60 seconds
[  667.923677][   T35] block nbd0: Possible stuck request ffff888026c08400: control (read@2048,1024B). Runtime 60 seconds
[  667.926874][   T35] block nbd0: Possible stuck request ffff888026c08600: control (read@3072,1024B). Runtime 60 seconds
[  669.248673][T19872] IPVS: sync thread started: state = BACKUP, mcast_ifn = geneve1, syncid = 2147483647, id = 0
[  669.590216][T19885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  669.599797][T19885] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  670.578841][T19903] gtp1: entered promiscuous mode
[  670.605031][T19903] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4395'.
[  670.906709][T19920] FAULT_INJECTION: forcing a failure.
[  670.906709][T19920] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  670.912827][T19920] CPU: 2 UID: 0 PID: 19920 Comm: syz.2.4398 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  670.912852][T19920] Tainted: [L]=SOFTLOCKUP
[  670.912858][T19920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  670.912869][T19920] Call Trace:
[  670.912874][T19920]  <TASK>
[  670.912882][T19920]  dump_stack_lvl+0x16c/0x1f0
[  670.912912][T19920]  should_fail_ex+0x512/0x640
[  670.912948][T19920]  _copy_from_iter+0x2a4/0x16c0
[  670.912970][T19920]  ? __alloc_skb+0x220/0x410
[  670.912988][T19920]  ? __alloc_skb+0x35d/0x410
[  670.913008][T19920]  ? __pfx__copy_from_iter+0x10/0x10
[  670.913025][T19920]  ? netlink_autobind.isra.0+0x158/0x370
[  670.913056][T19920]  netlink_sendmsg+0x820/0xdd0
[  670.913075][T19920]  ? __pfx_netlink_sendmsg+0x10/0x10
[  670.913092][T19920]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  670.913112][T19920]  ____sys_sendmsg+0xa5d/0xc30
[  670.913124][T19920]  ? __pfx_____sys_sendmsg+0x10/0x10
[  670.913133][T19920]  ? get_compat_msghdr+0x11a/0x170
[  670.913152][T19920]  ___sys_sendmsg+0x134/0x1d0
[  670.913167][T19920]  ? __pfx____sys_sendmsg+0x10/0x10
[  670.913187][T19920]  ? find_held_lock+0x2b/0x80
[  670.913221][T19920]  __sys_sendmsg+0x16d/0x220
[  670.913244][T19920]  ? __pfx___sys_sendmsg+0x10/0x10
[  670.913274][T19920]  ? do_user_addr_fault+0x843/0x1370
[  670.913295][T19920]  __do_fast_syscall_32+0xe8/0x680
[  670.913307][T19920]  do_fast_syscall_32+0x32/0x80
[  670.913317][T19920]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  670.913331][T19920] RIP: 0023:0xf7fe4579
[  670.913340][T19920] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  670.913350][T19920] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  670.913361][T19920] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080002300
[  670.913367][T19920] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[  670.913373][T19920] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  670.913379][T19920] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  670.913385][T19920] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  670.913398][T19920]  </TASK>
[  674.814946][T19988] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4417'.
[  675.893965][T20013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4432'.
[  675.907365][T20013] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.4432'.
[  676.676337][T20033] nbd1: detected capacity change from 0 to 8589934655
[  677.024164][T20037] lo speed is unknown, defaulting to 1000
[  677.030881][T20037] lo speed is unknown, defaulting to 1000
[  677.223326][ T5949] block nbd1: Receive control failed (result -104)
[  677.401535][T20049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4434'.
[  678.962327][T20063] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  678.991918][T20067] sp0: Synchronizing with TNC
[  679.122893][T20076] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4442'.
[  679.175605][T20079] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4443'.
[  680.649168][T20106] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  680.857598][T20110] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4452'.
[  681.527789][T20118] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4454'.
[  681.870020][ T5995] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  682.050958][ T5995] usb 7-1: Using ep0 maxpacket: 16
[  682.057784][ T5995] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  682.066196][ T5995] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  682.076335][ T5995] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  682.089393][ T5995] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  682.099038][ T5995] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  682.117801][ T5995] usb 7-1: config 0 descriptor??
[  682.853718][T20118] random: crng reseeded on system resumption
[  682.893018][ T5995] input: HID 0955:7214 Haptics as /devices/virtual/input/input10
[  682.928568][ T5995] shield 0003:0955:7214.0005: Registered Thunderstrike controller
[  682.931768][ T5995] shield 0003:0955:7214.0005: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0
[  683.091001][   T10] usb 7-1: USB disconnect, device number 7
[  683.093520][T15244] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  683.098211][T15244] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  683.102921][T15244] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  683.104127][   T10] ------------[ cut here ]------------
[  683.107264][T15244] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  683.108714][   T10] workqueue: work disable count underflowed
[  683.108721][   T10] WARNING: kernel/workqueue.c:4359 at enable_work+0x2ca/0x310, CPU#0: kworker/0:1/10
[  683.117840][   T10] Modules linked in:
[  683.119346][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  683.122691][   T10] Tainted: [L]=SOFTLOCKUP
[  683.124070][   T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  683.127400][   T10] Workqueue: usb_hub_wq hub_event
[  683.129000][   T10] RIP: 0010:enable_work+0x2ca/0x310
[  683.130664][   T10] Code: ff e8 8a f2 39 00 90 0f 0b 90 e9 b4 fe ff ff e8 7c f2 39 00 e8 37 26 f1 09 e9 49 ff ff ff e8 6d f2 39 00 48 8d 3d 56 78 07 0f <67> 48 0f b9 3a e9 33 fe ff ff 48 89 ef e8 94 d2 a2 00 e9 f7 fd ff
[  683.136660][   T10] RSP: 0018:ffffc900001c7348 EFLAGS: 00010093
[  683.138591][   T10] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff818469c3
[  683.141078][   T10] RDX: ffff88801d2d0000 RSI: ffffffff81846b93 RDI: ffffffff908be3f0
[  683.143943][   T10] RBP: ffff88804d4e4738 R08: 0000000000000005 R09: 0000000000000000
[  683.146410][   T10] R10: 0000000000000000 R11: ffff88801d2d0b30 R12: 1ffff92000038e6a
[  683.148921][   T10] R13: ffffffff8fc523bf R14: ffff88804d4e4698 R15: ffff88804d4e4730
[  683.151495][   T10] FS:  0000000000000000(0000) GS:ffff8880976f9000(0000) knlGS:0000000000000000
[  683.154235][   T10] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  683.156303][   T10] CR2: 00000000800a5018 CR3: 0000000029a6c000 CR4: 0000000000352ef0
[  683.158822][   T10] Call Trace:
[  683.159963][   T10]  <TASK>
[  683.160948][   T10]  ? __pfx_enable_work+0x10/0x10
[  683.162528][   T10]  cancel_delayed_work_sync+0x96/0xf0
[  683.164236][   T10]  thermal_zone_device_unregister+0x28e/0x4d0
[  683.166153][   T10]  ? __pfx_shield_remove+0x10/0x10
[  683.167823][   T10]  power_supply_unregister+0x10a/0x150
[  683.169540][   T10]  shield_remove+0x75/0x130
[  683.171003][   T10]  ? __pfx_shield_remove+0x10/0x10
[  683.172627][   T10]  hid_device_remove+0xd1/0x260
[  683.174179][   T10]  ? __pfx_hid_device_remove+0x10/0x10
[  683.175913][   T10]  device_remove+0xcb/0x170
[  683.177365][   T10]  device_release_driver_internal+0x44b/0x620
[  683.179308][   T10]  bus_remove_device+0x22f/0x450
[  683.180877][   T10]  device_del+0x396/0x9f0
[  683.182247][   T10]  ? __pfx_device_del+0x10/0x10
[  683.183794][   T10]  ? do_raw_spin_lock+0x12c/0x2b0
[  683.185389][   T10]  hid_destroy_device+0x19c/0x240
[  683.186987][   T10]  usbhid_disconnect+0xa0/0xe0
[  683.188513][   T10]  usb_unbind_interface+0x1dd/0x9e0
[  683.190158][   T10]  ? kernfs_remove_by_name_ns+0xbe/0x100
[  683.191939][   T10]  ? __pfx_usb_unbind_interface+0x10/0x10
[  683.193741][   T10]  device_remove+0x125/0x170
[  683.195219][   T10]  device_release_driver_internal+0x44b/0x620
[  683.197127][   T10]  bus_remove_device+0x22f/0x450
[  683.198737][   T10]  device_del+0x396/0x9f0
[  683.200137][   T10]  ? __pfx_device_del+0x10/0x10
[  683.201682][   T10]  ? kobject_put+0x218/0x6f0
[  683.203166][   T10]  usb_disable_device+0x355/0x820
[  683.204776][   T10]  usb_disconnect+0x2e1/0x9e0
[  683.206275][   T10]  hub_event+0x1d84/0x52f0
[  683.208176][   T10]  ? __lock_acquire+0x436/0x2890
[  683.209741][   T10]  ? do_raw_spin_unlock+0x172/0x230
[  683.211409][   T10]  ? __pfx_hub_event+0x10/0x10
[  683.212933][   T10]  ? devm_ioremap_wc+0x60/0x100
[  683.214488][   T10]  ? finish_task_switch.isra.0+0x202/0xbd0
[  683.216362][   T10]  ? rcu_is_watching+0x12/0xc0
[  683.217915][   T10]  process_one_work+0x9ba/0x1b20
[  683.219510][   T10]  ? __pfx_process_one_work+0x10/0x10
[  683.221231][   T10]  ? assign_work+0x1a0/0x250
[  683.222702][   T10]  worker_thread+0x6c8/0xf10
[  683.224207][   T10]  ? __pfx_worker_thread+0x10/0x10
[  683.225809][   T10]  kthread+0x3c5/0x780
[  683.227107][   T10]  ? __pfx_kthread+0x10/0x10
[  683.228594][   T10]  ? rcu_is_watching+0x12/0xc0
[  683.230138][   T10]  ? __pfx_kthread+0x10/0x10
[  683.231656][   T10]  ret_from_fork+0x983/0xb10
[  683.233129][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[  683.234758][   T10]  ? __switch_to+0x7af/0x10d0
[  683.236298][   T10]  ? __pfx_kthread+0x10/0x10
[  683.237796][   T10]  ret_from_fork_asm+0x1a/0x30
[  683.239339][   T10]  </TASK>
[  683.240337][   T10] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  683.242615][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  683.245947][   T10] Tainted: [L]=SOFTLOCKUP
[  683.247323][   T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  683.250673][   T10] Workqueue: usb_hub_wq hub_event
[  683.252287][   T10] Call Trace:
[  683.253359][   T10]  <TASK>
[  683.254308][   T10]  dump_stack_lvl+0x3d/0x1f0
[  683.255791][   T10]  vpanic+0x640/0x6f0
[  683.257069][   T10]  ? enable_work+0x2ca/0x310
[  683.258563][   T10]  panic+0xca/0xd0
[  683.259770][   T10]  ? __pfx_panic+0x10/0x10
[  683.261194][   T10]  ? check_panic_on_warn+0x1f/0xb0
[  683.262834][   T10]  check_panic_on_warn+0xab/0xb0
[  683.264404][   T10]  __warn+0x108/0x3c0
[  683.265681][   T10]  __report_bug+0x2a0/0x520
[  683.267139][   T10]  ? enable_work+0x2ca/0x310
[  683.268625][   T10]  ? __pfx___report_bug+0x10/0x10
[  683.270216][   T10]  ? __wait_for_common+0x1e0/0x4e0
[  683.271850][   T10]  ? enable_work+0x2c3/0x310
[  683.273968][   T10]  ? enable_work+0xf3/0x310
[  683.275430][   T10]  ? find_held_lock+0x2b/0x80
[  683.276930][   T10]  report_bug_entry+0xe1/0x290
[  683.278479][   T10]  ? enable_work+0x2ca/0x310
[  683.279956][   T10]  handle_bug+0x18a/0x260
[  683.281337][   T10]  exc_invalid_op+0x17/0x50
[  683.282786][   T10]  asm_exc_invalid_op+0x1a/0x20
[  683.284335][   T10] RIP: 0010:enable_work+0x2ca/0x310
[  683.285975][   T10] Code: ff e8 8a f2 39 00 90 0f 0b 90 e9 b4 fe ff ff e8 7c f2 39 00 e8 37 26 f1 09 e9 49 ff ff ff e8 6d f2 39 00 48 8d 3d 56 78 07 0f <67> 48 0f b9 3a e9 33 fe ff ff 48 89 ef e8 94 d2 a2 00 e9 f7 fd ff
[  683.292006][   T10] RSP: 0018:ffffc900001c7348 EFLAGS: 00010093
[  683.293905][   T10] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff818469c3
[  683.296320][   T10] RDX: ffff88801d2d0000 RSI: ffffffff81846b93 RDI: ffffffff908be3f0
[  683.298785][   T10] RBP: ffff88804d4e4738 R08: 0000000000000005 R09: 0000000000000000
[  683.301258][   T10] R10: 0000000000000000 R11: ffff88801d2d0b30 R12: 1ffff92000038e6a
[  683.303727][   T10] R13: ffffffff8fc523bf R14: ffff88804d4e4698 R15: ffff88804d4e4730
[  683.306192][   T10]  ? enable_work+0xf3/0x310
[  683.307638][   T10]  ? enable_work+0x2c3/0x310
[  683.309139][   T10]  ? enable_work+0x2c3/0x310
[  683.310623][   T10]  ? __pfx_enable_work+0x10/0x10
[  683.312226][   T10]  cancel_delayed_work_sync+0x96/0xf0
[  683.313951][   T10]  thermal_zone_device_unregister+0x28e/0x4d0
[  683.315809][   T10]  ? __pfx_shield_remove+0x10/0x10
[  683.317372][   T10]  power_supply_unregister+0x10a/0x150
[  683.319141][   T10]  shield_remove+0x75/0x130
[  683.320588][   T10]  ? __pfx_shield_remove+0x10/0x10
[  683.322205][   T10]  hid_device_remove+0xd1/0x260
[  683.323753][   T10]  ? __pfx_hid_device_remove+0x10/0x10
[  683.325467][   T10]  device_remove+0xcb/0x170
[  683.326930][   T10]  device_release_driver_internal+0x44b/0x620
[  683.328872][   T10]  bus_remove_device+0x22f/0x450
[  683.330445][   T10]  device_del+0x396/0x9f0
[  683.331839][   T10]  ? __pfx_device_del+0x10/0x10
[  683.333382][   T10]  ? do_raw_spin_lock+0x12c/0x2b0
[  683.334988][   T10]  hid_destroy_device+0x19c/0x240
[  683.336598][   T10]  usbhid_disconnect+0xa0/0xe0
[  683.338778][   T10]  usb_unbind_interface+0x1dd/0x9e0
[  683.340426][   T10]  ? kernfs_remove_by_name_ns+0xbe/0x100
[  683.342198][   T10]  ? __pfx_usb_unbind_interface+0x10/0x10
[  683.343831][   T10]  device_remove+0x125/0x170
[  683.345328][   T10]  device_release_driver_internal+0x44b/0x620
[  683.347251][   T10]  bus_remove_device+0x22f/0x450
[  683.348851][   T10]  device_del+0x396/0x9f0
[  683.350233][   T10]  ? __pfx_device_del+0x10/0x10
[  683.351793][   T10]  ? kobject_put+0x218/0x6f0
[  683.353269][   T10]  usb_disable_device+0x355/0x820
[  683.354873][   T10]  usb_disconnect+0x2e1/0x9e0
[  683.356372][   T10]  hub_event+0x1d84/0x52f0
[  683.357841][   T10]  ? __lock_acquire+0x436/0x2890
[  683.359423][   T10]  ? do_raw_spin_unlock+0x172/0x230
[  683.361072][   T10]  ? __pfx_hub_event+0x10/0x10
[  683.362554][   T10]  ? devm_ioremap_wc+0x60/0x100
[  683.364090][   T10]  ? finish_task_switch.isra.0+0x202/0xbd0
[  683.365936][   T10]  ? rcu_is_watching+0x12/0xc0
[  683.367476][   T10]  process_one_work+0x9ba/0x1b20
[  683.369083][   T10]  ? __pfx_process_one_work+0x10/0x10
[  683.370792][   T10]  ? assign_work+0x1a0/0x250
[  683.372263][   T10]  worker_thread+0x6c8/0xf10
[  683.373738][   T10]  ? __pfx_worker_thread+0x10/0x10
[  683.375367][   T10]  kthread+0x3c5/0x780
[  683.376667][   T10]  ? __pfx_kthread+0x10/0x10
[  683.378163][   T10]  ? rcu_is_watching+0x12/0xc0
[  683.379682][   T10]  ? __pfx_kthread+0x10/0x10
[  683.381148][   T10]  ret_from_fork+0x983/0xb10
[  683.382621][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[  683.384266][   T10]  ? __switch_to+0x7af/0x10d0
[  683.385752][   T10]  ? __pfx_kthread+0x10/0x10
[  683.387221][   T10]  ret_from_fork_asm+0x1a/0x30
[  683.388776][   T10]  </TASK>
[  683.390447][   T10] Kernel Offset: disabled
[  683.391846][   T10] Rebooting in 86400 seconds..