last executing test programs:

20.486585155s ago: executing program 1 (id=1337):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r1, 0x4020aed2, &(0x7f00000000c0)={0x200000, 0x0, 0x80ffffffffffff})

20.345975735s ago: executing program 1 (id=1339):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x80)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000210000000000000000000000000a6c000000160a3f360000000000000000020000000900010073797a30000000004000038008000240000000002c0003801400010076657468305f746f5f626f6e64000000140001007665746830000000000000000000000008000140000000000900020073797a300000000014000000110001"], 0x94}}, 0x8000)
sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x14, 0x17, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x20000005}, 0x4000000)
recvmmsg(r0, &(0x7f0000001f80)=[{{0x0, 0x0, 0x0, 0xc00e}, 0x401}], 0x1, 0x2, 0x0)

20.345799468s ago: executing program 1 (id=1340):
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x8}, @hci_rp_read_auth_payload_to={{0x3}, {0x0, 0xc9, 0x2b1}}}}, 0xb)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)

20.265560626s ago: executing program 1 (id=1341):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x190)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x318500c, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c98a05f890740b0873d", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000001dc0)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x2b418842, 0x6}}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x141)
getdents64(r4, &(0x7f0000000f80)=""/4096, 0x1000)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0xe560bc2477096912)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
write$binfmt_elf64(r6, &(0x7f0000000940)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0x40, 0x7, 0x6c, 0x23c3, 0x2, 0x3, 0x3, 0x2b0, 0x40, 0x59, 0x9, 0x400, 0x38, 0x0, 0x200, 0x9, 0x9}}, 0x40)
truncate(&(0x7f0000000900)='./file1\x00', 0x1)
statx(0xffffffffffffff9c, &(0x7f0000000640)='./file0/file1\x00', 0x1000, 0x100, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000004200)="aa8e9df36226466e888b39901e75023156b5530e75c1e203314842ea78a6048cdec3383c60dcd8fa24f6928f6e02ab1090989c59ae38dceda05af132af4546a298837c63ea70975feb0919d7f7766791d530b90d522b23c58776ac7a4035383c5a0dd90d8b766c96816631f1742a0da0ce6ddd053a05966f6b6ec22dd28a0a2636d07696a307496b0b0d8bb370227dca3c96838e556681409be388f1dfbf500f1aee82b374f4473aecbdb77cf567fece7f8ec733fa91aa92a186f9768d16d0257ef826959fb3a73e4976a019bde8a82e9bb0a0443cbb1ab2c6e8f8748489948710294efb79d70edec2271491bc1cddc9c9d2713cc3063761f2bea07f5577bbe5224302ef23adcc96cb5ecee406c7977c97d7000000006e28198954bba79006fd58b2a2b43047e7f3ead143ccb6b27043d7a7512e9d3bad0138554f4b465ab6d1cec9b40cb301ac6491ee7fcdc0588e53eb2510471de91e3e73c98f0a3cc9929eac63f477a1208a80f8c75d0a1d9edb895d675d036a1863dddea98b18c846ac253b2470324b21eaaa6e69389b91bcd470995cd6835c6fac80d5ca41b66562c910f893124cf0f20dc65d90aa0f9cd1a7c88f755aaf33875d7639ae1b7413834636de57f44302b723646257ee7456bdfee10f2eaf0c05f2cf01a115ed8ac2908827af3d85da2f1bcf53d87ee830dc5e98fcfc1a22e547ce57508f606945a7599d8e1cc0268987cb7b3d00a6bfacea7bd05430255bc8b473a071b83695783944ef856fc89906e0b44a13166309bc8cc1dbae68399e1e8e4a2ea265c1a104dd862563cdaeee2b37e72fbda323cc72360b6d4fad2fd2409397f90422bbe6e9068aaf38e18918736e6357a6caac59ae803ffbe853ff716a388423bbc93bb2d6b1222bb94c96a3bddf421288d47039fa1b73573dbed87e1f6b280f8b045f9be8e0d85f6cf416bfc0f3f4ce988aefa2382cccf39e40b2a1657814b7953d0a0aea45d50d02d66982e5269f1ededd6a9f8f9e212314a4bb5c2f4898278fd3a585c1ff60e435b186c552134e5ddb0f2cc95dac405bc4bd32ccda41b05c6a376070c8ef2d6eb3ea7fce97da8f09440d47dc5faca6271d1ce4f4201b315d1cc3fa1d4cc2baa14e4c57bafb7b5bb2e9e859505360e1738a36100dd6c2fb6610fc0ed88e452148ecd8b73517f69c28f0c979525d21ba4fef353eebb2326f48217c44a322e9f1f08f92af1ff5ee5f2dc563f1a0edb09d0646105be0c46ddc8b71301e68013e863d539af5b3a2b11f770d8c0c086988216602619ec440f98d434add23bc7f54d145260773e53121188ca179832d5c406f2b4a91045edca91232416219fade02bf6ba002352943850294b05d9a142889205e6b69336cecfe8a7cfc88688368d54b475f3915eea851334395f80b41177ed4d17d91880a22c1c0cf33a550e32fbf76505458d07ebccc4e77bafae1700c9997f6fe28452f011e370642f228bbf0e2f3dc05741127f6d73e96c073b26e730ac19cb17dfc63c0ed4b5d53ffd6e312e3e80822c8bbea3cf2914f3f8ee53fb4edde1d4507fa9d7de54eecb75132befab6bf486cb05bc8727dadac49c83bf08d9eb94621b42241f9eb8fd1e6fbf969d932a023760faa62c178b7f0a1d43adbf5c21a35a58d381442ecdfc2dcce2d11e5efae8433b14fc9fc28294ae76eaa95f38ac121f255d9b478c81a1caf5c606c34e6efa80dd3aa77cc4001b9fceebcc77a1efea7bf9f749f62c7a8bd5deb0f70c54ab5daab010cf14b2f1012516dc1639edb2d890638b73559d060be47f594f322efdd40c5945148fe1690585923488910fcb3159006f935f7d184e4b4c404ccb6e2a799cc67aa2b56a13c16e3ad92b85a12060881c1d140708ffece6965f9746ed4eef74d37424e760f4b266c80c93390523eadc65494962bed4efc86a0fead2fe25c9108c5d591770cee92f9ff2d916ba0dedc6551a47ce3a4dbc97043e588b3483f0793786fe9f32f1b79ba3f4c4ccabba52a59861c8024bcdfc8ecb0acc821160b060d5dc24f0ade14d08b56218a32a03f9eba729c02fc6b714bc72b11cc7fe47b51b3a174cfa2d8f5df80a0fd4d1dd2ed36b868b46ee5a8cc72e91b57bd05005b5142b5531650813fb5496af379f9e7b1b73c49c64dead9725af0742a41b770205390791de856715c0138ca22f134911a28d2caf22ef21049d1ba721d278bcf675317c5303cbaf96535414fd92c55d741120200d49729e01e399e4c30fa8da659654196af7991a3d294c775a610f242a56c88d542641036de7eccbd64f9f306a3920596d350637a6409f667110b46c6d85ab94df4d7b0af12318522ba1e745e7de45176789a53213b9b3d23b2599275e4f1858fdb2fd63f8c6f7990235e2fb3c4c8f215715973b60b1e56d1f061b6ff33510d08fa403559cbcc21bd141b41f1e9ab4e163a0f80a918ba13031c483931a9dcdb790ad77fbdf5634662cb75e79d986e4724f64c80203600df7ac9950330431b83777bd968a86be5698b13c37513235ac89a0a1dcb799112a86a2d96b1708e0c5e983756d8243927fc7d42be6ff4c946c0763a9745897726f38b65920363b7c32051bf9e770ab1ec140ff11fc639f36fa760afcfd6ba2f609df8cb0949f26119895b69c8ffd0836a01da1e407ba08f37a1144674f5a71b3499ffcccb21e75f19cdfb33c7eded5fa5c264784a78edc5f6de17da15317a66fea522b6e92a52efa5013797212d816c3229c7dd523e2165f9f042c3b3b16e608a1d87ab9c46c2b291bf547e1f4312913b16e39a714c24ebc5cb4f4f80bb20ce4efdf2921db45b7389fef98bd0e8aa40be16758b0d7755ab631b27c5d49225e84fea63e3f031c665851ef4ed18628b26445da2cad4741800cf72a401ad79a7462657068e0f2ee65eeb86da66890247cb45b31d3ad06ea7500eac5be65528c55bf190b0ec27673b67b36117344097a0dbb9db47a2b5144218002d14cbb98629c2ed35db5cdcf93994e3e3d1a1673ff60ec0d9bae1217ba6f39ae4ac4c9e5a19f85634f3091150c4724aaabe3bd1445cfa33fac93b86c5871ca168a728899e2e0062a596fba22b962764420f1268bb8ae0a894559c488cfce6b71aa8478964d2eef5086b2cee891ca031b6543bb7ba55006621f1d80e17abcba9f9d05fc5e61c6c4a890aba4b205f5570e7866ec4de380420c4758de63ff0f7b1acb0521e45cd9bc54df1a4614c04c524f43e86f58757eddb645bbc56a63de5bb560f56a31796dc344d58e2ff2d3fe5228d87c0439e6353943c92160fb847a172eea37ad0c22de5d1e7cd66730218832c87b73366131e29a1545b26d4c500a9afd75864b460cea1ba33a5dca6e5585e9c78a8ee3361f20e2b79489ed2ef1c935d7deeef6de0d009b72a0751929209b351331c0225c29341f5d476b278061a0a33c1e455815bbb83eebf5f5c3fe97c4b3df32846a094501a157196b6c1db1e05cec4f2dee823ebea7da05f5ee63aee1670128471465ae83defcf26aba78f18544146fcc9305ed5899965edbcf9f677c499a52d984db346c12faf02553338e6553488c29c9f3f4537a9437b5eb7382f95f9e844d27fa0b1ffc48d2b44e383b1fdb567b7f23863e8e10b6210f8031859cea410d52f99b5a8d2f218e7c92e231904b171dc077c636db15087cfb0ca6a2cd09f6b7973627a03ebfb4772daddc8ad7c9e534d8bc58cfc6d1305374b589a2a85c8a3c471c7408712ff5cfd7a50bee627d0417a5667dba71866320857cdb84e071a37e477f1b5ac16bdd464d8bf3ae31860ad19722bea1d85d1a5c09e1ab36dcd6c4bf524ed2137745e3562147081027d7852bee1ccc9563e4ff0ce72affa7002e9a066591ddf31abc4388281d98d2d88fa1c5f22cb60523e72e3d838fc6b0163fe0082ce0d8d59098363a174818113182d40cdb6367cb4a867c5aaa480c95f4a98439a2b58291fedcbfedfc3ebb41fe6b0a12fce36518ea6082fb919cdff23e3b40aa26eac8d634e03fc3a1e0fafe402c875709b15b622f35bfdd233ea8d7989ec38dfa1e5b5688d76c615b5efba62dd7d50be97b92f16c838edecd426e18dd270ddda42121d7ad8d26ec28df29580e6dcd7f968885d1cbc5f573efda890a408b45701bdf5cb2e3c54f8481710145ac1f5bdb1b53a1e9a7efd8a3ad7dad7bd0fa017e080854913beda2ccc95631a5c1da5c5afaa84bcc3f1a7041208fac9e09ef52140f142bed882b8988ea062cc8ecd7fd78fd33aeee8e8d5cc891514e3407fbb171e84e45fa14713e995513e16763424e356032ac81047c8e2bfe05dfecc510b55866d4a8696c91afd7b6b809fcf2e0f8a21834f43149d8e2b5dc5fddacb8ff9341376281e8f7d762fdb61a8e6536529b0d4d3cd8217fdb4f0b8341587737da7f50dbe4e5b7851a25d52066bd0e3ad11aed47ee02bec11d0f125cdee1f505cc5c1223d386b2fda556331cf57d8df433927cf12a5fbff853be266c5a64b6424f7b106931d312f0fd447206d21c1945579915e7e21627c7fc423a813823ce5fa2c6f3114303d0995c5706418a088535c62eda2a60c82b727c31177252f8ea025c16a3676ea0ccec24ea57e68c7e0f1b0e06f78a8ccead63eb4c0ef5c59b1d3a805644f8089e604a5bd3aa4494ff7fca02dd5894a6f02e572edd487af04ace3e37f19074325613d6f7d2af73062607b45a3c9365337a1c5e6bae9702a65f0a1b9ce75e43f6381efd9d610ad37532b62c6ab5957ded77a5d01604f67d7ccaa495266ab7fe161268b9a6156643ab6289fa0be75ac433a0204df164c02d3d0cb1b7bf0acd92ca8ff19b710b0b511820d0500fdf58f598fc611380a0f7dffce7bbc934edc967ba0094a0281750176748a4e2c99684c1c4a40258b0da77a0bfb9a4b808d5932443389f0f346dad998cee519624aeb07ea4446064282b1448bfa2e5ac3393d30b5c3865a8995869f69bab0747cfcbbd2bfd407c82e198da326f36be9a508e12d6d73fb262b37fcd7ff70b372c966b7198a9f2364012ff8127f200c079cb70d550f9483c1bf9fba69ebc961c989a82fc38cffe853e4738f33f1fa42fe7167e4bb79110f237d7e4989d2f6f4bd21905e491e2d4b6ac5a66025c11a93ab1eddcade3c3e78c270eaf6a0a6ed43df6e35bcaea9aa716d547d2136c2388379abf645e3f7cad1cc1fdc92b882729ff92b0612302970bd9ca7e36d76b2eb4d9dfe35116bb7771e448867e57026e622e1e54422b064fdb707fef339aa16fde808f622a7269b77c292c7e85fade6dcde475c2f61d71370209bc0e46ba7c7b71e41df246d283f5574205ca6b4819c63d97193eb084fd6b0c20b956cfc4b45b51fd46b2e034ff0f003179c7539fbc4e888c0633767604ed0f07beb4fe00f5a3b56ad9f3997cb49c7a8b92a719411b20874686a8a5ab462914baa85d016df99796a868af3dfa6ad98ceaaa18af2f2fad2ebf3dee1df8c8863e84ed83d6da5e283ca9cc385e0ded20531f127ff4aa974b91634d8f367154d3e23ebb04571a5a453d1265e873d00d40be7e1eb7e74529822b4c81d742c981a988fb786084cbd1e721358c7a1ea5293aa609773b890a5c9de4d1349588def4232d41fa5d7cfbc3dd130754891c304118a895268555874613e9c89c66bceea609e7ca1a914ea327db1f85a3809098e801289d8ab71997c2ad5bd1f3fd4b3c6b80667ac2b6b23b35018206dbf708284f0e0fac58d0b6d72c0d0034b6ed37b1f9931158f2443f045f65e33084ebc6aac93d8c0e3c1c52878dd3f54b9f88a40821090cdeb3bdbb61f0be16338a2a7ba0f77e9ecd5400b6f809a49eee78346c69e7ab560fcc32f2d19e665bb91fbc00e4c00838a1385d5156d1696f694027a9e6a7ef66933202012caca81c1b3ebe64976a9d000e28a6aae5d6f061c5acf8e4bca00bc5ecc547ab1664cdb2125300130a5a92abc0d36cf911fb3123034e925ea097fde14253dd3de52bf5c8a6bf01436c92dbbf5450a9b7775a981b09eab05406dae83f8ddcf898b1bace4b8487f0b4ec5b5316a9b7e3bcd6da41caa23604b3932ff3daf31bb19e74c687773bb54503f6b3ed74aef1410dc4a9a72fa05b1e120e682a7e7f9b8c7b6836fa9d8f96d16fa17975bc3dd7784f0d621d5a69038b0947d1cb47381c82c6df030fc8033dd66b380d884b12991ef5d5283e552f723aaf791bf3af581423c57b536b91e5a158695b68f7eccfd72fd2af1016e261ec863215d1df0fe756366e56fa86c4495cd9a45e83227af93a5b431c5d33fea2b3d469aab08f57b85b3a14a47d7da8ca74dae34f963cf660057466dac3937ce00060f8db8099178944aa37474a37eaef3b9ca04bd0eb1d03c25887d530cd690625f5829830851a6a58a7b411bc87aa70f26e80514799664e35c44db243d61add5bcaba3695e45e9f1a3cbf8ebdfb87571c44b9dcddc5fd422e94cbeb02bb58abd14e140829e12f7f0c7e3cc1a1bcae8429775e531710bfa504e103b17c20c329f653c015ab514fd6cf162b96d871930de99413e148fa58c1ff262a997c6ed1bc008912c6b864031dc95b5a3ad6aa3521167a62fe771baff828cafaf178539048d2e91a62ee7a50df04062422150347774db320fb535ddd4c03a8cdfc3affd253c200e1d5678ff12eb6f5bd43da636778cd2f8551295f4cbbc902322e491c5c10fee144daeaec4cc2a2f855f5312f4c8cac1155c8d3b93a5fe6a60118a0a9912b16d583582b478e4f05c375247d4cd897c49a8cfd2540833311039d9b121e5d5779d71b206d0d862b95e0eab28005f86ddd6ec514d931a521fc035eaacfd10ec5f97af541cabf08512f6c79e7e0db5217bd14aab6d3e9458018c3e59769bcb689347d7e394b469e9c9d9da2be8fc7a54b1aab301b68c1faf7ba7bfd05b8a313c902ad3733e523fd64739d9af110e39a96f1048fd6a43d13045ec71ff3d1f64a904f3878cb18f58b3b84942331ec05d3372a328a83e8aab828574313964f6f6c5af246faf2c69a95e9ceca77c0fbf303103a2d38ef6da2929a3dbccae5823f82d9a37c989154c8a760df8e7d8589daf1fd69683cadd2c7ac13e285a7661c23913912ee272797e3a0808654fd0b9f74f2fe04cb34167aa630b8aa58efc2586bef8c7c2e354d7c8d08de7d25a80b08bae8d2326d16a15d537d8baffcbbae460ce608ded63a45bdf0caf9dc335aa8d2aac03a62a9c6c62ce7c2caa9a731baa549d1880d3facdb4bee43ae27ccd5a22f143da8e7b4deb5c2a194d450eb5ff6949a950115d4e1d60fc75115346a0aaaf1400a301dcc8a04f9d2762c093f88adac799f6bd5150ca9c7d3ac1f728b88b1b0807a7407ad9b8febd89a801c9845af62bf2fc98aea4835d52871774e72b9fc07d26d55ef163833fd2f5c951ff963f43fcdaf03995cf3f14360b05be587e7a19fb760a944166b1fbd04c0d02bda8ff5d92a23c4e683db1b2823a6b02a16a7bc7963aaeeec43d97a85752fa439544127fb71d8b4fee6a09b966bc4e7be67acca35bfe4acabf18f6e9cc938c1e0af43e11754cbe7b37738019d9a162083f5f1fcdd9299921a349f1e0ee840b19fed4c0b5273d5e71ff5f1f20dbb36c89e1edbbef78de1a6229a2cd22bcf2164a1b567f7c08c6ba78ff2e53bc348dd2ab53b9deffc9cf8726feaf9cb07b4f94d189314da8c0005f3bb031e44c402339588832779790e814c707fdbe0830d53b4d35812f27e7709bee185d6d6d67a65382dcf56d567180a4a74cb05b0f7d0202bf33b88729f2bab7003264a2d67ea93d022baea74d7ca54a0081923a82e56750f22f58bc997ea57afe1bce18405383055745f0c6bfbbc514df76107b3c5d04bfe033dace72bd5bead25e736a0052b6efe7eb1153d1afe9202e227d60e4e38f5f294894d2ef9b89998194492e427442a18506e24ddcc1952354fe0250ad949be08a63b6c0e206ecbac70415c36f1bf78d7068ce8eb804561eab2540c6c984e63d1217de1242ae70a5dd457d7a96f24ad9e8a59c060a2a95e9e04a6a4429f40d47d2770e9d3ece295d748aa30a7bbd2aec570733be7855c3a789d71d94b3c86ccdd3cca3ddcb35a969e8c2d5b17ded6ab8b81b90a4206ac2ff163c04ba9886b5ec6138db5eb6ffc19201f66a1057858e564960de679b2996bb93c8d2b440fde169d1fbb5886fe673639c514c2eb8bca75f79abbb73c4a125e5f4d7d4ccd5c9fc85cedc9fe6f2b2b75ec384fa6ecec37579a70bd29b4c9893badb36e1b33cf61b07ee7d2a5550ac9f23b5fe629297efe94eb8a8c2adce65a61ddae84544fe8f81455e2d053fdf7efde38b92b0b4d3e7ff9d81f5de7d571cb4db7e059cbe1ac2153b22b57b4d45d58fa50d152efa2d85d262238ce4816e40f93b65f53b6646297f69e3dde4ae7c57e9112054cb831eca5716863196db7667674b00be7c83f900c944ea2bc8e8e6b6b335a6e9f63e6f6635f6afc0889355aa4f0b928b90f76e6f03b5d40e9a0cace6243aff4590c0ef255860401b16da288687e890b1921b8ba63860df7aad86279c89d16cc4ad1ef4633639f203724c1958fb3b6a990f555e8df8f494fbdae25b353c14fe524541347c1d7f61c349f55773575fab73df09ebd1c635ad5f93fc8e075093ec3fd8b832e5331e329c2578d1f6f7a0a44838e578fe40db7d11645c2c73e0a438a80085988294d98a4ef4c5faa593dd5a9b0dec12d8a6dfd15cc4503bb2078739f26f9c10d0b1fc2634094cfd2ff6bec88a7513debde5fcabb85fd31df8d97bcfaf247edb89cb056fc52bc06f117a3e1022a57817b9abe1793cf279e163212f501681eb9ef08e39adb9ba80ec3cd45f5ae7afc0c256a3470e8ed3ca41c5502c510f0526eab848ec5a7115a53741cf05846989b9b5fc6d2ad74fb855a852e3fc7234bb0ed8b6937167133925dbeb4313a9895860e761300a0695e03e81c2c1e3fe3f4b8c42c946b010259ffa4c1d345350020cddc8e9697fb83c22fff5190558551584368e7a270f958bc72e2624c3e45bbef318b5134f0419e725945e445993f2f176f0a21f5dba86398529fe5159d57c0d75d64f950763b52935e778b20356615409dcb088514eeba3f811e9ce6ce2bd1ba6ac932bd79f7a518959f99d52acbc2a1d0c02c70b9ea46d662d39c315b36315f4220e5dce293275050a3e6df506d0c1d7786017572cd758ba4995963fa034ecd49cadb42bb1ee280600557ce2e17488e1dd4595b8c7d4f20f420a3a01b6228d764c5069222cc93e2091fd2053f05a50eda7840c13f45c6e2a2fbc0f9de4baefb7b40ea1fb7e9d30fb1fdb8f20eafca0c7c8c61c57dfcb8e2836e8d0ce546e8e37b9fc467e1bbeab314be171573398e0c2fb032049a99acf174a857c019609e83010dda8da078a4311efcaaff62fa908dde87cec4d41078c343eec5a80c42d0146d57e9a14f2b5611be05e3b665728c14ea9536d146926fe1e8d5acf12afca415ef5ad77bdfead7ea087183962592296d3d892c64a0a3b9fc95b50f03df7f4f50f950b43a289af09ca92a01a684e5c649b8da4a3365878273a00afd14b4fa2ddaeea5007f728899ba9f5fc9d1d7893a489e56c5fb152e5f775042f4b3bab6cea9cbf9a2b91647fe3c62d3ae4b5d065460b51d51b6e91f2f4fe90a3775e6312ffc805612fee8c314ee70c92de3feefb3cda56a59ddba83757b0e85cb0ee7ad1ac608a1e6a64656d9f586afc38fd1f6474b521724532d88cd351688db077dc9d229a78f8704b21f85324bf9c697874cac5f709c6701a421ac368edda0ec3a0b90268c449acf753d7e8cab501ae3d7e04788e899ec54a2517545b68fd928fb659349e1692bdeccca648fd13a7602868c44e77ed6fd587538a74adc6acdb1ebd1816af88ece2ca64f2603428a0aa842fe86be6b2b568fd29c23433c9e3f9f0e45bd13beb22ac06eb82ae0eb2b3b328aca4abba5e72a155e2cc82ac92c4697fdb9439511c1144fe2ba36f516fa181f7f8d58af69f87a6c936d1e561fff0509819e65a681aaea445a106f8ff3dfd987e2e24e977281cb85cc5e5eb987da2d17e73dacfd9880bd14ecad13d5705643f926303b389a61fd63139577de263a5fdef1facdac0068a9471fc17ac654e88e0a0d12c8aca1e850b64a88f2382e0cf3a4e3363827a06abc1eeb87216e3447dfbf8c04080ca2fe1a08cc2e2001eb386cf02ac0d3b328bcf1de009d048a03cd955c628971c30a137dc66879cbe938390a8f63251f55e559549dd11969b637876a20bc7c6f5fe2b753923d2f0269f2082206eb2312f40654cc95bb38add159104495018a5aa7b8f5836162de9a03b6981c662f2ee02a168d530a002616c09c4cc26c2a2726711e3e25b4e3acb6dcba25fde78ecede51f01e22a2f79409c77011a599ff57d81e70dbde5fcbdc841f9af0e49e8200cd2d3c73013e0e5608ee1951ac04a111864b545e7bc2434c2474286519feaff4da07324d1b13bb16d1daa1d485bcd5466b82c9622f92664f1153d08c6e644b3d0f5902b4d749895f7763015bf0e2849703ed920a3866a260f22fe40f46c76ca6ca10ae8994505fa613a6b1aec84ee6620c25ca4d002f56ddd21b12eed5132634a3194281283fe5fdac07d2fec091dc0f748fe25c6b08cf8d4ff893e863a43c4c92fba47d86c8dfbbabbdca0cec09f732bc0b8df2a97ee7208e64512249300aa4c44c10d4c4503bd76e7b4e2c9aa2e274166ef103d5c832a760f33b5a0eae4dab922f0fec5adbf409bff956b4ce40e6157d498d46ae053f1ad73655bfb0a3dfac6b96c09bac4d07e6bd7f3ac6337f58cccc631466985f6ad680d21a5fe9a9bde4b6980c689e6e8c7a413b6e3084997c089443ffaca9be80c96ce1d9b6de074b4aecfd2db3b679a2d5cf0523aa14414699d481eace4aa397d818ff4d3e73d82031849c7e4f1f1503b636728637f87cf7a7df5472abfcb7e5d77439e1018dba49a41e1c8e63942fe0d1a426f390e8e225fee14501a34762b8d835ca14d6a3a3d8042724ea9e6b568fe0eb84306397ffa8345935e9be8642e6ffbd96e636fd16cacae5d4b88fd0aa0bfbba8221f68eabc98c67de6f9eab2cca07b096b458bbfdc7f1da0bb845a1a6e19c6da87a958acb1aad0b74d6537e97fb0673a20178cbb963f909839e49ec593ddcfc3046aa54c22e3a54148c440d1f2ba1fa7417572c629e48e6d2e07760a87581971d1edccc03c0e465d4d6321d820b3346fb516c1813585a6a8462124f91428a90ed037f40cd6f23596dc90c03825636e55a061838964213c70104ec0c5909a0c62240e93314f9b67ce8fafa115251282a6ee7a036a861d1af11919dbfa7ceb7b2260e66be6300a536e78ebdf60a6f022574b35205341f3557e409d8ecc0c2304b372605c9284aebe1b92f13051db78210df83873b0496625507cf8e1ee5e90aa66f45be75e388d6e0a021b8af3787ee06cd710719b4d06ca5ba5f87de812a660f939584ea880d3c71bc58135e612431850180ee39b707bd98aff26d2c5e4396b43daefd82b2ec1004978637b8d389cc415d628fea6f66f28664f9409448e68a2d48a0a00", 0x2000, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x90, 0x0, 0x7ff, {0x5, 0x3, 0xdc, 0x5, 0x2, 0x6, {0x4, 0x638, 0xfffffffffffffff8, 0x8, 0x3, 0x79, 0xfffffffe, 0x7, 0x1, 0x8000, 0x4, r2, r3, 0x7, 0x5}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000008e80)="0e24ac7705237246fc1db898fda0c7f95d375ea7f4bc7a07517a51095880f2219d9e4329f6c4e734f2bb34564a1c2e298d7eb8844d8af7b30e1a71750a2511e44b368fc6e9ae65e40e64e4b5fd3d0f87009b5727519df1ddbcbb38ef00871f00ed2543b7f2990a44482bf3d7478c3c2799dd8120fc3258cfeccf648fe15128c54d1d4272bfd44950915afd3aa0abb5b04d4dbec287df0816c3e43c2503cac6e95041aa205c5958f51a9c4c8214ae2108401b08ae7ff8440988c93424422f06c628077d767432521fefa0f8d0f387e685e4af54bdd7f931c3eace52ca7a6ba2d0fd701e5d77393e6268f52e68d97087f87edd2ae49180028bf08ab7e02c3ef12aec2f286d1bf40fd3a5f337b0f0b63d701c60bae36a5e1644bc90f34165049ac5c4fc8a0ada90e345df1420a58c92cfcc6973d3fa532b8b4088592e0f2c36f7e756139b272fc99104a93c5cf2599c683b60910af98a55b17bf646ddddb13e73d0bfdcfb3e3d261d84f83270832708f6e5b3fd2bb98e135b914e21681b409d717afa8f65dc9d3ab6a78b9b026b6aa1f1ee5872426b4bd4fd652072f86dfb96ef79649396a0f19239b0ce6ba9a8ff49f8f4820579a3169fe54b6f060a69236d57a1a13f033054fb22dbfb3f72861acc7ed51ebed60a8a03c3e16030e7a114d0690c268713d8206b34a005fb89d5123103d36ab57594fc731e8a6353ab3be3af22faa6f85b54ba78b90aba30e17dad90c31a20cc5f39c8ff50097bb310535efd6ecbc49dfc2d547bee78d5c5ebfe0d4bd3c093413e12cfefbfdb5f38c437ce831b209f3337979f6e0c46d8bf272a3ac6076c7940f905536167d2285d2a7d0e75f1765f0c080f1dfd9bae98afdfda7e7837d1081d83effab72e6eff493cc9031a299383f726227d75474e4c8378b2376fc7fef8b213b26794edc4c2fc110d917b863d25e7382b19b1b90cc90428f6aa0b1df015bcbbe83de36ff56c065ba92f1f49e61ac6bc6b3c20e42e7763dd52f66095f07e235f0062accb0eab60ce54d84391cbf2613096ded353543b5d6a884cc981b759e4499ab72881f88542208c9fd81b541514d6d2ed54683926b0d6bfe904b76215aea6db4cff8242d3ee5524acb456ec219e42d46c1b1e3fa9748404db4583537b195ad326853ed9472790656ab01bd031b19fb64b0e5227d18ea09ea7557c9afdc918c918a1fafdd18f9f54682bf0f49ba2ae14f963340dc6600e1b344ce50ed61af0726e3441583f8cf045df193dfbce93285d7fddfc0d831fefc85cd3e7920757f27a4e09b5cfa77b93a5e82f571d1293d9437cf89997011eee6ba9f9b7e6ce2fe1c381cb2db053a6e2d9351edbddcc10faf80f5b686727dd8982b12604fde3467f4a7e98b13250df7e1eef67da8f7fe3fffd3a185457aaaecb38f5ca31ea3e35cc7c6adc3873c734cb661e3c43e64bf0843b2cf1d950642eeb20d698cc9e598eb7ec71d3a0d83f311afa2d40a659a219defad76fdb7e8146756ff02a8a74abf8a8ccd72ffd7f70911698d54552aada8ef27b3f5b2644d4d0fda2976d838686a7469b296a98b67b7cc9834dc94f2292581dd242d1abb42db30d4de42c4611c0fbdc77134a6cb0c0d7b36d18a217aaabd34744ed5cac171e2a8bfe90b2dad03d0ca5f74d3eb95c454757be4c77f386c63fee91e95a508d8fcea5cd6bef9bd05e0b992da4e4cbc2f52c9cfde09b6f17f3d73fffc01d7ac55f328061516cf0e4fa50fff5b03dca67b163a68d9ddbb988f50a68fdbfc6e6feb6c892b58eb766d3429396669228dd1653bcbb5cb47c0857d27660e62d23e90178ef2b75713c2c58a207d8c21e9ce64556bfd71b40207ee76416f9f40c5601173b1d84105ac331247c021941a6a27e86de4f9a4db382f67dd6dc8e86a02a8438ddda1a636256fcac8e2328aaa3c054ab86f55c9d7bb2c2999a5c7933f092a3bf66523cb388052c65d138346ad1c5137fa383d7b9023b1868af02cf48923289162544db8fb29cf592c306a76ec92b35f33fae90f5aeac830b82dcc3f0069f668aebe6e5fe13c811f150de080632e357221d2f220ef95ce436730d1f9390d9f192220347d04ac5a94631e349ad330276b9524f775f7a8f68be7823ad7ed3ac4b4d87a12c0261846ec1dfe785b60675968e79496d7ae4e5d478661bd7125f2cc0de35422764556b63d687b339e2b25ad43ca85bc861944d19f9689dffe71d87030d23e0428942441d622de361778cbe8952f7b93c74783552b0087bff535afaf92935aa889018e46d34b2a258f863d89e4b6da841389fa63d489d135e559b7d11b8d97215323548501c275248eb07916ae3f0814c6af32f5ece7eb0330bdaac4394c518f3c8e48cafc36057cfa7788fb2f9a73bddb1d40546cf21b681e6c9ef6f0ac43c512762323209b2c878ed5a9f55e207b56a33c863eaa34a6eb14ad8de9885d52a7c073a406ea4324f8433ddfd89b269d6716072627054197928370ae01a94e3dd4d07125560a5cb1d1bfbbd8c099194de5f787a550a3400ce796e115702255d1f17d96a7fb63384ff497cf72beeb50bd24008ffc58256aec6b2faff2c20336e29bc1acd853214496893af25e8efb571c96edf64fbcd136c95e1213e73bc3f1a896fca2bde0894449ee2927c38114de5f1063d0c203c3fab1389861c4cda173a991eb275ccffe04f75d67df181c26777b18e5552b42fb4332046554109a9a6007592a62d2553dbd098f1daae593322e45f66a64bdb09869feede70d1fcc88fd4c19f4008d1b1d5f34a6025a71d9bf6ff20daccda25cbcc662cfc687ffe5ebc344468f338f4c9bbdc7ed9820feb5e3b09ace47f4253a81da7029816656613aef7456524fc68f4345bc0e7f26240d4594374d2fcb39560e2828e0e219b2417f5787add73418b465b1308d5ac5169791f55802d11354eb62940a492d955e8bd11b952a28acea90cb43af774e6fc75e57383e68937aa3643aa37f7e7665c703576579dcccf63d2bdadfbf14be796d4023689880453b0ff576fb01bb141be3c17478f0d555ca96ff7c3f3e4f53be1f088827203fab2008ec6687e4f5df305f58fe647b93ad09a70165c989498d313ca5ba05f3ce90adc80d55b56d0ec4cd5a78268cc6def7e8bb810bc29f8e742487048363815fa3fe645194ee8529ffba2b8d6756915530f142b42f31eae1703faeae14f3d81ae5c2297c3476b0f89b32f53802453fc74c80bf217097577a910a51860bbead4f73a29423816eadca7b1e2d24a9895949b352fe59f13abfa7b69c0f0061eaae2ada6d72b2f90c9c553ad8be9ee4e4ad2876851a3f3e979c4d770d7df9a27e72ab215ec3efd252d622e7ec6160ac951d1ee9b8c0adc0fc853f2a4f36602c955b61646246e07bd7b745f5d3e99f95f55a1616ed36633db6efa97a96dacf12219cf1555222cc6a589a6def5680124f7ac2f1ec83832a30fd011ff02dbf4ab01afb5989fcc678383f179b5d647cf0a762acf0714e9e4151afa39626884e6f56859d3aafc9fc7f7bbcfb27e038e238783cf56c86f0be52568c4bed0917d651f4d26f76ba6c343e075146504590da391e1c4d028dc81767294df5de9370d62756584baa3bfa31578b6f754e77b0d6ea7357d8915ff0bda182b604b014ecf7dc94ab97061765bfab2053fa863fb671fad3b6312d6e59ba0e70b0ea2476399e925f8fa2e51c9bbfac19aeb11db3dd6ea8d916c4d4eae7de17259e6155591be9b704d3e24cda131eded5e9dd6758dc90a5c7a43332957d26ac91bc65120b1c6b7b94fdf83b397bd8990747f01d3ed912abeab74bb5ae3ff2ee0009cfe8cdb6b4e75a7de3566c8ff7bdddb06b7775cf3116b029e7c85fb7189147e753d614caa490594ff2e22b7144153c635ac7b20a49c2d8575af2f546b968bea9fc4ee5ff417a6fa86ca09c8fed14ea4b721b2d5870d4b670761c70516daa07809ac3817246844f01eadda045c57d1c864cbaabedf90cb42d374392e77b3d1a1afdf962feb55a4e04a77c8fb452429007e0046a406a5f2325f0c7f75a19deed1b456ac5de6486eebbc126ff97c5ee8531a975676b61a0d79f56ff75cbcd20337119422815537a57766648777f1b5f75d358dc63764083406e2d95afd87d00099581940367ed029065df0d9008301fb92e019feac9bb406032167eb053ab07309385771aacc2c52a5d526d14721fd530e63cb7c53f27518c679ccd0f3d2db8aa52ef95c6ac3f5dac0b9b5c3a96a794690f3d49aa0e5a4a95b36609cf61d471cc2c0cd55e8cd96be47558b055280313b15907eba5761180f5229a59341faa1e11eb5b6a48ec9320efb1d9f00936d9a5d91f2bf837fe72edf6ec025c1c4e87171cc02c7342fa5d4f825157d70d8f66f6fa0542de2255373d8743612e7d4e16b8ceebf4e92c40926f21929cab343b981120236b8b0b900772a33bbe4eef06feff3c7b104cf63d92c7f9233982f9b713489fb8bf80f2feffd6c22007b63925209e158a837dc95b42d52ed764350b5f83ad54041bc15a7552c0b8c1933d674a16b0c0934277d9895c1ad01327231a7fffc4b5e1a1495489559bebff324d54f2894563a23b85d3bef62c356eb476e01e0c039287ca38626751f701ef4e20d951433940ce1138660589ff389dee9f85a7faebb9cc494bbe7138b413303af6e05806032d8131d5a25a5d7c0ed87906d92bdd87ce7d62c13989f3435ad77a29b721d8219d2cf530c2ec9edc3de9ce2dcd5053c38a6797de8d8cbd3596ed545d2dc6f825a0e65428dd73df96d5f3e40dbe5a62f0f440f712419d1558ef97bf1d0ca1d59fa1caf6ed0d422456848e196e94b4741b757935bc3aef3a46f53066dc7a74f42d539da2228fb8593ddb79ac977a8b67c0a6058efdbe23ba75fb2faf5b9f152e60b8a96ee19fbf0c417c89f882c53d389bf27a18b9e34b2a33aa27029cfed7a03335cf33d95ea803ad125237a9cc70520f18bc7e9f0c1432368a5304544f5d1e1599242bcd905f69f25cd0fcde391960fc57426e0bf22155ea315f0caee330bf3b7f4f4363f87146531175ad4f69002d46e95a48f714c9bbd9e39b95783406d477dabe03397d68e7af5ee623b4c05eb64120ca76af4f1d37348f93f39d8fa1d22fef874ce65b66f8a1aaff9db97520dab97eb8d1f99efef4d4c9704d181d687874ec4fbb400ed4ce050ac997c843e647bebeddc33eeb70201b3286ea25ad1bdb80dba1fc78a6883ecca84d17645be16bee32967bd487c6f5e0714ca819d5913436ac9aeeab4e5092ec1897dad39737365e8414246a81a731bf7d3ad8d789b42c651702b70ee786032356e3b9fc4402104ffbe55026c84e8ec5dd2a1860cefd0e7789ac2a47fa5ee9610dee980fa3c2fa7219b4e57642f31012b3e00e64285fda219fa9ca37955e3c25fd5872172ed2f5651d208897ed4e1d224243b2f241f24580e924e02cb60af5e14898028596400a770f94e67590df5fe99e9d170d061397f71f4202eca4c91c7fc27e2379358a8d9bfc28c2fb67842b0bd1e5e68e017b34084aa08e7453fc6b03bd42772643eae036f25f10e4da022818dc84f35eea2c07e4dbb41e861b8a4c6df4f0b4b785f0df55f863707a0563cdd5b9fcaa352b54071cd486cf4948575ddbe4654a566438922887a3bd304853a98283c7a4d7757cc6e8298b0121aca5fdb64d86996d8c0ddfa1ee4ccef1ee21dcf853bdb02471383f73ddae17dfef217c6a3f79b182fc36bdb47d1899e87bb4c4e490ad4a2724d223b31b889685355f349ca8bc62d39150ebccaba863bd72bf91d65cffe560eecf162b2440f9d74fe0fb3f8479fd8f6293f16e4d67b3ec30e83180444cec51d2b455a3ab2b6286d4fac1acba8b7b5026671fef497d5e050e0aa34dcecf2d06a9e4b60cdb3f9cbb7cadd73c817f255f8e2eb22d6283a7934e0fd64eaf52caab2d1862baf505889e4db1a1870f0049b3ada06d38af52535da352bedbf1e88e34595820cedd4559cbe0fe0578c557a62f56060d75c5a6806e384d3c274c218d57beecbd8e7832f3cc050668b44c1b8ff8cdcd2b85b5ecb9eca1dcc1204d27bc3689578eab43dac5658a1cfe75456b221c15ed26720a49829f96d501fda6d7839724207d6a5f6bb3d8390e90dd7c6b80e15e6b20b7c74ff3282c770eb1c77583fc97bdb5f2df62a74b3385e2e8ba06fc39730f1f02107477c215deb6c8599cdacc7c710b7b1a77afbe3b2a593f6eec5c8014dd366f5890a1a579e51d858cc8ef93aff098af9903b4e3633a3090a630e64be99f49d32d63d779f989d0198044717741d3bfab4242a05dae33f11ed6b1d850fb379f725fdb7b296d9d9b3024160d4fd735a77c8ab23f0816bfc2715a2561c3cee6e41cf79030c1500c09e75ebbd5a7aa8a0e4826542ad46a9350e969b357c142af13afdd8927cdce3d1f35493f6a7a14c5a20739d462d566fe3ab620f1ef323768bd871eb454dad947f2a871efa05d601cf9fb08d992caf6f4b0f652e13df7dfc658f50e0c9bfc3bf28114a51142f65e25435a32c8719fde2a3d5c4850e31ffa675fa44f9e54957d108e46a67a3b7d71b272ecb0385466e39238f6421b2fd6f33a258883a4501b63001ee9ecb9137162488051f7ff15e6f4be81ca31ffac70f48bcd3457fcb137a2f5108d908ba1d51b0fca7e14273b176af4b954837dc3d40b4341fd03063ee145dfc4456bb303bb0540db3aadb26240242f4a55cb9f6623b6e724e0f9d8b73d02c9fd9140873c0bb884e3cf4c844bad6f27388b56840b63d65ca760dbddf778e430e1f03c246e74e9b56a08a56617658f7fc42e3582f3181a720e51598d22062815ca3caebf36389a58278acc788035d8deb0b800180ef6537d92bfa18947cb18232bfd27e048fcd49d44c137f1d8a10294a6dd20251a00c379bb0936fcb5137c9f5a7a7404976c778912a37f1503deb27b85d3b1d886415a98348d3632c7eb4bf58fdfddd5b24407709474e4478c991a03ed8b456d9a71ec82f05791eb17425e0360493fb5ec343eba7e9c970f47f4cd85edda849cc524d42a11eaf29be950e621cd12e16e3a304516ce5c74a2b47a1baf1f3321b84318883bb023cb5f67dc3541a4d72ebb3316244f96cde4aebc1a77336a93d226c315ab02581123140e45373f40c8cfc7fb5d478607f9b38c2b95bcd55fb8a2047569ac7927b9e4208f75032abfe83442d2ca5db1ee8903888548b5fa9724520083052f8e652f1b0d39d031d2c61f63e5cfb98061b5b913dc6da26e690c85b07fa19b9bf83d124a5fcf96de21d9f00c9aaf2ec66580e4dd99c21c01b7557b7c6336cec525003157d3efdd16a52407b35225f65e44933d56c90dbeeffcfbe2b10bdd921a507592817043c88bab1882ac8863f8a73fed3310138ae56c9b5fb8aa22d5d6ab9e5ece2afb94c5054bdc8444b00a46d74716c21346f2dce31f180f3e01453d7a7aaf4200c4be278a2a88fbec4529a551189da822d1365c8ac70bd6c6cb3c3791e183eeba95e65f1f87c10b2f740bee2575807c486e3b7939f093d44693ac069089830afff26d7165712abb7ba5bf8aaa87a3d57c5670b3a45d707b87aa7689b18292d851cac59802b38bd7ab8e1c3b8a134db1a366aaa8f77a6e2c937f49961637d291970b4541e3405948ba2ef49b40f600e28861c54f06a2400f82ffb2b9a0d4c6da720f9fea31dbe3f42aa29bd126fcbfccb9d809c8bbd76d241fc2588963f10434b69e9415d20bea13c30a08b22f5f21bd945a11466d228848b7b68927725239142fc536f784b705d3bd318f5d5fce31ddd32eca57309b1f9e5cdb0164df0bc45d04db323ed272fef5e4e0554cbe0eef83999d6dd82b67a5de6986b7063851602f833a23946ffb004b9cb30f6af2108e2aee029aa3e4fd525597f4a8d0184750731821bf21aaf703753270d3f12d5ed5f7bdb47c891074a44c63bebe47c66aab7f24e422b5f549249f26cab0aac9484087871de53cdb6d575e0e7ea3c73de23460c5b1bbe1e838433de48ecc812c1e21861dc290f22733090b5d3f88910478bff51307e6d869b68a745255ca007b9f5dda63074845d4d8f03604ada7cb5f8c1bcad9f3a84bab71e6c109ef7bd8eb29ba18011430f28eee91aa83749594aa5c717c0d53e0ff68372284e356e55f9cf33716ade1e148beda327236f4005472600f99a1c2fbe10c5492d2e082d15fa962492b16029a222bce55a001b2726fad239160f3ed55e98343fa5266cd7f5e36158480430e2f802fbfa3aa6e7299ab0940eea91682c79fffb171a705a23b70173f0973ca0b0ea230b306418677be4e6bcca0e6cc7bdbf6a3a96090819d541f505402ce505b40bd7d012ffb6a62f2528c5d370b2d6d6cf4b49c6886d20a5cc94cbe5e7cdf012af5d27c0c89c190956d1aaf1911888b33f67341fe74a10cba3328b84e3c4b83bb8b25da32122ed8df7b831e77bf9528af4b0960a0abb420e931eead4dcf31849cafc6099e8a3053758200bdbb411346662442e8274bc9780fd69abb4ef9ddd292f791b846a5849610862453cdb9263ddc232492de5d24c2c52751223cb961bb9ba7c86988b2a5490c3540ada6ffb9ba287c3e15d228aa0a6491ceced135cb1533b31c0b8ca218ffe4e1a07f29b4557a05b447358350ebfdcff9793b2eb1d7e0ea082b1f4fde8207071a8beb8c1e5efc49e1153fb8fb21ebc46c4d5b404a743a54076e4987da1748a39c70c083960873ffa0b88d4cccae69cdf4630a78250db81141e216e2007b7aea7500ad3176ae8e22c5fce5f14f0aa581bbe520a6d6c5f504547b178e62236f54809dd43763107e49b0d44a7968dcdf73a8c3c395fecd8a557ab850bebf1a67e82714131e0380fd6684e8094783190ce491a03243d903b4488d574be3847b4219145f5aa05201b4bafcbe2c2c98fb4e968c15822e20c06e83b0fc24d8d30acc9e24b36cfd06ad1a073719bf3a92922111e76efac5a813faaca76acfb065ad4faf1efe403aee89bc149bfa4e907008fe5f81d4e795c7a646c2b48e79b7ba54ec42425978c4d084c3c1f66ccdf230515366b08cd506a210e92e75bf7adfbaada44b619feecc4427ca23e74b68abfe9796a6e9a1f540d6a438042f506c27bb4f4814c73541b38eb7d548010363cdf7b2b6faf1a41a10fb71bd206388f32777c6b8e3fd7f6cd76342a1fba80deba8100f878eb4e4a09287ce513bb6b1f445e3cbdf220ff5faceb36c3a7f1a1710e780b9772124e5728fed14bbe348f0f4831913ae69ff40c953cc6447babbcf55b08491357531dc9d86fbe5cd4fd0d6e03e5b71daca299a8d31c3596fb98d21acc09d03e3fe7cc1f13c3e8b49b9dd40b8397ae617b322951a4bd8fe8a1eff9f920b79ddad1639da4d4a18c12ca3b65430e41506198483d5a2a0bc058269e7575cd6dc8d1a0393748622369c107b8a5fe570a7795d98b75e23d4c05c39655c8b81a389b512461a20711487695b8d4ff2d81ab4fe8c884768cbb99640a9ec5b54d3cd13a90f318e0264038b7f91dd73205342400eb9d186ed30286ff7cb9e459341ee59638b253148cfa74bada6b959f185b5cf68a313ff757836aafbbdf1f4440ec0f44d99c3950a6e2fdc6b7d8c6120f921630b93ec31c216e93e6b3781d02ef2339dbea56125ffe79019b1689c25d35db7d3f3e5c613060400977a2f7e142b50591b2ae5738dfd208c0f4daeda71edd05beaf4fc0b128fd004bd2bf1cea1d6883b4287cab96354e8f34f9d3707763b731686cbe6c175848a9f4bdd7c2961d270d9ef63ac95aa0603d3612a8933660c303fd1a91b3eb700718cdf40a34795399a7812c89b44f7b223dbe8bb08e0c01c4bf740c95431445a6b6fae337df7778e834813b34e0e6d3f0e935fdd136e6ac50c8e11fffb518b06c734985f31884a411293a3a3757a6e5be3d2495916314dc072fc9c0dbefcb5100513df15c18e04b2ad744d660f9cb5f4c64eead30fdd52507bba003c625108e6cdfcd7a1b38e8fd4fef0d419f695904be3026aeb9bab1ad3566a0a46a2a2d092c75ae2cbad109a117b7db76b729aaab3a89bcef8a5e63008613414fa5ce56988bbe3e839ccb8e192c56115522620e0851fbd19790f3acf9669915ef0f1ca0a2ca8a5578747f2d6cbec07a7bc4128ae131b7685191d5cf05210cc4bca2dc6303747c72cc0e4165512cccd43c5a79800b84ca018190a70984d73056e2a8bbdea91fdfcda72d9f8705227c5c4fdef9e0b81948420cae7344ba872a85e2d47c1e40fefcaa8d246fac5c7abe90b2bf39ec601390dd0a8cacbe82fc1ba0cf13c3cd89220a42e82ce62ccdf63fcb1be53c91d36349c7d3aa30170dccd5262d9ee570581ae5c9f84cf5b32261d8f531f6df0636cea496c698f36aee3274f0f9dfb7d72c074530a2679d13e5cc1bfcd957be3eba04a12f8897507122fc74ad66a7f621012ea43878cfa9a2a3ed95581aebdf1ffd7a8985f65c63de9eab4286cb94e57e3076e4e2850faef69b1d9f75ff45227b9e1bcc256c0236dc63483cffb8d72543eb213b2e0a487217850ab3bf7213dabb360c35714dbab5604357ea7b23fc0ba27d0bd09dc09e7ac471088c58d28e3ef12c3054d8a017a5023f378ae81bbbf55228620e061ace44906cc82520bfac2e1d7f7e340f53215bcf6f6078d82266abaaf479e084e73f0600572a7d482a84633eefc6e196f27638e8f08c6a4c615ef98238895d2cffb221a800424e115b0e84b960424fe39a2f33a203eb42f7f5e70e8f73aa172a8adf1d977b176cae2750859c96692bdac1067b7a1b1496dbd7c8220f3f0b42938ba0779c9bfa414a0e6073556d651d526875a4cfa95e8e981f40fc6d8bdd4704a12f44612e8eb8842535edea3d609d929b3fc05c2b02bd44e02a732ba814caf9e03e0bd7f41a24b3b6e282d07d74de2ab968ac739e994c0265416a7347f44bb80d1948cf8c9a69409e850b13f379dd672eb34a732b0b1d7b67ef2ee1bcb686cc4d1f4512c1ffb105ad2e46d783e0ca5f97ef9e4ab2798ce1c29b0f3292fbf1001d9487adfc3b34b4329be6b72ebf7a62158e488bd7888060f1e562045ecf9388c492fe3e0a6ce9b92b5a3eb29c80cc69da72f7dc2f2ac730e5d82cc5b75cecdd0809db8f1cc17bf5b72ed46fa3038722b6369d9f9497b83cc2ea1d0ebea0ac1306a83249705ae0b1c0145af67388d2153dbcb8856971216ee8f3d0cc6f532f159e5e28c6308154bf8efe46333b30740e9d94993393a27eb263dc0d19f182913ffa3953a52847fe979b9e682d304944529131b02ed468c88b5aac0483ff22ad56f9630b4f6134f266ee446068edd079411571f7e77acf2035d483043b8ad85b6277dca9e590ca801dc1896acdfc88dcf3cf83fca85afefe6addd27131f8be0fd5a80a0723556639fff59d56453ec76d3ebad3f5cb04e7b758b13e3d64c2ff5c3b018f52ba9363e053ee2fd78e35b2a834a069953e759455047521ad6615ab87e6381f0363a4554b86dd14f5ab43eb6b3fff64d94af0949a9e5c63d8c8e883886e61bd36f5ca11dfe2c025290cd49f369f8a3f9023d5daa7410fba96927fd0b5d2c75e", 0x2000, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x90, 0x0, 0x4, {0x5, 0x3, 0x0, 0x4000000000008, 0xfffffffd, 0x6, {0x2, 0x6, 0x8, 0x100000000000, 0x7, 0x81, 0x8, 0x6, 0x2008, 0x8000, 0xe44, r2, r3, 0x5, 0x81}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000380)={0x10, 0x2c, 0x15, 0x70bd2b, 0x25dfdbff}, 0x10}], 0x1, 0x0, 0x0, 0x810}, 0x44800)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file1\x00', 0x880cc2, 0x20)

20.226078872s ago: executing program 1 (id=1342):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a5", 0x1)
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x4000000, 0x0, 0x1, 0x10d}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0xff000000, 0x0, 0x0, 0x0)

19.755321378s ago: executing program 1 (id=1347):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)={0x40, 0x43, 0x107, 0xfffffffe, 0x25dfdbfc, {0x2, 0x7c}, [@nested={0x4, 0x145}, @nested={0x28, 0x1, 0x0, 0x1, [@nested={0x8, 0x1c, 0x0, 0x1, [@nested={0x4, 0x109}]}, @typed={0x8, 0x26, 0x0, 0x0, @uid}, @typed={0x14, 0x9c, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0x40}, 0x1, 0x0, 0x0, 0xffff0000}, 0xc000)

19.701945321s ago: executing program 32 (id=1347):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)={0x40, 0x43, 0x107, 0xfffffffe, 0x25dfdbfc, {0x2, 0x7c}, [@nested={0x4, 0x145}, @nested={0x28, 0x1, 0x0, 0x1, [@nested={0x8, 0x1c, 0x0, 0x1, [@nested={0x4, 0x109}]}, @typed={0x8, 0x26, 0x0, 0x0, @uid}, @typed={0x14, 0x9c, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0x40}, 0x1, 0x0, 0x0, 0xffff0000}, 0xc000)

7.900574738s ago: executing program 3 (id=1402):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), 0xffffffffffffffff)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000180)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x7}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000400)={'batadv_slave_1\x00', <r4=>0x0})
bind$xdp(r2, &(0x7f00000001c0)={0x2c, 0x0, r4, 0x0, r2}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000540)=""/4114, 0x1012}], 0x1)

6.235671114s ago: executing program 3 (id=1407):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1c1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000c00)={0x0, 0x0, 0x0}, 0x80)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
fstatat64(0xffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000)
chdir(&(0x7f0000000000)='./file0\x00')
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2f, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, <r6=>0x0}, &(0x7f0000000280)=0x5)
setuid(r6)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, r6, &(0x7f00000001c0)={0xe4, 0x6, 0x0, 0x1})
socket$key(0xf, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)

5.454372049s ago: executing program 4 (id=1411):
r0 = syz_open_dev$loop(&(0x7f0000000200), 0x7, 0x100ba7)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0xfffffffe)

5.316740695s ago: executing program 4 (id=1413):
socket$kcm(0x10, 0x2, 0x4)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
r1 = socket(0xa, 0x3, 0x3a)
getsockopt$MRT6(r1, 0x29, 0x24, 0x0, &(0x7f0000000000))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r2, &(0x7f00000001c0)='\\', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$eventfd(r0, &(0x7f0000000340), 0x8)

4.463435245s ago: executing program 3 (id=1416):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x4000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

4.396158082s ago: executing program 4 (id=1417):
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x1}, "02"}}, 0x66)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000002004e257f0000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000030"], 0x188c)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000080)='/dev/dri/card#\x00', &(0x7f0000000180)='/dev/dri/card#\x00', 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r3, <r4=>0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000040)=[0x0], 0x1, r4, r5, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x3, 0x67, 0xf4b, 0x1, 0x2, 0x5, 0x4132, 0xe150, 0x1000, 0x7f, 0x3, 0xffffffff, "fe1d00003413000000000020b42717e47f00"}})

4.335152039s ago: executing program 4 (id=1418):
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x3}, 0x94)
r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86fa, 0x4, 0x3}, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, &(0x7f0000000200)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newqdisc={0x78, 0x24, 0xf0b, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0x0, 0x5, 0x7}, 0x5, 0x0, 0xffffff3d, 0x3, 0x0, 0x1, 0xd, 0x17, 0x5, 0x4, {0x0, 0xcecc, 0x7, 0x9, 0xe9, 0x7}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

4.234573232s ago: executing program 0 (id=1421):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x5, 0x30}, 0xc)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x9}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0xe}, 0x4048043)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000005c0)={0x8, 0x0, 0xfff, 0xfffffffa}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e21, @empty}}, 0x5, 0x3, 0xf06, 0x1, 0x94, 0xfffffffd, 0x5}, 0x9c)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x13f, 0x3}}, 0x20)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000480)={0x0, 0x9}, 0xc)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x13f, 0x3}}, 0x20)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty}}, 0xffffec47, 0x9, 0xffff1896, 0x100, 0x25, 0x7fff}, 0x9c)

3.949637978s ago: executing program 4 (id=1423):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="22000000040000001000000012e05a6308b6a68093c6ba5cd97e39c457ffca1a8954f27e4073d7270838396184b2f00543195e941510452ab3427f2d184abb07f4bd54d78b3e7eb77a5e68b9fbb6c9b0070a2e03dcda6dc703286eb47b9a4870e2a5f81af9d183c0022169c41dd1c2f7c12b7d00ef27a64331a3f4a57965428c97054a36d8b2aaa43881ae370ce12ae33b1086ab5d7e3415d39017b8d7407d6ef4ab5977c3a4d908041187a34bbdf3f39c2715eac473bde599b06824504509dc1e261708bd2af17b08285ca86367"], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xcc011)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000006c0)={&(0x7f0000000440)={0x1c, 0x0, 0x134, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40014}, 0x88000)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="8dffffff2600"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000002080)=""/102400, 0x19000)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000380)={0x2})
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4205, r3, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
mkdir(&(0x7f0000000000)='./file0\x00', 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYRESHEX=r3, @ANYBLOB="27bdd89bcd8ed0a1905261e54755373e5b368e63b483872d895ad76b4cfe6fa4098f9a916ac0b3a87e034c79f420c096beae5a2d2f642ce44a923584a6ef3c93164158aeb6b2c668bed6b106bc6d", @ANYBLOB="26300cecfad18f8e7a92a99b3e0a16e660b5421a40a4a3ce35e7e4bc08ba7ae6de50a7b82150ce88613bfc82a71ffab519e45e748d20283bf54579a14ee64521"], 0x2c}}, 0x0)
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, &(0x7f00000000c0)={'pcmmio\x00', [0x4f28, 0x4, 0x10000, 0x4, 0x5, 0x5, 0x4, 0x1, 0x54c6cff3, 0xfd, 0xe3d, 0x1, 0x1, 0x86, 0x6, 0x101, 0x0, 0x7f, 0x3, 0x40000003, 0x0, 0x7, 0xfffffffd, 0x20001e58, 0x3, 0xe64, 0x3, 0x8, 0x3, 0x0, 0xfffffff8]})
socket$nl_route(0x10, 0x3, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
socket$nl_route(0x10, 0x3, 0x0)

3.752397622s ago: executing program 0 (id=1424):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

3.687629206s ago: executing program 0 (id=1425):
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/mcfilter\x00')
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff000000009408000000001700638af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000008000000850000006900000095"], &(0x7f0000005d80)='syzkaller\x00', 0xc}, 0x94)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r2, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000180)=0x84000000)
pread64(r0, &(0x7f00000000c0)=""/144, 0x90, 0x5e)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, 0x0, 0x0)

3.525728514s ago: executing program 0 (id=1426):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x3)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = io_uring_setup(0x332, &(0x7f0000000080)={0x0, 0x21e, 0x10})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0xff0f0000, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
statx(0xffffffffffffffff, &(0x7f0000000180)='\x00', 0x1000, 0x310, &(0x7f00000004c0))
open(&(0x7f0000000000)='\x00', 0x40440, 0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b04, 0x0)

3.384591838s ago: executing program 3 (id=1427):
r0 = open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2bc, 0x0, 0xffffffff, 0xffffffff, 0x158, 0xffffffff, 0x228, 0xffffff7a, 0xffffffff, 0x228, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x130, 0x158, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "e4ff0100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9eb85f401b0000000000ffffff7f00", 0x7d}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xa, 0x7}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x318)
r4 = io_uring_setup(0x332, &(0x7f0000000080)={0x0, 0x21e, 0x10})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0xffffffff, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
statx(r0, &(0x7f0000000180)='\x00', 0x1000, 0x310, &(0x7f00000004c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
open(0x0, 0x40440, 0x2)

2.445794401s ago: executing program 2 (id=1428):
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000240)=""/57, 0x39}, {&(0x7f00000004c0)=""/138, 0x8a}, {&(0x7f0000000580)=""/109, 0x6d}, {&(0x7f00000006c0)=""/198, 0xc6}, {&(0x7f00000007c0)=""/203, 0xcb}, {&(0x7f0000000280)=""/56, 0x38}, {0x0}], 0x7)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x8}, @hci_rp_read_auth_payload_to={{0x3}, {0x0, 0xc9, 0x2b1}}}}, 0xb)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)

2.395239106s ago: executing program 2 (id=1429):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000440)={0x2, 0x3}, 0x8)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @remote}, 0x5d)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0xffffffff}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0xffe0}, {}, {0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r7, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)
r8 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003040)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x0)
r10 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r10, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
r11 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r11, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
eventfd(0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x5bc, 0x0, 0x20000000000, 0x11d, 0x0, 0xffffffffffffffff, 0x1000001000, 0x49}, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r11, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r12=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r10, 0xc02064b6, &(0x7f0000000300)={r12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.255508207s ago: executing program 2 (id=1430):
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000200)={0x9, <r0=>0xffffffffffffffff, 'id1\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000000)={0x0, 'wg1\x00', {0x3}, 0x631})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x34, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}, @NFTA_LIMIT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1000000}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb8}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="600017001200011b3bed04040000000000000020000000", @ANYRES32=0x0, @ANYBLOB="03050000000000003800127809000100766c616e00000000280002801c8043800c00270000000080060000000000000000000000af94718fbe90b74a4da2fefb2c8987210c3078cba55fa813b238e9f4c321c8052133094b1598f96b46d6f32ef4773f81b0e5cde7aba4745c02ce045e25ab1bf19e6ef3182eeed4cb17b918b55729dfdd0e40d47c", @ANYRES32=r2, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000004)
socket$can_raw(0x1d, 0x3, 0x1)

2.254974121s ago: executing program 0 (id=1431):
syz_usb_connect(0x0, 0x1b, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x93, 0x31, 0x70, 0x20, 0x19d2, 0x1072, 0xcd0c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0x0, 0x0, 0xc0, 0x5}}]}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0xa, 0x4}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r3, &(0x7f00000008c0)=[{&(0x7f00000000c0)="580000001400", 0x6}], 0x1)
write$P9_RCLUNK(r3, &(0x7f0000000040)={0x7, 0x79, 0x2}, 0x7)

2.254078606s ago: executing program 2 (id=1432):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = socket(0xa, 0x3, 0x3a)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
ioctl$USBDEVFS_ALLOC_STREAMS(r4, 0x8008551c, &(0x7f0000000400)=ANY=[@ANYBLOB="4a9800000a00000081ec00000486060b830eeaa1144eb44e4c8ac08e6a6eac4a860fdc1851ddab64fe213700008c63f0c84444fdb3d33f1cee37d289ff436030da41bf010000005b3b3b09551036"])
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x0, 0x6, 0x0, 0xff, "db8f2d2b3b7596160c6981acf8805944823a7f"})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040}, 0x0)
kcmp(r0, r0, 0x48a9d97fbc48e937, r3, r3)
r5 = syz_open_dev$cec(&(0x7f0000000340), 0x0, 0x0)
ioctl$CEC_DQEVENT(r5, 0xc0506107, 0x0)
ioctl$int_in(r5, 0x5421, &(0x7f0000000000)=0xffff)
ioctl$CEC_DQEVENT(r5, 0xc0506107, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x240080c1)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a"], 0x50}}, 0x8040)
unshare(0x40020000)

1.405663362s ago: executing program 3 (id=1433):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0xa, 0x4)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000000)={0x2, 0x7d}, 0x2)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a58000000060a010400000000000000000a0000040900010073797a31000000002c0004802800018007000100637400001c0002800500030001000000080002400000001408000140000000090900020073797a320000000014000000110001"], 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd09032800030020000000"], 0xfdef)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=r1])
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0xb27, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r5 = openat$cachefiles(0xffffff9c, 0x0, 0x454240, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(r5, &(0x7f0000000740)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000440)=ANY=[@ANYBLOB="1a19c24088c0b8e85e08165e48a55234162f107a33d462a3a2280150dafec381a3ee6a9e53aa24027bf650f685f3080880582687c4a1a2e3b9e9244172c3c17fd2c3b9d1413448fee59731023cb05dba2a219a268ace8187b3bb72ea739eca"], 0x24}, 0x1, 0x0, 0x0, 0x40188c0}, 0x24000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x40800, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)

1.281842676s ago: executing program 2 (id=1434):
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xa) (async)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

1.22313241s ago: executing program 2 (id=1435):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000440)=ANY=[], 0x0, 0x39, 0x0, 0x1, 0x9}, 0x28)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000001240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0}, 0x94)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)=@o_path={&(0x7f0000000140)='./file0\x00', 0x0, 0x8, r1}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='tick_stop\x00', 0xffffffffffffffff, 0x0, 0xa}, 0x4c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x100, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1c0000, 0x1, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x48c00, 0x0)
r2 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, 0x0, 0x0)
timer_delete(0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x802)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
syz_io_uring_setup(0x100032bc, &(0x7f00000003c0)={0x0, 0x389c, 0x1, 0x0, 0x44}, 0x0, &(0x7f0000000040))
r4 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r5 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, r4)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, r5)
keyctl$KEYCTL_MOVE(0x1e, r5, r5, r4, 0x0)
request_key(&(0x7f0000000000)='.dead\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)='syz', 0xfffffffffffffff9)

1.115260826s ago: executing program 3 (id=1436):
syz_open_dev$swradio(&(0x7f00000001c0), 0x0, 0x2)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x4000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0xc15b)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40186f40, &(0x7f0000000440)=0x1f)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000801}, 0x40000c0)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x621c2, 0x0)
ftruncate(r4, 0x8800000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
setxattr$security_capability(&(0x7f0000000080)='./file0/file1\x00', &(0x7f00000001c0), 0x0, 0x0, 0x3)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x40000, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x214, 0xf0, 0x11, 0x148, 0xf0, 0x0, 0x180, 0x2a8, 0x2a8, 0x180, 0x2a8, 0x3, 0x0, {[{{@ip={@broadcast, @multicast2, 0x0, 0xff000000, 'wg1\x00', 'dvmrp0\x00', {}, {}, 0x67, 0x3, 0x2}, 0x0, 0xd0, 0xf0, 0x0, {}, [@common=@ttl={{0x24}, {0x0, 0x9}}, @common=@unspec=@limit={{0x3c}, {0x10001, 0x2, 0xa, 0x8, 0x5, 0x4}}]}, @unspec=@TRACE={0x20}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0xffffffff, 'macvtap0\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x270)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000000280)}}], 0x1, 0x4001c00)

497.980357ms ago: executing program 0 (id=1437):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000280)={0x3, 0x7}, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r3, &(0x7f0000000400)=""/4096, 0x1000)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x4, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000280)}], 0x1}, 0x4048043)
syz_open_dev$sndpcmp(&(0x7f0000000300), 0x1, 0x40842)

0s ago: executing program 4 (id=1438):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x5, 0x141101)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=@newtaction={0xe6c, 0x30, 0x1, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x8}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="f8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000100000008000000000a0000002b000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000300000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000580000000a00000000000000000000008040000200000000000008000000e5000000000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ddffffff00000000000000000000000002000000040300"/176], 0xf8}}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
readv(r3, &(0x7f0000000340)=[{&(0x7f0000000100)=""/160, 0xa0}], 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x4, 0x324, 0xffffffff, 0x0, 0x0, 0xc8, 0xfeffffff, 0xffffffff, 0x25c, 0x25c, 0x25c, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @empty, [], [], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x6, 0x0, 0x1, 0x29}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x6}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [], 'sit0\x00', 'vxcan1\x00', {}, {}, 0x0, 0x1}, 0x0, 0xa4, 0xc8}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x6}}}, {{@uncond, 0x0, 0xa4, 0xcc}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x2, 0x0, 0x5}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x380)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000880)='\xf5\xfc\xd2\xec]\x95zx8*\xa2d\x11\xb5\xb1\x01\x00\x00\x00\xe49{\x8a{\x81s\xea$\xdfg\xb1\x03DY!\x97\xadM\xd7\xff\x8a\xcd[>\x12e\xc3]d8\xba\x8ec\x00\x00\x00\x00\x00\x00\x00\xa0\xe2\xd5y\xec\x90\x00\x98Y\x91\x19\x16\x89\xd0\x1a\xad\xcd\xd6\xd0\xc6\xb9\xeb\x95\xd3\x9cl\x9cu#\xb4\xee\xe5\x9d\t\fV\xd4\xda\xfc`2?\x15P\xba\x14b\x1c\xcc\xd5\xb9jA$s\xb9g3\x15M\xd9\xb9 \xca[\xc7\xec\xa9;\xee\x01\xc9\xc4\x1f\xc3\xe4\xfa\xd3fU\x0e\x86\xc8\xa7\xaf\xaf\x04p\xa3\x8bb\xbf\\\xdb\x83\x00\x96sy\x14\x1eo\xcc9&\x946\xf9\xf5v\xee\xb5m$;\x01\xb8\xeau\x00\xd1S=\x920H\xc2z\xb5\xbe\x95\xef\xeb\xd1\xc8\xa1\xba\xach\xbef\xa8\x86\xc2\x18\x9cC\x15\x9c^\xcf\xe9\xbcp\xb4Ff\x00\x9d>p\"\x19\xd8}|~\xae\xdb\a59f\xb8?\xba\xf2\x8e\xa5y\\\xf0\fkd??-\x983\xf3\x19\xc7\xc0/\xe9\x1a\x80=\xa72)\xd2\x00'/277, &(0x7f00000002c0)='/\x00\x01\x00H\x98', 0x0)
tkill(r4, 0xb)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000a80)={0x1, 0x0, @ioapic={0x6000, 0x2, 0xaf, 0xfe39, 0x0, [{0x6, 0x4, 0xe, '\x00', 0x48}, {0x7, 0xe, 0xa2, '\x00', 0x4}, {0x6, 0x3, 0x8, '\x00', 0x1}, {0xeb, 0x8a, 0x60, '\x00', 0x2}, {0x2, 0x5, 0x2, '\x00', 0x8}, {0x80, 0x9, 0x2, '\x00', 0xd}, {0x5, 0x2, 0x3}, {0x1, 0xff, 0xf}, {0x5, 0x0, 0xb, '\x00', 0x9}, {0x3c, 0x0, 0xa, '\x00', 0x7}, {0x0, 0x7, 0xff, '\x00', 0x48}, {0xc, 0x9, 0x8a, '\x00', 0x40}, {0x34, 0x1, 0x8, '\x00', 0x4}, {0x80, 0x18, 0x6, '\x00', 0x8}, {0xac, 0x6, 0x2, '\x00', 0x9}, {0x1, 0x4, 0x9, '\x00', 0x4}, {0xb7, 0x4, 0x1}, {0xc, 0x5, 0x6, '\x00', 0x2}, {0xd5, 0x9, 0x9, '\x00', 0x4}, {0x1d, 0x15, 0x3}, {0xc8, 0x3, 0xa, '\x00', 0x8}, {0x6e, 0xf, 0x8, '\x00', 0x8}, {0x6, 0xa, 0x9, '\x00', 0x5}, {0x7, 0x4, 0x7, '\x00', 0x51}]}})
ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x7, 0xbc, 0xe1, 0x0, 0x6, 0x1, 0x41, 0x0, 0xf3, 0x7, 0xc, 0x3, 0x0, 0x40, 0x1, 0x7}})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r7, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r7, 0x8949, &(0x7f0000000000))
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

sb: set interface failed
[  356.441309][ T6042] dvb-usb: bulk message failed: -22 (1/0)
[  356.687769][ T6042] DVB: Unable to find symbol mt352_attach()
[  356.689686][ T6042] dvb-usb: bulk message failed: -22 (5/0)
[  356.697837][ T6042] zl10353_read_register: readreg error (reg=127, ret==-121)
[  356.708051][ T6042] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  356.768776][ T9589] (syz.1.877,9589,3):ocfs2_get_sector:1714 ERROR: status = -5
[  356.774438][ T6042] rc_core: IR keymap rc-dvico-mce not found
[  356.778719][ T6042] Registered IR keymap rc-empty
[  356.784648][ T6042] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0
[  356.788554][ T9589] (syz.1.877,9589,3):ocfs2_sb_probe:753 ERROR: status = -5
[  356.793558][ T6042] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input15
[  356.798444][ T9589] (syz.1.877,9589,3):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  356.803203][ T6042] dvb-usb: schedule remote query interval to 100 msecs.
[  356.807268][ T6042] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  356.807724][ T9591] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  356.814028][ T9589] (syz.1.877,9589,3):ocfs2_fill_super:1177 ERROR: status = -5
[  356.819163][ T6042] usb 8-1: USB disconnect, device number 11
[  356.822025][ T9591] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  356.825950][ T9591] overlayfs: failed to look up (tracing) for ino (-66)
[  356.843463][ T9589] __nla_validate_parse: 3 callbacks suppressed
[  356.843474][ T9589] netlink: 36 bytes leftover after parsing attributes in process `syz.1.877'.
[  356.857337][ T6042] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  357.024821][ T5981] libceph: connect (1)[c::]:6789 error -101
[  357.026838][ T5981] libceph: mon0 (1)[c::]:6789 connect error
[  357.071214][ T9592] ceph: No mds server is up or the cluster is laggy
[  357.376870][ T9603] 9pnet_virtio: no channels available for device syz
[  357.541121][ T5954] Bluetooth: hci3: command 0x0c1a tx timeout
[  358.179867][ T9635] usb usb5: usbfs: process 9635 (syz.0.891) did not claim interface 0 before use
[  358.199954][ T9635] lo speed is unknown, defaulting to 1000
[  358.202929][ T9635] ������ speed is unknown, defaulting to 1000
[  358.471186][   T76] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  358.623226][   T76] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  358.626709][   T76] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  358.629773][   T76] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  358.632821][   T76] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.643242][ T9637] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  358.648654][   T76] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  358.855028][ T1022] usb 6-1: USB disconnect, device number 11
[  358.978069][ T9644] 9pnet_virtio: no channels available for device syz
[  358.992867][ T9644] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  359.014161][ T9644] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  359.018470][ T9644] overlayfs: failed to look up (tracing) for ino (-66)
[  359.829191][ T9662] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  359.850614][ T9662] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  359.854149][ T9662] overlayfs: failed to look up (tracing) for ino (-66)
[  359.941848][ T9664] 9pnet_virtio: no channels available for device syz
[  360.932989][ T9672] lo speed is unknown, defaulting to 1000
[  360.938639][ T9672] ������ speed is unknown, defaulting to 1000
[  361.686237][ T5981] libceph: connect (1)[c::]:6789 error -101
[  361.688496][ T5981] libceph: mon0 (1)[c::]:6789 connect error
[  361.727957][ T9681] ceph: No mds server is up or the cluster is laggy
[  362.068410][ T9677] netlink: 'syz.0.906': attribute type 64 has an invalid length.
[  362.157716][ T9677] netlink: 'syz.0.906': attribute type 4 has an invalid length.
[  362.167605][ T9677] netlink: 152 bytes leftover after parsing attributes in process `syz.0.906'.
[  362.294307][ T9697] xt_hashlimit: size too large, truncated to 1048576
[  362.395527][ T9697] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  362.662144][ T9700] vlan2: entered promiscuous mode
[  362.664338][ T9700] bond0: entered promiscuous mode
[  363.089010][ T9712] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  363.108856][ T9712] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  363.112558][ T9712] overlayfs: failed to look up (tracing) for ino (-66)
[  363.141076][ T5988] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  363.259861][ T9714] lo speed is unknown, defaulting to 1000
[  363.275072][ T9714] ������ speed is unknown, defaulting to 1000
[  363.599687][ T5988] usb 6-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  363.610049][ T5988] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  363.616816][ T5988] usb 6-1: Product: syz
[  363.620840][ T5988] usb 6-1: Manufacturer: syz
[  363.626335][ T5988] usb 6-1: SerialNumber: syz
[  363.634594][ T5988] usb 6-1: config 0 descriptor??
[  363.648708][ T5988] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[  363.656310][ T5988] dvb-usb: bulk message failed: -22 (2/0)
[  363.670474][ T5988] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  363.709701][ T5988] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[  363.719510][ T5988] usb 6-1: media controller created
[  363.732354][ T5988] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  363.851524][ T9708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  363.854459][ T9708] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  364.018057][ T9718] dvb-usb: bulk message failed: -22 (4/0)
[  364.020435][ T9718] cxusb: i2c read failed
[  364.451170][ T9724] 9pnet_virtio: no channels available for device syz
[  364.455420][ T9724] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  364.468034][ T9724] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  364.474289][ T9724] overlayfs: failed to look up (tracing) for ino (-66)
[  365.489467][ T9735] netlink: 8 bytes leftover after parsing attributes in process `syz.3.921'.
[  365.578429][ T9737] FAULT_INJECTION: forcing a failure.
[  365.578429][ T9737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  365.583127][ T9737] CPU: 1 UID: 0 PID: 9737 Comm: syz.3.923 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  365.583145][ T9737] Tainted: [L]=SOFTLOCKUP
[  365.583149][ T9737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  365.583156][ T9737] Call Trace:
[  365.583159][ T9737]  <TASK>
[  365.583163][ T9737]  dump_stack_lvl+0x16c/0x1f0
[  365.583257][ T9737]  should_fail_ex+0x512/0x640
[  365.583295][ T9737]  _copy_from_user+0x2e/0xd0
[  365.583313][ T9737]  copy_from_buffer+0x7f/0xc0
[  365.583331][ T9737]  copy_uabi_to_xstate+0x3c5/0x670
[  365.583351][ T9737]  ? __pfx_copy_uabi_to_xstate+0x10/0x10
[  365.583375][ T9737]  ? __fpu_restore_sig+0xa8a/0x1370
[  365.583391][ T9737]  ? rcu_is_watching+0x12/0xc0
[  365.583406][ T9737]  ? x86_task_fpu+0x5f/0x90
[  365.583421][ T9737]  __fpu_restore_sig+0x10a6/0x1370
[  365.583438][ T9737]  ? __pfx___fpu_restore_sig+0x10/0x10
[  365.583462][ T9737]  ? __might_fault+0xe3/0x190
[  365.583474][ T9737]  ? __might_fault+0x13b/0x190
[  365.583488][ T9737]  fpu__restore_sig+0x151/0x190
[  365.583506][ T9737]  ia32_restore_sigcontext+0x44a/0x630
[  365.583517][ T9737]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  365.583531][ T9737]  ? rcu_is_watching+0x12/0xc0
[  365.583546][ T9737]  ? _raw_spin_unlock_irq+0x23/0x50
[  365.583558][ T9737]  ? lockdep_hardirqs_on+0x7c/0x110
[  365.583574][ T9737]  __do_compat_sys_rt_sigreturn+0x18c/0x270
[  365.583586][ T9737]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  365.583599][ T9737]  ? rcu_is_watching+0x12/0xc0
[  365.583615][ T9737]  do_int80_emulation+0x104/0x480
[  365.583631][ T9737]  asm_int80_emulation+0x1a/0x20
[  365.583641][ T9737] RIP: 0023:0xf7f05577
[  365.583650][ T9737] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  365.583661][ T9737] RSP: 002b:00000000f53f655c EFLAGS: 00000296
[  365.583670][ T9737] RAX: 0000000000000173 RBX: 0000000000000003 RCX: 0000000000000000
[  365.583677][ T9737] RDX: 0000000000000000 RSI: 0000000000010100 RDI: 0000000000000000
[  365.583683][ T9737] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  365.583689][ T9737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  365.583695][ T9737] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  365.583709][ T9737]  </TASK>
[  365.922577][ T5988] cxusb: set interface failed
[  365.930805][ T5988] dvb-usb: bulk message failed: -22 (1/0)
[  366.038152][ T5988] DVB: Unable to find symbol mt352_attach()
[  366.041183][ T5988] dvb-usb: bulk message failed: -22 (5/0)
[  366.043052][ T5988] zl10353_read_register: readreg error (reg=127, ret==-121)
[  366.045542][ T5988] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[  366.303541][ T9751] lo speed is unknown, defaulting to 1000
[  366.308123][ T9751] ������ speed is unknown, defaulting to 1000
[  366.523257][ T5988] rc_core: IR keymap rc-dvico-mce not found
[  366.525842][ T5988] Registered IR keymap rc-empty
[  366.540523][ T5988] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0
[  366.544711][ T5988] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input16
[  366.550848][ T5988] dvb-usb: schedule remote query interval to 100 msecs.
[  366.554589][ T5988] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[  366.560150][ T5988] usb 6-1: USB disconnect, device number 12
[  366.588327][ T5988] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[  366.854176][ T9759] netlink: 24 bytes leftover after parsing attributes in process `syz.1.928'.
[  366.857056][ T9759] openvswitch: netlink: Flow key attr not present in new flow.
[  366.919608][ T9762] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  366.941260][ T9762] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  366.944414][ T9762] overlayfs: failed to look up (tracing) for ino (-66)
[  367.001592][ T9768] netlink: 8 bytes leftover after parsing attributes in process `syz.1.931'.
[  367.074396][ T9772] binder: 9771:9772 ioctl c0306201 80000240 returned -11
[  367.236800][ T9778] 9pnet_virtio: no channels available for device syz
[  367.241951][ T9778] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  367.259889][ T9778] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  367.264088][ T9778] overlayfs: failed to look up (tracing) for ino (-66)
[  368.332090][ T9789] lo speed is unknown, defaulting to 1000
[  368.336614][ T9789] ������ speed is unknown, defaulting to 1000
[  368.832128][ T9796] netlink: 24 bytes leftover after parsing attributes in process `syz.3.940'.
[  368.835879][ T9796] openvswitch: netlink: Flow key attr not present in new flow.
[  368.943048][ T9803] netlink: 64 bytes leftover after parsing attributes in process `syz.1.944'.
[  368.991987][ T9810] netlink: 12 bytes leftover after parsing attributes in process `syz.3.943'.
[  369.024714][ T9810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.943'.
[  369.198230][ T9809] xt_socket: unknown flags 0xe4
[  369.272034][ T9818] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  369.474316][ T9818] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  369.478766][ T9818] overlayfs: failed to look up (tracing) for ino (-66)
[  369.997284][ T9826] 9pnet_virtio: no channels available for device syz
[  370.000820][ T9826] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  370.013863][ T9826] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  370.017194][ T9826] overlayfs: failed to look up (tracing) for ino (-66)
[  370.898080][ T9835] lo speed is unknown, defaulting to 1000
[  370.907129][ T9835] ������ speed is unknown, defaulting to 1000
[  373.032799][ T9869] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  373.101380][ T9869] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  373.104649][ T9869] overlayfs: failed to look up (tracing) for ino (-66)
[  375.016666][ T9886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.967'.
[  375.424244][ T9893] lo speed is unknown, defaulting to 1000
[  375.430741][ T9893] ������ speed is unknown, defaulting to 1000
[  376.090300][ T9909] fuse: Bad value for 'user_id'
[  376.092105][ T9909] fuse: Bad value for 'user_id'
[  376.421755][   T40] audit: type=1326 audit(1765637332.997:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.428870][   T40] audit: type=1326 audit(1765637332.997:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.461625][   T40] audit: type=1326 audit(1765637332.997:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.469290][   T40] audit: type=1326 audit(1765637332.997:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.487045][   T40] audit: type=1326 audit(1765637332.997:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.498250][   T40] audit: type=1326 audit(1765637332.997:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.508372][   T40] audit: type=1326 audit(1765637332.997:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.517809][   T40] audit: type=1326 audit(1765637332.997:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.527172][   T40] audit: type=1326 audit(1765637332.997:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.536348][   T40] audit: type=1326 audit(1765637332.997:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  376.608081][ T9922] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  376.645684][ T9922] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  376.649997][ T9922] overlayfs: failed to look up (tracing) for ino (-66)
[  376.886102][ T9928] bridge1: entered promiscuous mode
[  376.887838][ T9928] bridge1: entered allmulticast mode
[  376.934870][ T9930] Invalid option length (1046780) for dns_resolver key
[  377.122319][ T9940] fuse: Bad value for 'user_id'
[  377.123989][ T9940] fuse: Bad value for 'user_id'
[  377.411989][ T5954] Bluetooth: hci1: unexpected event for opcode 0x0c7d
[  377.414587][ T9945] netlink: 4 bytes leftover after parsing attributes in process `syz.0.985'.
[  377.448263][ T9945] hsr_slave_1 (unregistering): left promiscuous mode
[  378.011175][ T9946] ubi: mtd0 is already attached to ubi31
[  378.370967][ T9956] netlink: 24 bytes leftover after parsing attributes in process `syz.0.990'.
[  378.471925][ T9960] netlink: 52 bytes leftover after parsing attributes in process `syz.0.991'.
[  378.522195][ T9962] 9pnet_virtio: no channels available for device syz
[  378.824030][ T9970] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  378.868080][ T9970] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  378.871561][ T9970] overlayfs: failed to look up (tracing) for ino (-66)
[  379.577516][ T9973] lo speed is unknown, defaulting to 1000
[  379.580377][ T9973] ������ speed is unknown, defaulting to 1000
[  380.494315][ T9991] netlink: 'syz.1.996': attribute type 1 has an invalid length.
[  380.523129][ T9991] bond2: entered promiscuous mode
[  380.524993][ T9991] 8021q: adding VLAN 0 to HW filter on device bond2
[  380.578625][ T9991] 8021q: adding VLAN 0 to HW filter on device bond2
[  380.584931][ T9991] bond2: (slave gre1): The slave device specified does not support setting the MAC address
[  380.588423][ T9991] bond2: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  380.593079][ T9991] bond2: (slave gre1): making interface the new active one
[  380.595371][ T9991] gre1: entered promiscuous mode
[  380.597673][ T9991] bond2: (slave gre1): Enslaving as an active interface with an up link
[  380.988371][T10006] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  380.991210][T10006] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  380.995230][T10006] vhci_hcd vhci_hcd.0: Device attached
[  381.291110][   T34] usb 44-1: SetAddress Request (10) to port 0
[  381.293239][   T34] usb 44-1: new SuperSpeed USB device number 10 using vhci_hcd
[  381.732177][T10007] vhci_hcd: connection reset by peer
[  381.734785][ T6154] vhci_hcd vhci_hcd.3: stop threads
[  381.736948][ T6154] vhci_hcd vhci_hcd.3: release socket
[  381.739023][ T6154] vhci_hcd vhci_hcd.3: disconnect device
[  381.781287][ T6042] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  381.933498][ T6042] usb 5-1: unable to read config index 0 descriptor/start: -61
[  381.937445][ T6042] usb 5-1: can't read configurations, error -61
[  382.071099][ T6042] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  382.223320][ T6042] usb 5-1: unable to read config index 0 descriptor/start: -61
[  382.226653][ T6042] usb 5-1: can't read configurations, error -61
[  382.229660][ T6042] usb usb5-port1: attempt power cycle
[  382.506669][T10038] binder: BINDER_SET_CONTEXT_MGR already set
[  382.509597][T10038] binder: 10036:10038 ioctl 4018620d 80000040 returned -16
[  382.520286][T10038] binder: 10036:10038 ioctl c0306201 80000240 returned -11
[  382.581411][ T6042] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  382.603340][ T6042] usb 5-1: unable to read config index 0 descriptor/start: -61
[  382.611079][ T6042] usb 5-1: can't read configurations, error -61
[  382.740695][T10046] FAULT_INJECTION: forcing a failure.
[  382.740695][T10046] name failslab, interval 1, probability 0, space 0, times 0
[  382.744743][T10046] CPU: 1 UID: 0 PID: 10046 Comm: syz.3.1016 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  382.744772][T10046] Tainted: [L]=SOFTLOCKUP
[  382.744776][T10046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  382.744783][T10046] Call Trace:
[  382.744787][T10046]  <TASK>
[  382.744791][T10046]  dump_stack_lvl+0x16c/0x1f0
[  382.744810][T10046]  should_fail_ex+0x512/0x640
[  382.744827][T10046]  ? fs_reclaim_acquire+0xae/0x150
[  382.744846][T10046]  should_failslab+0xc2/0x120
[  382.744862][T10046]  __kmalloc_cache_noprof+0x80/0x800
[  382.744874][T10046]  ? lockdep_init_map_type+0x5c/0x270
[  382.744902][T10046]  ? ceph_osdmap_alloc+0x40/0x2d0
[  382.744918][T10046]  ? ceph_osdmap_alloc+0x40/0x2d0
[  382.744930][T10046]  ceph_osdmap_alloc+0x40/0x2d0
[  382.744943][T10046]  ceph_osdc_init+0x433/0xa10
[  382.744954][T10046]  ceph_create_client+0x27e/0x370
[  382.744973][T10046]  ceph_get_tree+0x1ac/0x20c0
[  382.744983][T10046]  ? security_capable+0x7e/0x260
[  382.745000][T10046]  vfs_get_tree+0x8e/0x330
[  382.745013][T10046]  vfs_cmd_create+0xd7/0x2a0
[  382.745026][T10046]  __do_sys_fsconfig+0x7b8/0xbe0
[  382.745040][T10046]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  382.745052][T10046]  ? fput+0x70/0xf0
[  382.745063][T10046]  ? rcu_is_watching+0x12/0xc0
[  382.745083][T10046]  __do_fast_syscall_32+0xe8/0x680
[  382.745099][T10046]  do_fast_syscall_32+0x32/0x80
[  382.745113][T10046]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  382.745127][T10046] RIP: 0023:0xf7f05579
[  382.745136][T10046] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  382.745151][T10046] RSP: 002b:00000000f53b455c EFLAGS: 00000296 ORIG_RAX: 00000000000001af
[  382.745162][T10046] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000006
[  382.745168][T10046] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  382.745174][T10046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  382.745181][T10046] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  382.745187][T10046] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  382.745201][T10046]  </TASK>
[  382.751124][ T6042] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  382.754783][T10047] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1017'.
[  382.784056][ T6042] usb 5-1: unable to read config index 0 descriptor/start: -61
[  382.867493][ T6042] usb 5-1: can't read configurations, error -61
[  382.871831][ T6042] usb usb5-port1: unable to enumerate USB device
[  383.153479][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  383.155969][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  383.367532][T10057] netlink: 804 bytes leftover after parsing attributes in process `syz.2.1020'.
[  383.733984][T10069] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1022'.
[  384.478360][T10091] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1026'.
[  384.499395][T10091] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1026'.
[  384.834307][T10106] fuse: Bad value for 'user_id'
[  384.836299][T10106] fuse: Bad value for 'user_id'
[  385.384310][T10114] vivid-002: disconnect
[  385.424202][T10113] vivid-002: reconnect
[  386.233752][T10138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1039'.
[  386.239402][T10138] netlink: 'syz.2.1039': attribute type 62 has an invalid length.
[  386.341163][   T34] usb 44-1: device descriptor read/8, error -110
[  386.375565][T10143] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1041'.
[  386.396162][T10143] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1041'.
[  386.751763][   T34] usb usb44-port1: attempt power cycle
[  386.922408][T10158] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  386.939672][T10158] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  386.942989][T10158] overlayfs: failed to look up (tracing) for ino (-66)
[  387.331728][   T34] usb usb44-port1: unable to enumerate USB device
[  387.621636][ T6154] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  388.176982][T10171] lo speed is unknown, defaulting to 1000
[  388.182568][T10171] ������ speed is unknown, defaulting to 1000
[  388.751477][T10183] lo speed is unknown, defaulting to 1000
[  388.756548][T10183] ������ speed is unknown, defaulting to 1000
[  389.208346][T10191] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  389.674913][T10191] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  389.678470][T10191] overlayfs: failed to look up (tracing) for ino (-66)
[  390.125648][T10202] binder: BINDER_SET_CONTEXT_MGR already set
[  390.127961][T10202] binder: 10201:10202 ioctl 4018620d 80000040 returned -16
[  390.130767][T10202] binder: 10201:10202 ioctl c0306201 80000240 returned -11
[  390.301106][   T34] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  390.502233][   T34] usb 6-1: Using ep0 maxpacket: 16
[  390.506540][   T34] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  390.511426][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  390.515959][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  390.519833][   T34] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  390.525634][   T34] usb 6-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  390.529478][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.534434][   T34] usb 6-1: config 0 descriptor??
[  390.584029][T10206] lo speed is unknown, defaulting to 1000
[  390.589462][T10206] ������ speed is unknown, defaulting to 1000
[  390.956957][   T34] input: HID 0458:5013 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5013.0009/input/input17
[  390.981223][   T34] input: HID 0458:5013 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5013.0009/input/input18
[  391.057682][   T34] kye 0003:0458:5013.0009: input,hiddev0,hidraw0: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.1-1/input0
[  391.501550][T10218] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1055'.
[  392.231551][ T5975] usb 6-1: reset high-speed USB device number 13 using dummy_hcd
[  392.264483][ T5350] udevd invoked oom-killer: gfp_mask=0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), order=0, oom_score_adj=-1000
[  392.269109][ T5350] CPU: 2 UID: 0 PID: 5350 Comm: udevd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  392.269136][ T5350] Tainted: [L]=SOFTLOCKUP
[  392.269142][ T5350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  392.269152][ T5350] Call Trace:
[  392.269158][ T5350]  <TASK>
[  392.269164][ T5350]  dump_stack_lvl+0x16c/0x1f0
[  392.269189][ T5350]  dump_header+0x101/0x960
[  392.269212][ T5350]  oom_kill_process+0x176/0x910
[  392.269232][ T5350]  out_of_memory+0x350/0x1700
[  392.269255][ T5350]  ? __pfx_out_of_memory+0x10/0x10
[  392.269278][ T5350]  __alloc_frozen_pages_noprof+0x1dbc/0x2430
[  392.269315][ T5350]  ? __blk_flush_plug+0x2f3/0x4b0
[  392.269342][ T5350]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  392.269365][ T5350]  ? __pfx___blk_flush_plug+0x10/0x10
[  392.269390][ T5350]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  392.269408][ T5350]  ? policy_nodemask+0xea/0x4e0
[  392.269425][ T5350]  alloc_pages_mpol+0x1fb/0x550
[  392.269442][ T5350]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  392.269459][ T5350]  ? filemap_get_entry+0x1a7/0x3b0
[  392.269474][ T5350]  folio_alloc_noprof+0x20/0x2d0
[  392.269485][ T5350]  filemap_alloc_folio_noprof.part.0+0x39d/0x470
[  392.269503][ T5350]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  392.269524][ T5350]  __filemap_get_folio_mpol+0x610/0xc60
[  392.269540][ T5350]  filemap_fault+0x684/0x29d0
[  392.269556][ T5350]  ? __pfx_filemap_fault+0x10/0x10
[  392.269575][ T5350]  ? __pfx_filemap_map_pages+0x10/0x10
[  392.269586][ T5350]  __do_fault+0x10d/0x490
[  392.269600][ T5350]  ? __pfx_filemap_map_pages+0x10/0x10
[  392.269611][ T5350]  do_fault+0xae4/0x1ad0
[  392.269625][ T5350]  ? __pfx_filemap_map_pages+0x10/0x10
[  392.269640][ T5350]  __handle_mm_fault+0x1919/0x2bb0
[  392.269653][ T5350]  ? reacquire_held_locks+0xcd/0x1f0
[  392.269664][ T5350]  ? __pfx___handle_mm_fault+0x10/0x10
[  392.269677][ T5350]  ? lock_vma_under_rcu+0x176/0x580
[  392.269693][ T5350]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  392.269711][ T5350]  handle_mm_fault+0x3fe/0xad0
[  392.269725][ T5350]  do_user_addr_fault+0x60c/0x1370
[  392.269740][ T5350]  ? rcu_is_watching+0x12/0xc0
[  392.269757][ T5350]  exc_page_fault+0x64/0xc0
[  392.269771][ T5350]  asm_exc_page_fault+0x26/0x30
[  392.269781][ T5350] RIP: 0033:0x7f4bcba48320
[  392.269794][ T5350] Code: Unable to access opcode bytes at 0x7f4bcba482f6.
[  392.269799][ T5350] RSP: 002b:00007ffcf61e4418 EFLAGS: 00010246
[  392.269808][ T5350] RAX: 000056067e178500 RBX: 0000000000000068 RCX: 00000000000001c8
[  392.269819][ T5350] RDX: 00000000000001c8 RSI: 0000000000000000 RDI: 000056067e178500
[  392.269825][ T5350] RBP: 000056067e178910 R08: 0000000040000008 R09: 0000000000000000
[  392.269832][ T5350] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffcf61e458f
[  392.269838][ T5350] R13: 0000000000000049 R14: 00007ffcf61e44bc R15: 0000000000000000
[  392.269852][ T5350]  </TASK>
[  392.269856][ T5350] Mem-Info:
[  392.366846][ T5350] active_anon:0 inactive_anon:413 isolated_anon:0
[  392.366846][ T5350]  active_file:17 inactive_file:338 isolated_file:0
[  392.366846][ T5350]  unevictable:1768 dirty:0 writeback:0
[  392.366846][ T5350]  slab_reclaimable:6843 slab_unreclaimable:76297
[  392.366846][ T5350]  mapped:20578 shmem:1818 pagetables:1305
[  392.366846][ T5350]  sec_pagetables:330 bounce:0
[  392.366846][ T5350]  kernel_misc_reclaimable:0
[  392.366846][ T5350]  free:17993 free_pcp:221 free_cma:0
[  392.381197][ T5975] usb 6-1: device descriptor read/64, error -32
[  392.381636][ T5350] Node 0 active_anon:0kB inactive_anon:188kB active_file:0kB inactive_file:212kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9632kB pagetables:1756kB sec_pagetables:1164kB all_unreclaimable? yes Balloon:0kB
[  392.397963][ T5350] Node 1 active_anon:0kB inactive_anon:2208kB active_file:144kB inactive_file:2248kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:82796kB dirty:0kB writeback:0kB shmem:3736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5568kB pagetables:3464kB sec_pagetables:156kB all_unreclaimable? no Balloon:0kB
[  392.407708][ T5350] Node 0 DMA free:1740kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  392.428774][ T5350] lowmem_reserve[]: 0 289 289 289 289
[  392.430550][ T5350] Node 0 DMA32 free:8024kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:152kB active_file:0kB inactive_file:276kB unevictable:3536kB writepending:0kB zspages:2308kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:956kB local_pcp:0kB free_cma:0kB
[  392.446414][ T5350] lowmem_reserve[]: 0 0 0 0 0
[  392.447950][ T5350] Node 1 DMA32 free:62928kB boost:20480kB min:67624kB low:79408kB high:91192kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:1692kB active_file:0kB inactive_file:460kB unevictable:3536kB writepending:0kB zspages:5080kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  392.467602][ T5350] lowmem_reserve[]: 0 0 0 0 0
[  392.469244][ T5350] Node 0 DMA: 9*4kB (UM) 3*8kB (UM) 1*16kB (M) 2*32kB (UM) 3*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 1740kB
[  392.475541][ T5350] Node 0 DMA32: 112*4kB (UE) 60*8kB (UME) 41*16kB (UME) 95*32kB (UME) 28*64kB (UME) 10*128kB (UME) 5*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8976kB
[  392.481067][ T5350] Node 1 DMA32: 825*4kB (UME) 1419*8kB (UME) 866*16kB (UME) 301*32kB (UM) 175*64kB (UME) 58*128kB (UME) 16*256kB (ME) 2*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 61884kB
[  392.486725][ T5350] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  392.489674][ T5350] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  392.492896][ T5350] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  392.496328][ T5350] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  392.499560][ T5350] 3131 total pagecache pages
[  392.506972][ T5350] 441 pages in swap cache
[  392.508419][ T5350] Free swap  = 96784kB
[  392.509803][ T5350] Total swap = 124996kB
[  392.515111][ T5350] 524155 pages RAM
[  392.517685][ T5350] 0 pages HighMem/MovableOnly
[  392.520302][ T5350] 209047 pages reserved
[  392.521937][ T5350] 0 pages cma reserved
[  392.523404][ T5350] Unreclaimable slab info:
[  392.526433][ T5350] Name                      Used          Total
[  392.528889][ T5350] bio-184                    4KB          4KB
[  392.531106][ T5350] pid_3                     23KB         23KB
[  392.533155][ T5350] pid_2                     96KB        133KB
[  392.535230][ T5350] bio-472                   15KB         15KB
[  392.537359][ T5350] bio-536                   15KB         15KB
[  392.539444][ T5350] bio-552                   15KB         15KB
[  392.541664][ T5350] bio-584                   15KB         15KB
[  392.543717][ T5350] afs_inode_cache           30KB         30KB
[  392.545795][ T5350] zspage-zswap1            177KB        177KB
[  392.547918][ T5350] zs_handle-zswap1         223KB        224KB
[  392.550061][ T5350] zswap_entry              607KB        672KB
[  392.558271][ T5350] AF_VSOCK                 122KB        122KB
[  392.560381][ T5350] sw_flow_stats              4KB          4KB
[  392.567879][ T5350] sw_flow                   15KB         15KB
[  392.570306][ T5350] batadv_tt_change_cache         16KB         16KB
[  392.576358][ T5350] batadv_tl_cache           16KB         16KB
[  392.579933][ T5350] ceph_osd_request          63KB         63KB
[  392.583119][ T5350] ceph_msg                  23KB         23KB
[  392.585687][ T5350] IEEE-802.15.4-MAC        125KB        125KB
[  392.588446][ T5350] IEEE-802.15.4-RAW         31KB         31KB
[  392.595382][ T5350] p9_req_t                  55KB         55KB
[  392.599876][ T5350] INET_SMC                  31KB         31KB
[  392.604568][ T5350] SMC6                      93KB         93KB
[  392.608958][ T5350] SMC                       93KB         93KB
[  392.612936][ T5350] TIPC                     123KB        123KB
[  392.617335][ T5350] rds_tcp_incoming           7KB          7KB
[  392.621079][ T5975] usb 6-1: reset high-speed USB device number 13 using dummy_hcd
[  392.622118][ T5350] rds_tcp_connection         15KB         15KB
[  392.628083][ T5350] RDS                      123KB        123KB
[  392.631399][ T5350] rds_connection             7KB          7KB
[  392.635630][ T5350] SCTPv6                   152KB        270KB
[  392.642254][ T5350] SCTP                     122KB        122KB
[  392.647864][ T5350] sctp_chunk                93KB        132KB
[  392.649778][ T5350] sctp_bind_bucket          16KB         16KB
[  392.651844][ T5350] PNPIPE                    92KB         92KB
[  392.653793][ T5350] PHONET                    31KB         31KB
[  392.655721][ T5350] L2TP/IPv6                 95KB         95KB
[  392.657718][ T5350] L2TP/IP                   63KB         63KB
[  392.668662][ T5350] KCM                       93KB         93KB
[  392.671623][ T5350] kcm_mux                   47KB         47KB
[  392.674554][ T5350] RXRPC                    128KB        128KB
[  392.677705][ T5350] rxrpc_call_jar           401KB        478KB
[  392.681625][ T5350] can_receiver               7KB          7KB
[  392.685183][ T5350] net_bridge_fdb_entry         15KB         15KB
[  392.687232][ T5350] MPTCPv6                  125KB        125KB
[  392.689199][ T5350] fib6_node                109KB        132KB
[  392.692371][ T5350] ip6_dst_cache            255KB        414KB
[  392.698536][ T5350] PINGv6                    61KB         61KB
[  392.700641][ T5350] RAWv6                    216KB        216KB
[  392.703293][ T5350] UDPLITEv6                122KB        122KB
[  392.706899][ T5350] UDPv6                    562KB        704KB
[  392.709010][ T5350] tw_sock_TCPv6             31KB         31KB
[  392.712366][ T5350] request_sock_TCPv6         30KB         30KB
[  392.721036][ T5350] TCPv6                    417KB        417KB
[  392.729473][ T5350] nf_conntrack              63KB         63KB
[  392.732329][ T5350] wg_peer                  118KB        118KB
[  392.734515][ T5350] allowedips_node           11KB         11KB
[  392.736707][ T5350] ubi_wl_entry_slab          3KB          3KB
[  392.738899][ T5350] t10_alua_lu_gp_cache          7KB          7KB
[  392.751083][ T5350] scsi_sense_cache          48KB         48KB
[  392.751225][ T5975] usb 6-1: device descriptor read/64, error -32
[  392.753073][ T5350] virtio_scsi_cmd           16KB         16KB
[  392.760010][ T5350] bio-136                   96KB         96KB
[  392.762513][ T5350] io_kiocb                  93KB        171KB
[  392.767405][ T5350] bio-264                   23KB         23KB
[  392.769368][ T5350] mqueue_inode_cache        151KB        151KB
[  392.776809][ T5350] f2fs_bio_post_read_ctx         23KB         23KB
[  392.779128][ T5350] jfs_mp                     7KB          7KB
[  392.785690][ T5350] fuse_request              55KB         55KB
[  392.787657][ T5350] cifs_small_rq             16KB         16KB
[  392.790585][ T5350] cifs_request              67KB         67KB
[  392.792659][ T5350] cifs_mpx_ids               7KB          7KB
[  392.794594][ T5350] cifs_io_subrequest         39KB         39KB
[  392.796651][ T5350] cifs_io_request           95KB         95KB
[  392.798571][ T5350] nfs_commit_data           15KB         15KB
[  392.811677][ T5350] nfs_write_data            63KB         63KB
[  392.813752][ T5350] ecryptfs_sb_cache          7KB          7KB
[  392.815682][ T5350] jbd2_inode                 7KB          7KB
[  392.822010][ T5350] ext4_system_zone           3KB          3KB
[  392.824278][ T5350] ext4_io_end_vec           15KB         15KB
[  392.826301][ T5350] kioctx                   127KB        127KB
[  392.828222][ T5350] aio_kiocb                 31KB         31KB
[  392.833131][ T5350] userfaultfd_ctx_cache         63KB         63KB
[  392.837956][ T5350] fasync_cache              11KB         11KB
[  392.840007][ T5350] pid_namespace             61KB         61KB
[  392.842991][ T5350] kvm_gmem_inode_cache         63KB         63KB
[  392.845029][ T5350] kvm_vcpu                 185KB        185KB
[  392.847120][ T5350] kvm_mmu_page_header         81KB         81KB
[  392.849156][ T5350] pte_list_desc             51KB         51KB
[  392.868223][T10227] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  392.871281][ T5350] x86_emulator             126KB        126KB
[  392.873732][ T5350] rpc_buffers               31KB         31KB
[  392.876381][ T5350] rpc_tasks                  7KB          7KB
[  392.879086][ T5350] UNIX-STREAM              214KB        214KB
[  392.890662][T10227] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  392.892050][ T5350] UNIX                     507KB        888KB
[  392.896082][ T5350] UDP-Lite                 123KB        123KB
[  392.898215][ T5350] MPTCP                    120KB        120KB
[  392.900827][ T5350] request_sock_subflow_v4         15KB         15KB
[  392.901266][T10227] overlayfs: failed to look up (tracing) for ino (-66)
[  392.911144][ T5350] tcp_bind2_bucket          16KB         16KB
[  392.913867][ T5350] tcp_bind_bucket           16KB         16KB
[  392.923080][   T40] kauditd_printk_skb: 80 callbacks suppressed
[  392.923091][   T40] audit: type=1326 audit(1765637349.507:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10225 comm="syz.3.1062" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x0
[  392.926897][ T5350] xfrm_state               127KB        127KB
[  392.935958][ T5350] ip_fib_trie               32KB         32KB
[  392.938311][ T5350] ip_fib_alias              75KB         83KB
[  392.942961][ T5350] rtable                    55KB         96KB
[  392.945926][ T5350] PING                      63KB         63KB
[  392.948378][ T5350] RAW                      159KB        159KB
[  392.950914][ T5350] UDP                      123KB        123KB
[  392.954117][ T5350] tw_sock_TCP               31KB         31KB
[  392.956944][ T5350] request_sock_TCP          23KB         23KB
[  392.959535][ T5350] TCP                      430KB        573KB
[  392.962688][ T5350] hugetlbfs_inode_cache        125KB        125KB
[  392.965229][ T5350] fscache_cookie_jar          7KB          7KB
[  392.971085][ T5350] netfs_subrequest          31KB         31KB
[  392.973600][ T5350] netfs_request             95KB         95KB
[  392.989400][ T5350] bio-280                   15KB         15KB
[  392.994539][ T5350] ep_head                   16KB         16KB
[  393.001058][ T5350] eventpoll_pwq             23KB         23KB
[  393.001475][ T5975] usb 6-1: reset high-speed USB device number 13 using dummy_hcd
[  393.003048][ T5350] eventpoll_epi             59KB         59KB
[  393.007420][ T5350] inotify_inode_mark         27KB         27KB
[  393.009516][ T5350] sgpool-128                29KB         29KB
[  393.021039][ T5350] sgpool-64                 31KB         31KB
[  393.021722][ T5975] usb 6-1: device descriptor read/8, error -32
[  393.023125][ T5350] sgpool-32                403KB        409KB
[  393.023136][ T5350] sgpool-16                156KB        156KB
[  393.023143][ T5350] sgpool-8                 156KB        156KB
[  393.023151][ T5350] bio_crypt_ctx              7KB          7KB
[  393.023158][ T5350] bio_integrity_data          4KB          4KB
[  393.023165][ T5350] request_queue            247KB        247KB
[  393.023173][ T5350] blkdev_ioc                 7KB          7KB
[  393.023180][ T5350] bio-200                  452KB        476KB
[  393.023188][ T5350] biovec-max               884KB       1020KB
[  393.023196][ T5350] biovec-64                526KB        535KB
[  393.023203][ T5350] biovec-16                109KB        109KB
[  393.023211][ T5350] mm_slot                    7KB          7KB
[  393.023220][ T5350] uid_cache                 23KB         23KB
[  393.023227][ T5350] iommu_iova_magazine       1064KB       1102KB
[  393.023235][ T5350] iommu_iova               236KB        236KB
[  393.023242][ T5350] dmaengine-unmap-256         30KB         30KB
[  393.023249][ T5350] dmaengine-unmap-128         30KB         30KB
[  393.023256][ T5350] dmaengine-unmap-16          4KB          4KB
[  393.023263][ T5350] dmaengine-unmap-2          4KB          4KB
[  393.023271][ T5350] QIPCRTR                  125KB        125KB
[  393.023278][ T5350] audit_buffer              97KB        117KB
[  393.023286][ T5350] skbuff_ext_cache          64KB         84KB
[  393.023296][ T5350] skbuff_small_head        919KB       1157KB
[  393.023304][ T5350] skbuff_fclone_cache        185KB        312KB
[  393.023313][ T5350] skbuff_head_cache        796KB        882KB
[  393.023320][ T5350] configfs_dir_cache         16KB         16KB
[  393.023327][ T5350] file_lease_cache           7KB          7KB
[  393.023334][ T5350] file_lock_cache           31KB         31KB
[  393.023341][ T5350] file_lock_ctx             15KB         15KB
[  393.023349][ T5350] fsnotify_mark_connector         15KB         15KB
[  393.161054][ T5350] posix_timers_cache         32KB         32KB
[  393.163154][ T5350] taskstats                 61KB         61KB
[  393.165109][ T5350] mem_cgroup_per_node         74KB         92KB
[  393.167089][ T5350] mem_cgroup                59KB         59KB
[  393.169036][ T5350] proc_dir_entry           769KB        820KB
[  393.170938][ T5350] pde_opener                15KB         15KB
[  393.181071][ T5350] seq_file                  93KB        132KB
[  393.183255][ T5350] sigqueue                  66KB         86KB
[  393.185378][ T5350] shmem_inode_cache       7781KB       7927KB
[  393.187313][ T5350] kernfs_iattrs_cache         15KB         15KB
[  393.189309][ T5350] kernfs_node_cache      31196KB      31273KB
[  393.201217][ T5350] mnt_cache                173KB        204KB
[  393.203183][ T5350] bfilp                     31KB         31KB
[  393.205142][ T5350] filp                     383KB        551KB
[  393.207083][ T5350] names_cache             5206KB       5831KB
[  393.209026][ T5350] net_namespace            169KB        169KB
[  393.221047][ T5350] ima_iint_cache            55KB         55KB
[  393.223032][ T5350] lsm_inode_cache         1466KB       1901KB
[  393.224988][ T5350] lsm_file_cache           142KB        204KB
[  393.226920][ T5350] key_jar                   31KB         31KB
[  393.229002][ T5350] uts_namespace             46KB         46KB
[  393.241574][ T5350] nsproxy                   19KB         19KB
[  393.243550][ T5350] vm_area_struct           813KB       1164KB
[  393.245683][ T5350] fs_cache                  72KB         92KB
[  393.247774][ T5350] files_cache              246KB        318KB
[  393.261049][ T5350] signal_cache            1176KB       2002KB
[  393.261121][ T5975] usb 6-1: reset high-speed USB device number 13 using dummy_hcd
[  393.263214][ T5350] sighand_cache           1253KB       2194KB
[  393.263228][ T5350] task_struct             4759KB       5126KB
[  393.263244][ T5350] cred                     170KB        404KB
[  393.263255][ T5350] anon_vma_chain           242KB        299KB
[  393.263265][ T5350] anon_vma                 287KB        446KB
[  393.263276][ T5350] pid                      201KB        433KB
[  393.263289][ T5350] Acpi-Operand             262KB        376KB
[  393.263297][ T5350] Acpi-ParseExt             94KB        129KB
[  393.263305][ T5350] Acpi-Parse                47KB         86KB
[  393.263313][ T5350] Acpi-State                55KB         90KB
[  393.263320][ T5350] Acpi-Namespace            56KB         56KB
[  393.263328][ T5350] shared_policy_node          4KB          4KB
[  393.263335][ T5350] numa_policy               15KB         15KB
[  393.263342][ T5350] perf_event                31KB         31KB
[  393.263349][ T5350] trace_event_file         528KB        528KB
[  393.263357][ T5350] ftrace_event_field       1004KB       1004KB
[  393.263364][ T5350] pool_workqueue          1850KB       1888KB
[  393.263372][ T5350] task_group                30KB         30KB
[  393.263390][ T5350] maple_node               801KB       1512KB
[  393.263398][ T5350] mm_struct                437KB        612KB
[  393.263410][ T5350] vmap_area                746KB        930KB
[  393.263426][ T5350] debug_objects_cache       2303KB       2383KB
[  393.263435][ T5350] page->ptl                118KB        157KB
[  393.263443][ T5350] kmalloc-cg-8k           1472KB       1664KB
[  393.263453][ T5350] kmalloc-cg-4k          13040KB      13536KB
[  393.263463][ T5350] kmalloc-cg-2k           8144KB       8576KB
[  393.263472][ T5350] kmalloc-cg-1k           2364KB       2528KB
[  393.263481][ T5350] kmalloc-cg-512          1269KB       1296KB
[  393.263489][ T5350] kmalloc-cg-256           402KB        432KB
[  393.263496][ T5350] kmalloc-cg-128           244KB        252KB
[  393.263504][ T5350] kmalloc-cg-64             91KB        100KB
[  393.263514][ T5350] kmalloc-cg-32             85KB        172KB
[  393.263521][ T5350] kmalloc-cg-16             20KB         20KB
[  393.263529][ T5350] kmalloc-cg-8              31KB         32KB
[  393.263536][ T5350] kmalloc-cg-192            82KB         88KB
[  393.263543][ T5350] kmalloc-cg-96             68KB         68KB
[  393.263560][ T5350] kmalloc-8k              4304KB       4352KB
[  393.263570][ T5350] kmalloc-4k             18408KB      18752KB
[  393.263579][ T5350] kmalloc-2k             12512KB      13056KB
[  393.263592][ T5350] kmalloc-1k              6478KB       7328KB
[  393.263606][ T5350] kmalloc-512             8818KB       9216KB
[  393.263621][ T5350] kmalloc-256             4308KB       4576KB
[  393.263663][ T5350] kmalloc-128             1965KB       3012KB
[  393.263682][ T5350] kmalloc-64              2903KB       3040KB
[  393.263703][ T5350] kmalloc-32              1660KB       1856KB
[  393.263713][ T5350] kmalloc-16               435KB        456KB
[  393.263724][ T5350] kmalloc-8               1067KB       1136KB
[  393.263737][ T5350] kmalloc-192             2317KB       2436KB
[  393.263749][ T5350] kmalloc-96              1457KB       1540KB
[  393.263757][ T5350] kmem_cache_node          225KB        228KB
[  393.263765][ T5350] kmem_cache               187KB        187KB
[  393.263772][ T5350] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz0,task=syz.0.1061,pid=10219,uid=0
[  393.264071][ T5350] Out of memory: OOM victim 10219 (syz.0.1061) is already exiting. Skip killing the task
[  393.432228][ T5975] usb 6-1: device descriptor read/8, error -32
[  393.541159][ T5975] raw-gadget.0 gadget.1: failed to queue suspend event
[  393.546087][   T34] usb 6-1: USB disconnect, device number 13
[  393.642814][   T34] raw-gadget.0 gadget.1: failed to queue reset event
[  393.657829][T10200] raw-gadget.0 gadget.1: failed to queue disconnect event
[  393.979271][T10243] 9pnet_virtio: no channels available for device syz
[  393.983706][T10243] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  394.003217][T10243] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  394.006247][T10243] overlayfs: failed to look up (tracing) for ino (-66)
[  394.140658][T10254] 9pnet_virtio: no channels available for device syz
[  394.342045][T10254] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  394.849632][T10254] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  394.905727][T10254] overlayfs: failed to look up (tracing) for ino (-66)
[  395.915052][T10273] Cannot find add_set index 32771 as target
[  395.983161][T10274] lo speed is unknown, defaulting to 1000
[  395.988452][T10274] ������ speed is unknown, defaulting to 1000
[  396.337816][T10285] batadv_slave_0: left promiscuous mode
[  396.349999][T10285] vlan2: left promiscuous mode
[  396.356941][T10285] bond0: left promiscuous mode
[  396.501450][   T24] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  396.547538][T10288] 9pnet_virtio: no channels available for device syz
[  396.551786][T10288] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  396.571316][T10288] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  396.574470][T10288] overlayfs: failed to look up (tracing) for ino (-66)
[  396.661169][   T24] usb 6-1: Using ep0 maxpacket: 8
[  396.672706][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  396.675546][   T24] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  396.679306][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.729350][   T24] usb 6-1: config 0 descriptor??
[  397.157059][   T24] hid_parser_main: 5 callbacks suppressed
[  397.157072][   T24] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  397.161640][   T24] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  397.163871][   T24] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  397.166190][   T24] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  397.168395][   T24] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  397.170956][   T24] mcp2221 0003:04D8:00DD.000A: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  397.251717][T10296] lo speed is unknown, defaulting to 1000
[  397.255405][T10296] ������ speed is unknown, defaulting to 1000
[  397.260218][T10295] lo speed is unknown, defaulting to 1000
[  397.361175][   T24] usb 6-1: USB disconnect, device number 15
[  397.385914][T10295] ������ speed is unknown, defaulting to 1000
[  397.515369][ T5941] Bluetooth: hci2: unexpected event for opcode 0x0c7b
[  398.381173][   T34] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  398.511141][   T34] usb 7-1: device descriptor read/64, error -71
[  398.637168][T10324] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  398.660024][T10324] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  398.663232][T10324] overlayfs: failed to look up (tracing) for ino (-66)
[  398.751076][   T34] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  398.765933][T10327] fuse: Bad value for 'user_id'
[  398.767572][T10327] fuse: Bad value for 'user_id'
[  398.891265][   T34] usb 7-1: device descriptor read/64, error -71
[  399.001658][   T34] usb usb7-port1: attempt power cycle
[  399.361205][   T34] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  399.382418][   T34] usb 7-1: device descriptor read/8, error -71
[  399.586073][T10335] usb usb5: usbfs: process 10335 (syz.3.1089) did not claim interface 0 before use
[  399.624790][T10335] lo speed is unknown, defaulting to 1000
[  399.627328][T10335] ������ speed is unknown, defaulting to 1000
[  399.631092][   T34] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[  399.652713][T10336] lo speed is unknown, defaulting to 1000
[  399.653881][   T34] usb 7-1: device descriptor read/8, error -71
[  399.760418][T10336] ������ speed is unknown, defaulting to 1000
[  399.761380][   T34] usb usb7-port1: unable to enumerate USB device
[  400.306038][T10350] usb usb5: usbfs: process 10350 (syz.1.1092) did not claim interface 0 before use
[  400.336521][T10350] lo speed is unknown, defaulting to 1000
[  400.339230][T10350] ������ speed is unknown, defaulting to 1000
[  400.666403][T10355] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  400.668643][T10355] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  400.696477][T10355] vhci_hcd vhci_hcd.0: Device attached
[  400.961519][   T24] usb 38-1: SetAddress Request (7) to port 0
[  400.963958][   T24] usb 38-1: new SuperSpeed USB device number 7 using vhci_hcd
[  401.164107][T10356] vhci_hcd: connection reset by peer
[  401.183377][ T6142] vhci_hcd vhci_hcd.0: stop threads
[  401.185588][ T6142] vhci_hcd vhci_hcd.0: release socket
[  401.188019][ T6142] vhci_hcd vhci_hcd.0: disconnect device
[  402.262643][T10379] netlink: 'syz.2.1100': attribute type 4 has an invalid length.
[  402.265104][T10379] netlink: 'syz.2.1100': attribute type 1 has an invalid length.
[  402.267606][T10379] netlink: 228 bytes leftover after parsing attributes in process `syz.2.1100'.
[  402.958765][T10381] usb usb5: usbfs: process 10381 (syz.2.1101) did not claim interface 0 before use
[  402.973561][T10381] lo speed is unknown, defaulting to 1000
[  402.976248][T10381] ������ speed is unknown, defaulting to 1000
[  403.093854][T10371] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  403.113232][T10371] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  403.116518][T10371] overlayfs: failed to look up (tracing) for ino (-66)
[  403.382160][T10395] 9pnet_virtio: no channels available for device syz
[  403.561772][T10398] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  404.397261][T10417] fuse: Bad value for 'user_id'
[  404.398836][T10417] fuse: Bad value for 'user_id'
[  406.031194][   T24] usb 38-1: device descriptor read/8, error -110
[  406.045563][T10429] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  406.065233][T10429] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  406.068435][T10429] overlayfs: failed to look up (tracing) for ino (-66)
[  406.130746][T10427] usb usb5: usbfs: process 10427 (syz.1.1114) did not claim interface 0 before use
[  406.152783][T10427] lo speed is unknown, defaulting to 1000
[  406.155301][T10427] ������ speed is unknown, defaulting to 1000
[  406.294421][T10440] ebtables: wrong size: *len 168, entries_size 48, replsz 48
[  406.591036][   T40] audit: type=1326 audit(1765637363.137:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10439 comm="syz.2.1117" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14579 code=0x7ffc0000
[  406.600854][   T40] audit: type=1326 audit(1765637363.137:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10439 comm="syz.2.1117" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f14579 code=0x7ffc0000
[  406.895777][   T40] audit: type=1326 audit(1765637363.207:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10439 comm="syz.2.1117" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14579 code=0x7ffc0000
[  406.903550][   T40] audit: type=1326 audit(1765637363.207:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10439 comm="syz.2.1117" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14579 code=0x7ffc0000
[  407.103285][T10454] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1119'.
[  407.214294][   T24] usb usb38-port1: attempt power cycle
[  407.851825][   T24] usb usb38-port1: unable to enumerate USB device
[  408.428919][T10463] usb usb5: usbfs: process 10463 (syz.0.1122) did not claim interface 0 before use
[  408.432488][T10466] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  408.452557][T10466] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  408.455610][T10466] overlayfs: failed to look up (tracing) for ino (-66)
[  408.532806][T10463] lo speed is unknown, defaulting to 1000
[  408.536418][T10463] ������ speed is unknown, defaulting to 1000
[  408.553701][T10477] 9pnet_virtio: no channels available for device syz
[  408.562242][T10477] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  408.576900][T10477] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  408.586983][T10477] overlayfs: failed to look up (tracing) for ino (-66)
[  408.721204][T10479] binder: 10478:10479 ioctl c0306201 80000240 returned -11
[  408.977811][T10495] FAULT_INJECTION: forcing a failure.
[  408.977811][T10495] name failslab, interval 1, probability 0, space 0, times 0
[  408.977841][T10495] CPU: 2 UID: 0 PID: 10495 Comm: syz.3.1132 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  408.977865][T10495] Tainted: [L]=SOFTLOCKUP
[  408.977871][T10495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  408.977880][T10495] Call Trace:
[  408.977886][T10495]  <TASK>
[  408.977892][T10495]  dump_stack_lvl+0x16c/0x1f0
[  408.978004][T10495]  should_fail_ex+0x512/0x640
[  408.978051][T10495]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  408.978075][T10495]  should_failslab+0xc2/0x120
[  408.978099][T10495]  kmem_cache_alloc_node_noprof+0x86/0x800
[  408.978119][T10495]  ? alloc_vmap_area+0x66f/0x2a50
[  408.978141][T10495]  ? __pfx___might_resched+0x10/0x10
[  408.978168][T10495]  ? alloc_vmap_area+0x66f/0x2a50
[  408.978189][T10495]  alloc_vmap_area+0x66f/0x2a50
[  408.978222][T10495]  ? __pfx_alloc_vmap_area+0x10/0x10
[  408.978252][T10495]  __get_vm_area_node+0x1ca/0x330
[  408.978282][T10495]  __vmalloc_node_range_noprof+0x247/0x16b0
[  408.978298][T10495]  ? vc_do_resize+0x24d/0x10e0
[  408.978321][T10495]  ? find_held_lock+0x2b/0x80
[  408.978342][T10495]  ? vc_do_resize+0x24d/0x10e0
[  408.978359][T10495]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  408.978388][T10495]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  408.978412][T10495]  ? rcu_is_watching+0x12/0xc0
[  408.978436][T10495]  ? vc_do_resize+0x24d/0x10e0
[  408.978452][T10495]  __vmalloc_node_noprof+0xad/0xf0
[  408.978468][T10495]  ? vc_do_resize+0x24d/0x10e0
[  408.978487][T10495]  vc_do_resize+0x24d/0x10e0
[  408.978512][T10495]  ? rcu_read_unlock+0x17/0x60
[  408.978536][T10495]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  408.978561][T10495]  ? __pfx_vc_do_resize+0x10/0x10
[  408.978578][T10495]  ? lruvec_stat_mod_folio+0x25b/0x3b0
[  408.978606][T10495]  fbcon_do_set_font+0x449/0x940
[  408.978638][T10495]  fbcon_set_font+0xaef/0xc90
[  408.978669][T10495]  ? __pfx_fbcon_set_font+0x10/0x10
[  408.978692][T10495]  con_font_op+0x77e/0x1040
[  408.978721][T10495]  ? __pfx_con_font_op+0x10/0x10
[  408.978741][T10495]  ? __might_fault+0xe3/0x190
[  408.978759][T10495]  ? __might_fault+0xe3/0x190
[  408.978776][T10495]  ? __might_fault+0x13b/0x190
[  408.978802][T10495]  vt_compat_ioctl+0x369/0x4e0
[  408.978830][T10495]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  408.978854][T10495]  ? hook_file_ioctl_common+0x144/0x410
[  408.978876][T10495]  ? __fget_files+0x20e/0x3c0
[  408.978896][T10495]  ? fput+0x40/0xf0
[  408.978912][T10495]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  408.978937][T10495]  tty_compat_ioctl+0x2f1/0x4d0
[  408.978957][T10495]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  408.978978][T10495]  __ia32_compat_sys_ioctl+0x242/0x370
[  408.979001][T10495]  __do_fast_syscall_32+0xe8/0x680
[  408.979026][T10495]  do_fast_syscall_32+0x32/0x80
[  408.979048][T10495]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  408.979069][T10495] RIP: 0023:0xf7f05579
[  408.979083][T10495] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  408.979099][T10495] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  408.979111][T10495] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b72
[  408.979118][T10495] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  408.979124][T10495] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  408.979130][T10495] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  408.979136][T10495] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  408.979150][T10495]  </TASK>
[  408.979301][T10495] syz.3.1132: vmalloc error: size 23360, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  408.979444][T10495] CPU: 2 UID: 0 PID: 10495 Comm: syz.3.1132 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  408.979460][T10495] Tainted: [L]=SOFTLOCKUP
[  408.979463][T10495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  408.979469][T10495] Call Trace:
[  408.979473][T10495]  <TASK>
[  408.979477][T10495]  dump_stack_lvl+0x16c/0x1f0
[  408.979492][T10495]  warn_alloc+0x248/0x3a0
[  408.979506][T10495]  ? __pfx_warn_alloc+0x10/0x10
[  408.979518][T10495]  ? kfree+0x2f8/0x6e0
[  408.979529][T10495]  ? __get_vm_area_node+0x2cd/0x330
[  408.979548][T10495]  ? __get_vm_area_node+0x2cd/0x330
[  408.979564][T10495]  ? __get_vm_area_node+0x1dc/0x330
[  408.979579][T10495]  ? __get_vm_area_node+0x208/0x330
[  408.979599][T10495]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  408.979613][T10495]  ? find_held_lock+0x2b/0x80
[  408.979626][T10495]  ? vc_do_resize+0x24d/0x10e0
[  408.979638][T10495]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  408.979656][T10495]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  408.979671][T10495]  ? rcu_is_watching+0x12/0xc0
[  408.979688][T10495]  ? vc_do_resize+0x24d/0x10e0
[  408.979705][T10495]  __vmalloc_node_noprof+0xad/0xf0
[  408.979715][T10495]  ? vc_do_resize+0x24d/0x10e0
[  408.979727][T10495]  vc_do_resize+0x24d/0x10e0
[  408.979743][T10495]  ? rcu_read_unlock+0x17/0x60
[  408.979759][T10495]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  408.979776][T10495]  ? __pfx_vc_do_resize+0x10/0x10
[  408.979787][T10495]  ? lruvec_stat_mod_folio+0x25b/0x3b0
[  408.979805][T10495]  fbcon_do_set_font+0x449/0x940
[  408.979826][T10495]  fbcon_set_font+0xaef/0xc90
[  408.979845][T10495]  ? __pfx_fbcon_set_font+0x10/0x10
[  408.979860][T10495]  con_font_op+0x77e/0x1040
[  408.979876][T10495]  ? __pfx_con_font_op+0x10/0x10
[  408.979889][T10495]  ? __might_fault+0xe3/0x190
[  408.979901][T10495]  ? __might_fault+0xe3/0x190
[  408.979912][T10495]  ? __might_fault+0x13b/0x190
[  408.979929][T10495]  vt_compat_ioctl+0x369/0x4e0
[  408.979947][T10495]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  408.979965][T10495]  ? hook_file_ioctl_common+0x144/0x410
[  408.979979][T10495]  ? __fget_files+0x20e/0x3c0
[  408.979993][T10495]  ? fput+0x40/0xf0
[  408.980002][T10495]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  408.980019][T10495]  tty_compat_ioctl+0x2f1/0x4d0
[  408.980032][T10495]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  408.980046][T10495]  __ia32_compat_sys_ioctl+0x242/0x370
[  408.980061][T10495]  __do_fast_syscall_32+0xe8/0x680
[  408.980076][T10495]  do_fast_syscall_32+0x32/0x80
[  408.980091][T10495]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  408.980104][T10495] RIP: 0023:0xf7f05579
[  408.980112][T10495] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  408.980122][T10495] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  408.980131][T10495] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b72
[  408.980138][T10495] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  408.980144][T10495] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  408.980150][T10495] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  408.980156][T10495] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  408.980170][T10495]  </TASK>
[  408.980173][T10495] Mem-Info:
[  408.980179][T10495] active_anon:3335 inactive_anon:674 isolated_anon:0
[  408.980179][T10495]  active_file:580 inactive_file:2041 isolated_file:0
[  408.980179][T10495]  unevictable:1768 dirty:126 writeback:0
[  408.980179][T10495]  slab_reclaimable:6460 slab_unreclaimable:77132
[  408.980179][T10495]  mapped:24571 shmem:4649 pagetables:1330
[  408.980179][T10495]  sec_pagetables:340 bounce:0
[  408.980179][T10495]  kernel_misc_reclaimable:0
[  408.980179][T10495]  free:28636 free_pcp:5650 free_cma:0
[  408.980206][T10495] Node 0 active_anon:72kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9632kB pagetables:1756kB sec_pagetables:1196kB all_unreclaimable? yes Balloon:0kB
[  408.980232][T10495] Node 1 active_anon:13268kB inactive_anon:2696kB active_file:2184kB inactive_file:8164kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98268kB dirty:504kB writeback:0kB shmem:15060kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5440kB pagetables:3564kB sec_pagetables:164kB all_unreclaimable? no Balloon:0kB
[  408.980259][T10495] Node 0 DMA free:1740kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  408.980290][T10495] lowmem_reserve[]: 0 289 289 289 289
[  408.980310][T10495] Node 0 DMA32 free:9888kB boost:29992kB min:43324kB low:46656kB high:49988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:72kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:3536kB writepending:0kB zspages:1716kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:40kB local_pcp:0kB free_cma:0kB
[  408.980342][T10495] lowmem_reserve[]: 0 0 0 0 0
[  408.980361][T10495] Node 1 DMA32 free:102916kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13268kB inactive_anon:2696kB active_file:2184kB inactive_file:8164kB unevictable:3536kB writepending:504kB zspages:5152kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:22560kB local_pcp:1616kB free_cma:0kB
[  408.980394][T10495] lowmem_reserve[]: 0 0 0 0 0
[  408.980413][T10495] Node 0 DMA: 9*4kB (UM) 3*8kB (UM) 1*16kB (M) 2*32kB (UM) 3*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 1740kB
[  408.980499][T10495] Node 0 DMA32: 160*4kB (UME) 92*8kB (UME) 26*16kB (UME) 83*32kB (UME) 37*64kB (UME) 10*128kB (UME) 7*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9888kB
[  408.980578][T10495] Node 1 DMA32: 1079*4kB (UM) 1261*8kB (UME) 627*16kB (UME) 197*32kB (UM) 250*64kB (UME) 140*128kB (UME) 75*256kB (UME) 33*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 102804kB
[  408.980704][T10495] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  408.980714][T10495] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  408.980723][T10495] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  408.980732][T10495] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  408.980740][T10495] 8143 total pagecache pages
[  408.980744][T10495] 827 pages in swap cache
[  408.980748][T10495] Free swap  = 98532kB
[  408.980752][T10495] Total swap = 124996kB
[  408.980757][T10495] 524155 pages RAM
[  408.980761][T10495] 0 pages HighMem/MovableOnly
[  408.980765][T10495] 209047 pages reserved
[  408.980768][T10495] 0 pages cma reserved
[  409.807022][T10502] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1134'.
[  409.963019][T10506] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1134'.
[  410.113310][T10504] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  410.115448][T10504] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  410.117530][T10504] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  410.641079][ T5975] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  410.802457][ T5975] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  410.805019][ T5975] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  410.808128][ T5975] usb 7-1: config 0 interface 0 has no altsetting 0
[  410.813750][ T5975] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  410.816746][ T5975] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  410.819290][ T5975] usb 7-1: Product: syz
[  410.820574][ T5975] usb 7-1: Manufacturer: syz
[  410.822143][ T5975] usb 7-1: SerialNumber: syz
[  410.825767][ T5975] usb 7-1: config 0 descriptor??
[  410.829146][ T5975] hub 7-1:0.0: bad descriptor, ignoring hub
[  410.831646][ T5975] hub 7-1:0.0: probe with driver hub failed with error -5
[  410.837697][ T5975] usb 7-1: selecting invalid altsetting 0
[  410.891169][ T6192] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  411.042911][ T6192] usb 5-1: config index 0 descriptor too short (expected 39, got 27)
[  411.045696][ T6192] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  411.048989][ T6192] usb 5-1: config 0 interface 0 has no altsetting 0
[  411.052972][ T6192] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  411.055942][ T6192] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  411.058577][ T6192] usb 5-1: Product: syz
[  411.060050][ T6192] usb 5-1: Manufacturer: syz
[  411.062288][ T6192] usb 5-1: SerialNumber: syz
[  411.065722][ T6192] usb 5-1: config 0 descriptor??
[  411.070076][ T6192] hub 5-1:0.0: bad descriptor, ignoring hub
[  411.072351][ T6192] hub 5-1:0.0: probe with driver hub failed with error -5
[  411.076137][ T6192] usb 5-1: selecting invalid altsetting 0
[  411.431353][   T34] usb 5-1: USB disconnect, device number 13
[  411.733829][T10514] usb 7-1: reset high-speed USB device number 11 using dummy_hcd
[  411.771386][   T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  411.901090][   T24] usb 5-1: device descriptor read/64, error -71
[  412.141130][   T24] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  412.181170][ T5941] Bluetooth: hci3: command 0x0c1a tx timeout
[  412.181282][ T5954] Bluetooth: hci2: command 0x0c1a tx timeout
[  412.183416][ T5941] Bluetooth: hci1: command 0x0c1a tx timeout
[  412.271264][   T24] usb 5-1: device descriptor read/64, error -71
[  412.381462][   T24] usb usb5-port1: attempt power cycle
[  412.383154][ T6192] usb 7-1: USB disconnect, device number 11
[  412.469463][T10537] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  412.489018][T10537] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  412.492504][T10537] overlayfs: failed to look up (tracing) for ino (-66)
[  412.721079][   T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  412.761820][   T24] usb 5-1: device descriptor read/8, error -71
[  412.939345][T10543] input: syz1 as /devices/virtual/input/input20
[  413.031134][   T24] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  413.052500][   T24] usb 5-1: device descriptor read/8, error -71
[  413.171433][   T24] usb usb5-port1: unable to enumerate USB device
[  413.756094][T10552] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1147'.
[  413.793749][T10552] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1147'.
[  414.691435][T10533] Bluetooth: hci1: unexpected event for opcode 0x0c7b
[  414.943076][T10580] usb usb5: usbfs: process 10580 (syz.3.1151) did not claim interface 0 before use
[  415.008668][T10580] lo speed is unknown, defaulting to 1000
[  415.015692][T10580] ������ speed is unknown, defaulting to 1000
[  415.350150][T10582] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1155'.
[  415.908621][T10589] loop9: detected capacity change from 0 to 7
[  415.951923][ T8659] Dev loop9: unable to read RDB block 7
[  415.953748][ T8659]  loop9: unable to read partition table
[  415.955604][ T8659] loop9: partition table beyond EOD, truncated
[  415.960880][T10589] Dev loop9: unable to read RDB block 7
[  415.971131][T10589]  loop9: unable to read partition table
[  415.975021][T10589] loop9: partition table beyond EOD, truncated
[  415.991215][T10589] loop_reread_partitions: partition scan of loop9 (�被x������ ) failed (rc=-5)
[  416.356849][T10599] netlink: 'syz.2.1159': attribute type 13 has an invalid length.
[  416.370265][T10600] usb usb5: usbfs: process 10600 (syz.0.1158) did not claim interface 0 before use
[  416.797947][T10599] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  416.824533][T10600] lo speed is unknown, defaulting to 1000
[  416.827659][T10600] ������ speed is unknown, defaulting to 1000
[  417.547603][T10533] Bluetooth: hci2: unexpected event for opcode 0x0c7b
[  417.911744][T10616] FAULT_INJECTION: forcing a failure.
[  417.911744][T10616] name failslab, interval 1, probability 0, space 0, times 0
[  417.916825][T10616] CPU: 1 UID: 0 PID: 10616 Comm: syz.3.1162 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  417.916854][T10616] Tainted: [L]=SOFTLOCKUP
[  417.916857][T10616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.916865][T10616] Call Trace:
[  417.916869][T10616]  <TASK>
[  417.916874][T10616]  dump_stack_lvl+0x16c/0x1f0
[  417.916891][T10616]  should_fail_ex+0x512/0x640
[  417.916909][T10616]  ? __kmalloc_noprof+0xca/0x910
[  417.916923][T10616]  should_failslab+0xc2/0x120
[  417.916940][T10616]  __kmalloc_noprof+0xeb/0x910
[  417.916951][T10616]  ? rcu_is_watching+0x12/0xc0
[  417.916967][T10616]  ? iovec_from_user+0x108/0x140
[  417.916986][T10616]  ? iovec_from_user+0x108/0x140
[  417.917002][T10616]  iovec_from_user+0x108/0x140
[  417.917020][T10616]  __import_iovec+0x88/0x650
[  417.917040][T10616]  import_iovec+0x86/0xb0
[  417.917059][T10616]  vfs_writev+0x19b/0xde0
[  417.917073][T10616]  ? preempt_schedule_thunk+0x16/0x30
[  417.917087][T10616]  ? __pfx_vfs_writev+0x10/0x10
[  417.917103][T10616]  ? vfs_write+0x454/0x11d0
[  417.917125][T10616]  ? find_held_lock+0x2b/0x80
[  417.917161][T10616]  ? __fget_files+0x20e/0x3c0
[  417.917184][T10616]  ? __fget_files+0x170/0x3c0
[  417.917214][T10616]  ? do_writev+0x132/0x340
[  417.917229][T10616]  do_writev+0x132/0x340
[  417.917243][T10616]  ? __pfx_do_writev+0x10/0x10
[  417.917261][T10616]  __do_fast_syscall_32+0xe8/0x680
[  417.917277][T10616]  do_fast_syscall_32+0x32/0x80
[  417.917291][T10616]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.917305][T10616] RIP: 0023:0xf7f05579
[  417.917313][T10616] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.917324][T10616] RSP: 002b:00000000f53d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  417.917335][T10616] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000a40
[  417.917341][T10616] RDX: 0000000000000021 RSI: 0000000000000000 RDI: 0000000000000000
[  417.917348][T10616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  417.917354][T10616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  417.917360][T10616] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.917374][T10616]  </TASK>
[  418.667010][T10620] lo speed is unknown, defaulting to 1000
[  418.670735][T10620] ������ speed is unknown, defaulting to 1000
[  418.911119][   T40] audit: type=1326 audit(1765637375.387:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10627 comm="syz.0.1168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  418.928501][   T40] audit: type=1326 audit(1765637375.387:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10627 comm="syz.0.1168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  419.092682][T10533] Bluetooth: hci1: unexpected event for opcode 0x0c7b
[  419.313095][T10640] fuse: Unknown parameter 'fF�6Z�D�2��D����#�KI�u�g��NP�b�~M�����ͳ�]��!�'
[  419.398507][T10651] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.1174'.
g

[  419.621210][ T6152] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  419.740267][   T40] audit: type=1326 audit(1765637376.317:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10660 comm="syz.2.1177" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f14579 code=0x0
[  419.884330][T10664] netlink: 'syz.1.1178': attribute type 58 has an invalid length.
[  419.887871][T10664] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1178'.
[  420.826217][T10684] cgroup: Unknown subsys name 'fowner>00000000000000000000'
[  421.327177][T10692] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1185'.
[  421.446831][T10692] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1185'.
[  421.529894][T10697] xt_CT: You must specify a L4 protocol and not use inversions on it
[  422.088506][T10716] netlink: 'syz.2.1193': attribute type 21 has an invalid length.
[  422.095269][T10716] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1193'.
[  422.098695][T10716] netlink: 'syz.2.1193': attribute type 5 has an invalid length.
[  422.101395][T10716] netlink: 'syz.2.1193': attribute type 6 has an invalid length.
[  422.104065][T10716] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1193'.
[  422.146514][T10718] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1194'.
[  422.153090][T10718] erspan0: entered promiscuous mode
[  422.155104][T10718] macvtap0: entered promiscuous mode
[  422.156930][T10718] macvtap0: entered allmulticast mode
[  422.158613][T10718] erspan0: entered allmulticast mode
[  422.182395][T10718] erspan0: left allmulticast mode
[  422.182542][T10718] erspan0: left promiscuous mode
[  422.473936][T10735] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1192'.
[  422.701068][T10737] input: syz1 as /devices/virtual/input/input22
[  422.843310][T10741] sctp: [Deprecated]: syz.2.1200 (pid 10741) Use of struct sctp_assoc_value in delayed_ack socket option.
[  422.843310][T10741] Use struct sctp_sack_info instead
[  423.255606][T10750] usb usb5: usbfs: process 10750 (syz.1.1201) did not claim interface 0 before use
[  423.272161][T10752] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1203'.
[  423.305255][T10750] lo speed is unknown, defaulting to 1000
[  423.310872][T10750] ������ speed is unknown, defaulting to 1000
[  423.506696][T10756] binder: BINDER_SET_CONTEXT_MGR already set
[  423.509372][T10756] binder: 10753:10756 ioctl 4018620d 80000040 returned -16
[  423.512388][T10756] binder: 10753:10756 ioctl c0306201 80000240 returned -11
[  424.088627][T10771] sp0: Synchronizing with TNC
[  424.326424][T10779] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1212'.
[  424.374888][T10777] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  424.383127][T10777] syzkaller0: entered promiscuous mode
[  424.386404][T10777] syzkaller0: entered allmulticast mode
[  424.946456][T10787] binder: 10786:10787 ioctl c0306201 0 returned -14
[  424.962603][T10787] binder: 10786:10787 ioctl c0306201 80000240 returned -11
[  425.048348][T10792] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1216'.
[  425.915026][T10808] binder: 10807:10808 ioctl c0306201 0 returned -14
[  425.919615][T10808] binder: 10807:10808 ioctl c0306201 80000240 returned -11
[  426.015222][T10814] lo speed is unknown, defaulting to 1000
[  426.018610][T10814] ������ speed is unknown, defaulting to 1000
[  426.092223][T10818] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  426.124126][T10818] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  426.128307][T10818] overlayfs: failed to look up (tracing) for ino (-66)
[  426.321840][T10827] netlink: 'syz.2.1226': attribute type 1 has an invalid length.
[  426.389813][T10829] gretap1: entered promiscuous mode
[  426.428471][T10829] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1226'.
[  426.851661][T10836] syz_tun: entered allmulticast mode
[  426.933668][T10533] Bluetooth: hci3: unexpected event for opcode 0x0c7b
[  427.268662][T10850] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1234'.
[  427.282582][T10850] vlan3: entered promiscuous mode
[  427.284700][T10850] gretap0: entered promiscuous mode
[  428.781137][   T24] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  428.931798][   T24] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  428.935332][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  428.938473][   T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  428.942377][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  428.945266][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  428.948915][   T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  428.953584][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  428.956599][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  428.959507][   T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  428.963162][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  428.965979][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  428.969094][   T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  428.972857][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  428.975636][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  428.978427][   T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  428.983417][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  428.986277][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  428.989152][   T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  428.993949][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  428.996769][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  428.999600][   T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  429.003317][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  429.006456][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  429.009969][   T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  429.013690][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  429.017350][   T24] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  429.020242][   T24] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  429.023172][   T24] usb 5-1: Product: syz
[  429.024502][   T24] usb 5-1: Manufacturer: syz
[  429.026185][   T24] usb 5-1: SerialNumber: syz
[  429.034524][   T24] usb 5-1: config 0 descriptor??
[  429.040027][   T24] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  429.921075][T10874] binder: 10872:10874 ioctl c0306201 80001640 returned -14
[  430.211147][ T1022] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  430.362640][ T1022] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  430.367048][ T1022] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.371962][ T1022] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  430.375522][ T1022] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  430.381628][ T1022] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  430.384469][ T1022] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  430.387000][ T1022] usb 7-1: Manufacturer: syz
[  430.389657][ T1022] usb 7-1: config 0 descriptor??
[  430.977529][ T1022] appleir 0003:05AC:8243.000B: unknown main item tag 0x0
[  430.994304][ T1022] appleir 0003:05AC:8243.000B: hiddev1,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  431.122877][T10890] usb usb5: usbfs: process 10890 (syz.1.1246) did not claim interface 0 before use
[  431.198140][T10890] lo speed is unknown, defaulting to 1000
[  431.203162][T10890] ������ speed is unknown, defaulting to 1000
[  431.535930][   T24] usb 5-1: USB disconnect, device number 18
[  431.544585][   T24] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  431.595246][T10894] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1247'.
[  431.664309][T10894] bond0: (slave syz_tun): Releasing backup interface
[  432.010554][T10909] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1251'.
[  432.112746][T10913] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1251'.
[  432.139275][T10913] netlink: 'syz.3.1251': attribute type 1 has an invalid length.
[  432.141979][T10913] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1251'.
[  432.145132][T10913] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.150726][T10913] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.541094][ T1022] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  432.703838][ T1022] usb 8-1: Using ep0 maxpacket: 8
[  432.708577][ T1022] usb 8-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  432.713071][ T1022] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.721563][ T1022] pvrusb2: Hardware description: Terratec Grabster AV400
[  432.724082][ T1022] pvrusb2: **********
[  432.725671][ T1022] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  432.730238][ T1022] pvrusb2: Important functionality might not be entirely working.
[  432.735805][ T1022] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  432.740785][ T1022] pvrusb2: **********
[  432.923242][ T2485] pvrusb2: Invalid write control endpoint
[  432.982636][ T2485] pvrusb2: Invalid write control endpoint
[  432.985245][ T2485] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  432.989263][ T2485] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  432.993725][ T2485] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  432.997903][ T2485] pvrusb2: Device being rendered inoperable
[  433.010092][ T5975] usb 7-1: USB disconnect, device number 12
[  433.013267][ T2485] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  433.019833][ T2485] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  433.033629][ T2485] pvrusb2: Attached sub-driver cx25840
[  433.036102][ T2485] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  433.040272][ T2485] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  433.132613][T10926] usb usb5: usbfs: process 10926 (syz.1.1254) did not claim interface 0 before use
[  433.139547][   T24] usb 8-1: USB disconnect, device number 12
[  433.203583][T10926] lo speed is unknown, defaulting to 1000
[  433.209981][T10926] ������ speed is unknown, defaulting to 1000
[  433.278366][   T40] audit: type=1326 audit(1765637389.857:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10927 comm="syz.0.1256" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  433.301681][   T40] audit: type=1326 audit(1765637389.867:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10927 comm="syz.0.1256" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  433.314953][   T40] audit: type=1326 audit(1765637389.867:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10927 comm="syz.0.1256" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000
[  433.318198][T10932] FAULT_INJECTION: forcing a failure.
[  433.318198][T10932] name failslab, interval 1, probability 0, space 0, times 0
[  433.326292][T10932] CPU: 2 UID: 0 PID: 10932 Comm: syz.0.1258 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  433.326331][T10932] Tainted: [L]=SOFTLOCKUP
[  433.326336][T10932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.326343][T10932] Call Trace:
[  433.326347][T10932]  <TASK>
[  433.326352][T10932]  dump_stack_lvl+0x16c/0x1f0
[  433.326370][T10932]  should_fail_ex+0x512/0x640
[  433.326387][T10932]  ? __kmalloc_cache_noprof+0x5f/0x800
[  433.326402][T10932]  should_failslab+0xc2/0x120
[  433.326419][T10932]  __kmalloc_cache_noprof+0x80/0x800
[  433.326431][T10932]  ? assoc_array_insert+0x10c/0x3970
[  433.326447][T10932]  ? assoc_array_insert+0x10c/0x3970
[  433.326459][T10932]  assoc_array_insert+0x10c/0x3970
[  433.326471][T10932]  ? __key_instantiate_and_link+0x13f/0x520
[  433.326490][T10932]  ? __pfx_assoc_array_insert+0x10/0x10
[  433.326502][T10932]  ? key_instantiate_and_link+0x398/0x4b0
[  433.326516][T10932]  ? down_write+0x14d/0x200
[  433.326532][T10932]  ? __pfx_down_write+0x10/0x10
[  433.326548][T10932]  __key_link_begin+0xf5/0x260
[  433.326563][T10932]  key_link+0x103/0x310
[  433.326576][T10932]  ? __pfx_key_link+0x10/0x10
[  433.326591][T10932]  ? keyring_alloc+0x8e/0xc0
[  433.326605][T10932]  call_sbin_request_key+0x3dd/0xda0
[  433.326618][T10932]  ? __pfx_call_sbin_request_key+0x10/0x10
[  433.326630][T10932]  ? key_alloc+0xac0/0x1330
[  433.326641][T10932]  ? __pfx_key_instantiate_and_link+0x10/0x10
[  433.326669][T10932]  ? __pfx_request_key_auth_new+0x10/0x10
[  433.326686][T10932]  ? __pfx_call_sbin_request_key+0x10/0x10
[  433.326696][T10932]  request_key_and_link+0xeb1/0x1370
[  433.326709][T10932]  ? __pfx_request_key_and_link+0x10/0x10
[  433.326719][T10932]  ? __pfx___might_resched+0x10/0x10
[  433.326735][T10932]  ? find_held_lock+0x2b/0x80
[  433.326751][T10932]  ? __pfx_asymmetric_key_cmp_name+0x10/0x10
[  433.326768][T10932]  ? __pfx_keyring_search_iterator+0x10/0x10
[  433.326782][T10932]  ? _copy_from_user+0x59/0xd0
[  433.326802][T10932]  __do_sys_request_key+0x23a/0x3d0
[  433.326818][T10932]  ? __pfx___do_sys_request_key+0x10/0x10
[  433.326832][T10932]  ? ksys_write+0x1ac/0x250
[  433.326849][T10932]  ? do_user_addr_fault+0x843/0x1370
[  433.326865][T10932]  __do_fast_syscall_32+0xe8/0x680
[  433.326881][T10932]  do_fast_syscall_32+0x32/0x80
[  433.326896][T10932]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  433.326909][T10932] RIP: 0023:0xf7f65579
[  433.326918][T10932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  433.326930][T10932] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 000000000000011f
[  433.326940][T10932] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000080001ffb
[  433.326947][T10932] RDX: 0000000080001fee RSI: 0000000000000000 RDI: 0000000000000000
[  433.326953][T10932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.326959][T10932] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  433.326966][T10932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.326979][T10932]  </TASK>
[  433.625069][T10943] overlayfs: failed to resolve './file2': -2
[  433.808762][T10944] usb usb5: usbfs: process 10944 (syz.2.1261) did not claim interface 0 before use
[  433.837736][T10944] lo speed is unknown, defaulting to 1000
[  433.841273][T10944] ������ speed is unknown, defaulting to 1000
[  434.073896][T10953] netlink: zone id is out of range
[  434.443787][T10963] lo speed is unknown, defaulting to 1000
[  434.446426][T10963] ������ speed is unknown, defaulting to 1000
[  434.505545][T10967] 9p: Bad value for 'wfdno'
[  434.759771][T10973] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  434.761866][T10973] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  434.765730][T10973] vhci_hcd vhci_hcd.0: Device attached
[  435.056779][   T24] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  435.324117][T10982] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1271'.
[  435.596335][T10974] vhci_hcd: connection reset by peer
[  435.611694][ T6152] vhci_hcd vhci_hcd.0: stop threads
[  435.613545][ T6152] vhci_hcd vhci_hcd.0: release socket
[  435.615353][ T6152] vhci_hcd vhci_hcd.0: disconnect device
[  436.160104][T10999] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  436.197390][T10999] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  436.200668][T10999] overlayfs: failed to look up (tracing) for ino (-66)
[  436.514059][T10996] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1274'.
[  437.713188][T11010] binder: 11009:11010 ioctl c0306201 80000240 returned -11
[  437.813554][T11014] FAULT_INJECTION: forcing a failure.
[  437.813554][T11014] name failslab, interval 1, probability 0, space 0, times 0
[  437.821243][T11014] CPU: 1 UID: 0 PID: 11014 Comm: syz.0.1280 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  437.821272][T11014] Tainted: [L]=SOFTLOCKUP
[  437.821279][T11014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.821290][T11014] Call Trace:
[  437.821296][T11014]  <TASK>
[  437.821304][T11014]  dump_stack_lvl+0x16c/0x1f0
[  437.821331][T11014]  should_fail_ex+0x512/0x640
[  437.821358][T11014]  ? kmem_cache_alloc_noprof+0x62/0x770
[  437.821403][T11014]  should_failslab+0xc2/0x120
[  437.821431][T11014]  kmem_cache_alloc_noprof+0x83/0x770
[  437.821452][T11014]  ? io_submit_one+0x122/0x1e70
[  437.821476][T11014]  ? io_submit_one+0x122/0x1e70
[  437.821492][T11014]  io_submit_one+0x122/0x1e70
[  437.821512][T11014]  ? __lock_acquire+0x436/0x2890
[  437.821530][T11014]  ? lockdep_hardirqs_on+0x7c/0x110
[  437.821554][T11014]  ? __pfx_io_submit_one+0x10/0x10
[  437.821580][T11014]  ? __might_fault+0xe3/0x190
[  437.821599][T11014]  ? __might_fault+0x13b/0x190
[  437.821624][T11014]  ? __ia32_compat_sys_io_submit+0x1ad/0x3c0
[  437.821643][T11014]  __ia32_compat_sys_io_submit+0x1ad/0x3c0
[  437.821664][T11014]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  437.821690][T11014]  ? do_user_addr_fault+0x843/0x1370
[  437.821713][T11014]  ? rcu_is_watching+0x12/0xc0
[  437.821739][T11014]  __do_fast_syscall_32+0xe8/0x680
[  437.821765][T11014]  do_fast_syscall_32+0x32/0x80
[  437.821788][T11014]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  437.821808][T11014] RIP: 0023:0xf7f65579
[  437.821823][T11014] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  437.821844][T11014] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  437.821862][T11014] RAX: ffffffffffffffda RBX: 00000000f7f5e000 RCX: 0000000000000001
[  437.821874][T11014] RDX: 00000000800012c0 RSI: 0000000000000000 RDI: 0000000000000000
[  437.821884][T11014] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  437.821894][T11014] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  437.821905][T11014] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  437.821929][T11014]  </TASK>
[  438.058095][T11023] kernel read not supported for file /rmdF�� (pid: 11023 comm: syz.3.1283)
[  438.067014][   T40] audit: type=1800 audit(1765637394.647:1217): pid=11023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1283" name=726D64461716BCEC dev="mqueue" ino=38866 res=0 errno=0
[  438.196838][T11033] binder: 11032:11033 ioctl c0306201 80000240 returned -11
[  438.708363][T11041] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  438.710479][T11041] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  438.731150][T11041] vhci_hcd vhci_hcd.0: Device attached
[  439.006466][   T54] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  439.151189][T10533] Bluetooth: hci2: unexpected event for opcode 0x0c7b
[  439.162235][T11055] fuse: Unknown parameter '�roup_)
'
[  440.486352][T11057] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  440.571177][   T24] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  440.598574][T11057] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  440.602382][T11057] overlayfs: failed to look up (tracing) for ino (-66)
[  441.054512][T11042] vhci_hcd: connection reset by peer
[  441.056796][ T6142] vhci_hcd vhci_hcd.2: stop threads
[  441.058489][ T6142] vhci_hcd vhci_hcd.2: release socket
[  441.061624][ T6142] vhci_hcd vhci_hcd.2: disconnect device
[  441.216735][T11065] binder: 11064:11065 ioctl c0306201 80000240 returned -11
[  441.363568][T11070] fuse: Invalid rootmode
[  441.368007][T11071] usb usb5: usbfs: process 11071 (syz.3.1296) did not claim interface 0 before use
[  441.415178][T11071] lo speed is unknown, defaulting to 1000
[  441.422429][T11071] ������ speed is unknown, defaulting to 1000
[  442.056895][T10533] Bluetooth: hci3: unexpected event for opcode 0x0c7b
[  442.199913][T11084] bond0: (slave syz_tun): Releasing backup interface
[  442.266345][T11090] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1304'.
[  442.305337][T11084] bridge_slave_0: left allmulticast mode
[  442.307269][T11084] bridge_slave_0: left promiscuous mode
[  442.310149][T11084] bridge0: port 1(bridge_slave_0) entered disabled state
[  442.333807][T11084] bridge0: port 2(bridge_slave_1) entered disabled state
[  442.361879][T11084] bond0: (slave bond_slave_0): Releasing backup interface
[  442.387484][T11095] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  442.391727][T11084] bond0: (slave bond_slave_1): Releasing backup interface
[  442.402682][T11084] team0: Port device team_slave_0 removed
[  442.413183][T11084] team0: Port device team_slave_1 removed
[  442.415511][T11084] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.416015][T11095] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  442.418185][T11084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  442.426068][T11084] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  442.428669][T11084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.432653][T11084] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  442.436405][T11095] overlayfs: failed to look up (tracing) for ino (-66)
[  442.438492][T11090] netlink: 'syz.2.1304': attribute type 1 has an invalid length.
[  442.451061][T11090] netlink: 'syz.2.1304': attribute type 2 has an invalid length.
[  442.453560][T11090] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1304'.
[  442.475803][T11088] team0: Mode changed to "loadbalance"
[  442.480947][T11084] netlink: 'syz.3.1303': attribute type 10 has an invalid length.
[  442.500734][T11084] team0: Port device dummy0 added
[  442.931072][ T6192] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  443.088724][T11092] orangefs_mount: mount request failed with -4
[  443.091081][ T6192] usb 8-1: Using ep0 maxpacket: 16
[  443.094083][ T6192] usb 8-1: config 0 has no interfaces?
[  443.097351][ T6192] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  443.100240][ T6192] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.111054][ T6192] usb 8-1: Product: syz
[  443.112512][ T6192] usb 8-1: Manufacturer: syz
[  443.114033][ T6192] usb 8-1: SerialNumber: syz
[  443.121581][ T6192] usb 8-1: config 0 descriptor??
[  443.391510][T11108] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  443.392197][ T5975] usb 8-1: USB disconnect, device number 13
[  443.486885][T11108] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  443.490300][T11108] overlayfs: failed to look up (tracing) for ino (-66)
[  443.597323][T11110] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  443.599473][T11110] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  443.603340][T11110] vhci_hcd vhci_hcd.0: Device attached
[  443.627025][T11110] fuse: Unknown parameter '�0x000000000000000a'
[  443.842045][T11111] vhci_hcd: connection closed
[  443.843498][ T6152] vhci_hcd vhci_hcd.0: stop threads
[  443.847637][ T6152] vhci_hcd vhci_hcd.0: release socket
[  443.849514][ T6152] vhci_hcd vhci_hcd.0: disconnect device
[  443.881256][ T5975] usb 38-1: enqueue for inactive port 0
[  444.341170][   T54] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  444.401670][ T5975] usb usb38-port1: attempt power cycle
[  444.593575][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  444.595603][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  444.639345][T10533] Bluetooth: hci1: unexpected event for opcode 0x0c7b
[  444.957874][T11127] usb usb5: usbfs: process 11127 (syz.3.1312) did not claim interface 0 before use
[  444.981607][ T5975] usb usb38-port1: unable to enumerate USB device
[  445.004290][T11127] lo speed is unknown, defaulting to 1000
[  445.009144][T11127] ������ speed is unknown, defaulting to 1000
[  445.857951][T11138] netlink: 'syz.2.1314': attribute type 23 has an invalid length.
[  445.927405][T11139] usb usb5: usbfs: process 11139 (syz.0.1316) did not claim interface 0 before use
[  445.984573][T11139] lo speed is unknown, defaulting to 1000
[  445.991157][T11139] ������ speed is unknown, defaulting to 1000
[  446.474560][T11144] usb usb5: usbfs: process 11144 (syz.2.1317) did not claim interface 0 before use
[  446.549892][T11144] lo speed is unknown, defaulting to 1000
[  446.555298][T11144] ������ speed is unknown, defaulting to 1000
[  447.280368][T11156] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  447.290907][T11156] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  447.294291][T11156] overlayfs: failed to look up (tracing) for ino (-66)
[  447.321913][T11159] program syz.1.1322 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  448.174266][T11165] usb usb5: usbfs: process 11165 (syz.1.1323) did not claim interface 0 before use
[  448.334108][T11165] lo speed is unknown, defaulting to 1000
[  448.351477][T11165] ������ speed is unknown, defaulting to 1000
[  448.367555][T11167] syzkaller0: entered promiscuous mode
[  448.369823][T11167] syzkaller0: entered allmulticast mode
[  448.471263][T11167] sp0: Synchronizing with TNC
�[  449.709538][T11177] binder: 11176:11177 ioctl 4018620d 0 returned -22
[  449.721693][T11177] binder: 11176:11177 ioctl c0306201 80000240 returned -11

syzkaller
syzkaller login: [  449.863099][T10533] Bluetooth: hci1: unexpected event for opcode 0x0c7b
[  450.109397][T11196] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  450.197997][T11192] IPVS: persistence engine module ip_vs_pe_s not found
[  450.258967][T11196] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  450.261326][T11202] syzkaller0: entered promiscuous mode
[  450.263686][T11196] overlayfs: failed to look up (tracing) for ino (-66)
[  450.265049][T11202] syzkaller0: entered allmulticast mode
[  451.141128][ T6042] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  451.311156][T10533] Bluetooth: hci3: unexpected event for opcode 0x0c7b
[  451.321119][ T6042] usb 8-1: Using ep0 maxpacket: 8
[  451.326002][ T6042] usb 8-1: unable to get BOS descriptor or descriptor too short
[  451.329890][ T6042] usb 8-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  451.333577][ T6042] usb 8-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  451.337295][ T6042] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  451.343068][ T6042] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  451.346773][ T6042] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.349674][ T6042] usb 8-1: Product: syz
[  451.353451][ T6042] usb 8-1: Manufacturer: syz
[  451.355388][ T6042] usb 8-1: SerialNumber: syz
[  451.356914][T11217] 9p: Bad value for 'rfdno'
[  451.374914][T11220] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  451.378641][T11220] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  451.389363][T11220] sctp: [Deprecated]: syz.1.1341 (pid 11220) Use of int in max_burst socket option.
[  451.389363][T11220] Use struct sctp_assoc_value instead
[  451.481368][ T8833] bond0: (slave syz_tun): Releasing backup interface
[  451.621160][ T6139] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  451.625016][T11222] syzkaller0: entered promiscuous mode
[  451.626970][T11222] syzkaller0: entered allmulticast mode
[  451.656963][ T6042] usb 8-1: 0:2 : does not exist
[  451.668178][ T6042] usb 8-1: USB disconnect, device number 14
[  451.695587][ T8659] udevd[8659]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  452.050902][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  452.057488][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  452.061468][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  452.065180][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  452.068682][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  452.105669][T11235] ������ speed is unknown, defaulting to 1000
[  452.376608][T11249] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  452.411477][T11235] chnl_net:caif_netlink_parms(): no params data found
[  452.482876][T11235] bridge0: port 1(bridge_slave_0) entered blocking state
[  452.485760][T11235] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.488550][T11235] bridge_slave_0: entered allmulticast mode
[  452.491720][T11235] bridge_slave_0: entered promiscuous mode
[  452.495889][T11235] bridge0: port 2(bridge_slave_1) entered blocking state
[  452.498318][T11235] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.500936][T11235] bridge_slave_1: entered allmulticast mode
[  452.504739][T11235] bridge_slave_1: entered promiscuous mode
[  452.527237][T11235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  452.532313][T11235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  452.554667][T11235] team0: Port device team_slave_0 added
[  452.559024][T11235] team0: Port device team_slave_1 added
[  452.574886][T11235] batman_adv: batadv0: Adding interface: batadv_slave_0
[  452.577093][T11235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  452.586719][T11235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  452.593850][T11235] batman_adv: batadv0: Adding interface: batadv_slave_1
[  452.596333][T11235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  452.604819][T11235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  452.630174][T11235] hsr_slave_0: entered promiscuous mode
[  452.632647][T11235] hsr_slave_1: entered promiscuous mode
[  452.634782][T11235] debugfs: 'hsr0' already exists in 'hsr'
[  452.636710][T11235] Cannot create hsr debugfs directory
[  452.807366][T11235] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  453.286781][T11249] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  453.293579][T11260] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  453.301187][T11249] overlayfs: failed to look up (tracing) for ino (-66)
[  453.330676][T11260] syzkaller0: entered promiscuous mode
[  453.333480][T11260] syzkaller0: entered allmulticast mode
[  453.337302][T11235] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  453.347868][T11235] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  453.356433][T11235] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  453.444964][T11235] 8021q: adding VLAN 0 to HW filter on device bond0
[  453.463808][T11235] 8021q: adding VLAN 0 to HW filter on device team0
[  453.473808][ T8170] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.476854][ T8170] bridge0: port 1(bridge_slave_0) entered forwarding state
[  453.489115][ T6142] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.492403][ T6142] bridge0: port 2(bridge_slave_1) entered forwarding state
[  454.101165][T10533] Bluetooth: hci3: command tx timeout
[  454.299600][T11274] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  454.496200][T11274] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  454.500080][T11274] overlayfs: failed to look up (tracing) for ino (-66)
[  455.161286][T11283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1355'.
[  455.177233][T11282] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  455.336542][T10533] Bluetooth: hci1: unexpected event for opcode 0x0c7b
[  456.103434][T11235] 8021q: adding VLAN 0 to HW filter on device batadv0
[  456.191611][T10533] Bluetooth: hci3: command tx timeout
[  456.312578][T11235] veth0_vlan: entered promiscuous mode
[  456.326235][T11235] veth1_vlan: entered promiscuous mode
[  456.366760][T11235] veth0_macvtap: entered promiscuous mode
[  456.377915][T11307] binder: 11305:11307 ioctl c0306201 0 returned -14
[  456.382273][T11235] veth1_macvtap: entered promiscuous mode
[  456.384129][T11307] binder: 11305:11307 ioctl c0306201 80000240 returned -11
[  456.390570][T11235] batman_adv: batadv0: Interface activated: batadv_slave_0
[  456.411631][T11235] batman_adv: batadv0: Interface activated: batadv_slave_1
[  456.415109][T11303] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1360'.
[  456.424597][ T1145] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  456.428140][ T1145] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  456.433914][ T1145] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  456.437795][ T1145] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  456.486072][ T6138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.489279][ T6138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.514552][T11311] fuse: Unknown parameter 'fd0x0000000000000005'
[  456.517211][ T6159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.519734][ T6159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  457.083833][T11330] usb usb5: usbfs: process 11330 (syz.0.1367) did not claim interface 0 before use
[  457.119544][T11330] ������ speed is unknown, defaulting to 1000
[  457.124056][T11334] binder: 11333:11334 ioctl c0306201 0 returned -14
[  457.127400][T11334] binder: 11333:11334 ioctl c0306201 80000240 returned -11
[  457.158259][T11324] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  457.170399][T11324] syzkaller0: entered promiscuous mode
[  457.187195][T11324] syzkaller0: entered allmulticast mode
[  457.364490][T11342] syzkaller1: entered promiscuous mode
[  457.366274][T11342] syzkaller1: entered allmulticast mode
[  457.570604][T11346] fuse: Unknown parameter 'fd0x0000000000000005'
[  458.261125][T10533] Bluetooth: hci3: command tx timeout
[  459.638038][T10533] Bluetooth: hci1: unexpected event for opcode 0x0c7b
[  459.690005][T11357] netlink: 'syz.0.1377': attribute type 1 has an invalid length.
[  459.694680][T11357] nbd: error processing sock list
[  459.799972][T11360] binder: 11359:11360 ioctl c0306201 0 returned -14
[  459.803673][T11360] binder: 11359:11360 ioctl c0306201 80000240 returned -11
[  460.165575][T11371] usb usb5: usbfs: process 11371 (syz.3.1380) did not claim interface 0 before use
[  460.249404][T11371] ������ speed is unknown, defaulting to 1000
[  460.341368][T10533] Bluetooth: hci3: command tx timeout
[  461.432813][T11386] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1385'.
[  461.436884][T11386] netlink: 83 bytes leftover after parsing attributes in process `syz.4.1385'.
[  461.548572][T11391] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  461.712048][T11391] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  461.715545][T11391] overlayfs: failed to look up (tracing) for ino (-66)
[  462.053940][T11405] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1390'.
[  462.113430][T11408] netlink: 'syz.4.1391': attribute type 33 has an invalid length.
[  462.171168][T11408] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1391'.
[  462.193705][T11411] openvswitch: netlink: Key type 31 is not supported
[  462.558247][T11420] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  462.573898][T11420] block device autoloading is deprecated and will be removed.
[  462.624250][T11422] loop0: detected capacity change from 0 to 2560
[  462.634686][T11422] buffer_io_error: 9 callbacks suppressed
[  462.634702][T11422] Buffer I/O error on dev loop0, logical block 0, lost async page write
[  462.640480][T11422] Buffer I/O error on dev loop0, logical block 1, lost async page write
[  462.644062][T11422] Buffer I/O error on dev loop0, logical block 2, lost async page write
[  462.647544][T11422] Buffer I/O error on dev loop0, logical block 3, lost async page write
[  462.651272][T11422] Buffer I/O error on dev loop0, logical block 4, lost async page write
[  462.654722][T11422] Buffer I/O error on dev loop0, logical block 5, lost async page write
[  462.658169][T11422] Buffer I/O error on dev loop0, logical block 6, lost async page write
[  462.661817][T11422] Buffer I/O error on dev loop0, logical block 7, lost async page write
[  462.665193][T11422] Buffer I/O error on dev loop0, logical block 8, lost async page write
[  462.668580][T11422] Buffer I/O error on dev loop0, logical block 9, lost async page write
[  462.843963][T11424] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  463.085602][T11428] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  463.151874][T11430] FAULT_INJECTION: forcing a failure.
[  463.151874][T11430] name failslab, interval 1, probability 0, space 0, times 0
[  463.155777][T11430] CPU: 3 UID: 0 PID: 11430 Comm: syz.3.1398 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  463.155795][T11430] Tainted: [L]=SOFTLOCKUP
[  463.155799][T11430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  463.155806][T11430] Call Trace:
[  463.155810][T11430]  <TASK>
[  463.155815][T11430]  dump_stack_lvl+0x16c/0x1f0
[  463.155832][T11430]  should_fail_ex+0x512/0x640
[  463.155850][T11430]  ? __kmalloc_noprof+0xca/0x910
[  463.155863][T11430]  should_failslab+0xc2/0x120
[  463.155880][T11430]  __kmalloc_noprof+0xeb/0x910
[  463.155891][T11430]  ? kobject_get_path+0xd2/0x2d0
[  463.155908][T11430]  ? kobject_get_path+0xd2/0x2d0
[  463.155921][T11430]  kobject_get_path+0xd2/0x2d0
[  463.155938][T11430]  kobject_uevent_env+0x289/0x1920
[  463.155954][T11430]  ? up_write+0x200/0x4e0
[  463.155968][T11430]  ? kernfs_remove_by_name_ns+0x9f/0x100
[  463.155986][T11430]  __kobject_del+0x168/0x220
[  463.156001][T11430]  kobject_put+0x34d/0x6f0
[  463.156016][T11430]  net_rx_queue_update_kobjects+0x54d/0x770
[  463.156036][T11430]  netdev_unregister_kobject+0x154/0x540
[  463.156050][T11430]  ? rtmsg_ifinfo_send+0xcf/0x110
[  463.156065][T11430]  unregister_netdevice_many_notify+0x151e/0x2590
[  463.156084][T11430]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  463.156100][T11430]  ? __pfx___mutex_lock+0x10/0x10
[  463.156118][T11430]  unregister_netdevice_queue+0x305/0x3c0
[  463.156131][T11430]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  463.156145][T11430]  ? __pfx_locks_remove_file+0x10/0x10
[  463.156179][T11430]  ? __pfx_ppp_release+0x10/0x10
[  463.156193][T11430]  ppp_release+0x209/0x230
[  463.156205][T11430]  __fput+0x402/0xb70
[  463.156220][T11430]  fput_close_sync+0x118/0x260
[  463.156232][T11430]  ? __pfx_fput_close_sync+0x10/0x10
[  463.156242][T11430]  ? dnotify_flush+0x79/0x4c0
[  463.156257][T11430]  __ia32_sys_close+0x8b/0x120
[  463.156270][T11430]  __do_fast_syscall_32+0xe8/0x680
[  463.156285][T11430]  do_fast_syscall_32+0x32/0x80
[  463.156299][T11430]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  463.156314][T11430] RIP: 0023:0xf7f05579
[  463.156322][T11430] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  463.156333][T11430] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000006
[  463.156344][T11430] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  463.156350][T11430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  463.156356][T11430] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  463.156362][T11430] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  463.156368][T11430] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  463.156381][T11430]  </TASK>
[  463.621698][T11443] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1401'.
[  463.877020][T11445] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  463.884916][T11445] syzkaller0: entered promiscuous mode
[  463.886705][T11445] syzkaller0: entered allmulticast mode
[  464.310878][T11451] usb usb5: usbfs: process 11451 (syz.2.1403) did not claim interface 0 before use
[  464.407537][T11455] usb usb5: usbfs: process 11455 (syz.4.1404) did not claim interface 0 before use
[  465.137424][T11451] ������ speed is unknown, defaulting to 1000
[  465.214260][T11455] ������ speed is unknown, defaulting to 1000
[  465.765008][T11465] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1408'.
[  465.994081][T11469] tmpfs: Unknown parameter 'grpquota��'
[  466.006816][T11469] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  466.009483][T11469] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  466.137534][   T40] audit: type=1326 audit(1765637422.717:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1410" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f14579 code=0x0
[  466.189209][T11472] FAULT_INJECTION: forcing a failure.
[  466.189209][T11472] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  466.193797][T11472] CPU: 1 UID: 0 PID: 11472 Comm: syz.2.1410 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  466.193815][T11472] Tainted: [L]=SOFTLOCKUP
[  466.193819][T11472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  466.193826][T11472] Call Trace:
[  466.193830][T11472]  <TASK>
[  466.193834][T11472]  dump_stack_lvl+0x16c/0x1f0
[  466.193852][T11472]  should_fail_ex+0x512/0x640
[  466.193871][T11472]  _copy_to_user+0x32/0xd0
[  466.193889][T11472]  simple_read_from_buffer+0xcb/0x170
[  466.193906][T11472]  proc_fail_nth_read+0x197/0x240
[  466.193924][T11472]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  466.193942][T11472]  ? rw_verify_area+0xcf/0x6c0
[  466.193957][T11472]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  466.193974][T11472]  vfs_read+0x1e4/0xcf0
[  466.193990][T11472]  ? __pfx___mutex_lock+0x10/0x10
[  466.194005][T11472]  ? __pfx_vfs_read+0x10/0x10
[  466.194019][T11472]  ? find_held_lock+0x2b/0x80
[  466.194037][T11472]  ? __fget_files+0x20e/0x3c0
[  466.194055][T11472]  ksys_read+0x12a/0x250
[  466.194070][T11472]  ? __pfx_ksys_read+0x10/0x10
[  466.194085][T11472]  ? do_user_addr_fault+0x843/0x1370
[  466.194101][T11472]  __do_fast_syscall_32+0xe8/0x680
[  466.194117][T11472]  do_fast_syscall_32+0x32/0x80
[  466.194132][T11472]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  466.194146][T11472] RIP: 0023:0xf7f14579
[  466.194154][T11472] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  466.194164][T11472] RSP: 002b:00000000f53e5590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  466.194175][T11472] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f53e5620
[  466.194181][T11472] RDX: 000000000000000f RSI: 00000000f73a6ff4 RDI: 0000000000000000
[  466.194188][T11472] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  466.194194][T11472] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  466.194200][T11472] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  466.194213][T11472]  </TASK>
[  466.337470][   T40] audit: type=1326 audit(1765637422.917:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.4.1413" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707d579 code=0x0
[  466.676160][T11486] block nbd0: shutting down sockets
[  467.313157][T11495] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  467.374201][T11490] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  467.428707][T11495] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  467.507970][T11501] FAULT_INJECTION: forcing a failure.
[  467.507970][T11501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  467.512145][T11501] CPU: 1 UID: 0 PID: 11501 Comm: syz.2.1420 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  467.512163][T11501] Tainted: [L]=SOFTLOCKUP
[  467.512167][T11501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  467.512174][T11501] Call Trace:
[  467.512178][T11501]  <TASK>
[  467.512182][T11501]  dump_stack_lvl+0x16c/0x1f0
[  467.512199][T11501]  should_fail_ex+0x512/0x640
[  467.512219][T11501]  _copy_from_user+0x2e/0xd0
[  467.512237][T11501]  do_tcp_setsockopt+0x237c/0x2c10
[  467.512251][T11501]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  467.512264][T11501]  ? __pfx___might_resched+0x10/0x10
[  467.512283][T11501]  ? aa_sk_perm+0x2f2/0xae0
[  467.512294][T11501]  ? ksys_write+0x190/0x250
[  467.512311][T11501]  ? __pfx_aa_sk_perm+0x10/0x10
[  467.512322][T11501]  ? find_held_lock+0x2b/0x80
[  467.512339][T11501]  tcp_setsockopt+0xe2/0x100
[  467.512350][T11501]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  467.512366][T11501]  do_sock_setsockopt+0xf3/0x1d0
[  467.512381][T11501]  __sys_setsockopt+0x120/0x1a0
[  467.512394][T11501]  __ia32_sys_setsockopt+0xbc/0x160
[  467.512404][T11501]  ? __do_fast_syscall_32+0x9a/0x680
[  467.512418][T11501]  ? lockdep_hardirqs_on+0x7c/0x110
[  467.512431][T11501]  __do_fast_syscall_32+0xe8/0x680
[  467.512447][T11501]  do_fast_syscall_32+0x32/0x80
[  467.512461][T11501]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  467.512475][T11501] RIP: 0023:0xf7f14579
[  467.512484][T11501] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  467.512494][T11501] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  467.512505][T11501] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000006
[  467.512512][T11501] RDX: 0000000000000016 RSI: 0000000080000000 RDI: 0000000020000328
[  467.512518][T11501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  467.512524][T11501] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  467.512530][T11501] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  467.512543][T11501]  </TASK>
[  467.805725][T11508] genirq: Flags mismatch irq 4. 00200000 (pcmmio) vs. 00200080 (ttyS0)
[  467.849160][T11510] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1422'.
[  469.621817][ T1022] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  469.771792][T11536] ������ speed is unknown, defaulting to 1000
[  469.791169][ T1022] usb 5-1: Using ep0 maxpacket: 32
[  469.795779][ T1022] usb 5-1: config 0 has no interfaces?
[  469.800589][ T1022] usb 5-1: New USB device found, idVendor=19d2, idProduct=1072, bcdDevice=cd.0c
[  469.805501][ T1022] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.808764][ T1022] usb 5-1: Product: syz
[  469.810522][ T1022] usb 5-1: Manufacturer: syz
[  469.812877][ T1022] usb 5-1: SerialNumber: syz
[  469.816782][ T1022] usb 5-1: config 0 descriptor??
[  470.464794][ T6042] usb 5-1: USB disconnect, device number 19
[  471.168406][T11554] ubi: mtd0 is already attached to ubi31
[  472.263127][T10533] Bluetooth: hci3: command tx timeout
[  472.372999][T11553] ------------[ cut here ]------------
[  472.375038][T11553] WARNING: mm/shmem.c:1402 at shmem_evict_inode+0x8eb/0xbe0, CPU#2: syz.2.1435/11553
[  472.378170][T11553] Modules linked in:
[  472.380173][T11553] CPU: 2 UID: 0 PID: 11553 Comm: syz.2.1435 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  472.383744][T11553] Tainted: [L]=SOFTLOCKUP
[  472.385314][T11553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  472.388572][T11553] RIP: 0010:shmem_evict_inode+0x8eb/0xbe0
[  472.390314][T11553] Code: fe e8 69 32 bc ff 45 85 ff 75 ac e8 bf 37 bc ff 48 8b 74 24 28 48 8b 7c 24 30 e8 20 89 93 ff e9 e5 fd ff ff e8 a6 37 bc ff 90 <0f> 0b 90 e9 54 f9 ff ff e8 98 37 bc ff 4c 89 e2 48 b8 00 00 00 00
[  472.396859][T11553] RSP: 0018:ffffc90004f2f708 EFLAGS: 00010293
[  472.399388][T11553] RAX: 0000000000000000 RBX: ffff88804d6f87f8 RCX: ffffffff8202079e
[  472.402109][T11553] RDX: ffff88806e874980 RSI: ffffffff82020e4a RDI: 0000000000000007
[  472.404611][T11553] RBP: ffffc90004f2f830 R08: 0000000000000007 R09: 0000000000000000
[  472.407217][T11553] R10: 0000000000000008 R11: ffff88806e8754b0 R12: 0000000000000008
[  472.409763][T11553] R13: 0000000000000000 R14: ffff88804d6f8828 R15: ffff88804d6f86e8
[  472.412523][T11553] FS:  0000000000000000(0000) GS:ffff888097902000(0000) knlGS:0000000000000000
[  472.415462][T11553] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  472.417742][T11553] CR2: 00000000f7422054 CR3: 000000000e184000 CR4: 0000000000352ef0
[  472.420343][T11553] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[  472.422982][T11553] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  472.425501][T11553] Call Trace:
[  472.426604][T11553]  <TASK>
[  472.427652][T11553]  ? inode_wait_for_writeback+0x170/0x390
[  472.429515][T11553]  ? __pfx_shmem_evict_inode+0x10/0x10
[  472.431336][T11553]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  472.433356][T11553]  ? find_held_lock+0x2b/0x80
[  472.434872][T11553]  ? evict+0x37e/0xad0
[  472.436244][T11553]  ? __pfx_shmem_evict_inode+0x10/0x10
[  472.438013][T11553]  evict+0x3c2/0xad0
[  472.439338][T11553]  ? find_held_lock+0x2b/0x80
[  472.441031][T11553]  ? __pfx_evict+0x10/0x10
[  472.442953][T11553]  ? iput.part.0+0x619/0x1190
[  472.444725][T11553]  iput.part.0+0x621/0x1190
[  472.446572][T11553]  iput+0x35/0x40
[  472.448162][T11553]  dentry_unlink_inode+0x29c/0x480
[  472.450352][T11553]  __dentry_kill+0x1d0/0x600
[  472.452413][T11553]  finish_dput+0x76/0x480
[  472.454249][T11553]  dput.part.0+0x451/0x570
[  472.456172][T11553]  dput+0x1f/0x30
[  472.457748][T11553]  __fput+0x51c/0xb70
[  472.459419][T11553]  task_work_run+0x150/0x240
[  472.461119][T11553]  ? __pfx_task_work_run+0x10/0x10
[  472.463120][T11553]  ? do_raw_spin_unlock+0x172/0x230
[  472.464976][T11553]  do_exit+0x87f/0x2bd0
[  472.466414][T11553]  ? __pfx_do_exit+0x10/0x10
[  472.467923][T11553]  ? find_held_lock+0x2b/0x80
[  472.469563][T11553]  do_group_exit+0xd3/0x2a0
[  472.471151][T11553]  get_signal+0x2671/0x26d0
[  472.472692][T11553]  ? __pfx_get_signal+0x10/0x10
[  472.474327][T11553]  ? do_futex+0x122/0x350
[  472.475699][T11553]  arch_do_signal_or_restart+0x8f/0x7a0
[  472.477448][T11553]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  472.479383][T11553]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  472.481336][T11553]  exit_to_user_mode_loop+0x8c/0x540
[  472.482998][T11553]  __do_fast_syscall_32+0x4a4/0x680
[  472.484647][T11553]  do_fast_syscall_32+0x32/0x80
[  472.486192][T11553]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  472.488180][T11553] RIP: 0023:0xf7f14579
[  472.489501][T11553] Code: Unable to access opcode bytes at 0xf7f1454f.
[  472.491637][T11553] RSP: 002b:00000000f53e560c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0
[  472.494259][T11553] RAX: fffffffffffffe00 RBX: 00000000f73d5020 RCX: 0000000000000080
[  472.496725][T11553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73d5024
[  472.499248][T11553] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000
[  472.501834][T11553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  472.504484][T11553] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  472.506957][T11553]  </TASK>
[  472.507949][T11553] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  472.510263][T11553] CPU: 2 UID: 0 PID: 11553 Comm: syz.2.1435 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  472.513619][T11553] Tainted: [L]=SOFTLOCKUP
[  472.514982][T11553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  472.518325][T11553] Call Trace:
[  472.519412][T11553]  <TASK>
[  472.520375][T11553]  dump_stack_lvl+0x3d/0x1f0
[  472.521885][T11553]  vpanic+0x640/0x6f0
[  472.523153][T11553]  ? shmem_evict_inode+0x8eb/0xbe0
[  472.524793][T11553]  panic+0xca/0xd0
[  472.525994][T11553]  ? __pfx_panic+0x10/0x10
[  472.527425][T11553]  ? check_panic_on_warn+0x1f/0xb0
[  472.529070][T11553]  check_panic_on_warn+0xab/0xb0
[  472.530627][T11553]  __warn+0x108/0x3c0
[  472.531905][T11553]  __report_bug+0x2a0/0x520
[  472.533402][T11553]  ? shmem_evict_inode+0x8eb/0xbe0
[  472.535014][T11553]  ? __pfx___report_bug+0x10/0x10
[  472.536616][T11553]  ? find_held_lock+0x2b/0x80
[  472.538103][T11553]  ? timestamp_truncate+0x21e/0x2d0
[  472.539778][T11553]  ? shmem_evict_inode+0x8eb/0xbe0
[  472.541458][T11553]  report_bug+0xb2/0x220
[  472.542908][T11553]  ? shmem_evict_inode+0x8eb/0xbe0
[  472.544544][T11553]  handle_bug+0x127/0x260
[  472.545922][T11553]  exc_invalid_op+0x17/0x50
[  472.547371][T11553]  asm_exc_invalid_op+0x1a/0x20
[  472.548923][T11553] RIP: 0010:shmem_evict_inode+0x8eb/0xbe0
[  472.550727][T11553] Code: fe e8 69 32 bc ff 45 85 ff 75 ac e8 bf 37 bc ff 48 8b 74 24 28 48 8b 7c 24 30 e8 20 89 93 ff e9 e5 fd ff ff e8 a6 37 bc ff 90 <0f> 0b 90 e9 54 f9 ff ff e8 98 37 bc ff 4c 89 e2 48 b8 00 00 00 00
[  472.556652][T11553] RSP: 0018:ffffc90004f2f708 EFLAGS: 00010293
[  472.558547][T11553] RAX: 0000000000000000 RBX: ffff88804d6f87f8 RCX: ffffffff8202079e
[  472.561675][T11553] RDX: ffff88806e874980 RSI: ffffffff82020e4a RDI: 0000000000000007
[  472.564363][T11553] RBP: ffffc90004f2f830 R08: 0000000000000007 R09: 0000000000000000
[  472.566831][T11553] R10: 0000000000000008 R11: ffff88806e8754b0 R12: 0000000000000008
[  472.569392][T11553] R13: 0000000000000000 R14: ffff88804d6f8828 R15: ffff88804d6f86e8
[  472.571854][T11553]  ? shmem_evict_inode+0x23e/0xbe0
[  472.573529][T11553]  ? shmem_evict_inode+0x8ea/0xbe0
[  472.575146][T11553]  ? shmem_evict_inode+0x8ea/0xbe0
[  472.576769][T11553]  ? inode_wait_for_writeback+0x170/0x390
[  472.578570][T11553]  ? __pfx_shmem_evict_inode+0x10/0x10
[  472.580355][T11553]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  472.582317][T11553]  ? find_held_lock+0x2b/0x80
[  472.583811][T11553]  ? evict+0x37e/0xad0
[  472.585121][T11553]  ? __pfx_shmem_evict_inode+0x10/0x10
[  472.586822][T11553]  evict+0x3c2/0xad0
[  472.588080][T11553]  ? find_held_lock+0x2b/0x80
[  472.589631][T11553]  ? __pfx_evict+0x10/0x10
[  472.591050][T11553]  ? iput.part.0+0x619/0x1190
[  472.592599][T11553]  iput.part.0+0x621/0x1190
[  472.594042][T11553]  iput+0x35/0x40
[  472.595326][T11553]  dentry_unlink_inode+0x29c/0x480
[  472.596943][T11553]  __dentry_kill+0x1d0/0x600
[  472.598424][T11553]  finish_dput+0x76/0x480
[  472.599844][T11553]  dput.part.0+0x451/0x570
[  472.601272][T11553]  dput+0x1f/0x30
[  472.602478][T11553]  __fput+0x51c/0xb70
[  472.603746][T11553]  task_work_run+0x150/0x240
[  472.605221][T11553]  ? __pfx_task_work_run+0x10/0x10
[  472.606858][T11553]  ? do_raw_spin_unlock+0x172/0x230
[  472.608500][T11553]  do_exit+0x87f/0x2bd0
[  472.609886][T11553]  ? __pfx_do_exit+0x10/0x10
[  472.611368][T11553]  ? find_held_lock+0x2b/0x80
[  472.613014][T11553]  do_group_exit+0xd3/0x2a0
[  472.614481][T11553]  get_signal+0x2671/0x26d0
[  472.615934][T11553]  ? __pfx_get_signal+0x10/0x10
[  472.617502][T11553]  ? do_futex+0x122/0x350
[  472.618871][T11553]  arch_do_signal_or_restart+0x8f/0x7a0
[  472.620686][T11553]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  472.622670][T11553]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  472.624579][T11553]  exit_to_user_mode_loop+0x8c/0x540
[  472.626252][T11553]  __do_fast_syscall_32+0x4a4/0x680
[  472.628059][T11553]  do_fast_syscall_32+0x32/0x80
[  472.630031][T11553]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  472.632514][T11553] RIP: 0023:0xf7f14579
[  472.634110][T11553] Code: Unable to access opcode bytes at 0xf7f1454f.
[  472.636693][T11553] RSP: 002b:00000000f53e560c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0
[  472.639949][T11553] RAX: fffffffffffffe00 RBX: 00000000f73d5020 RCX: 0000000000000080
[  472.643035][T11553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73d5024
[  472.646156][T11553] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000
[  472.649260][T11553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  472.652335][T11553] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  472.655425][T11553]  </TASK>
[  472.657400][T11553] Kernel Offset: disabled
[  472.659073][T11553] Rebooting in 86400 seconds..