last executing test programs:

21.410861102s ago: executing program 1 (id=989):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_GET_MR(r2, 0x114, 0x2, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x80000001}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x45}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000200)="e0cdf410b8392e518b84121a1c93", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r5, 0x0, 0x8000)
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x1)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r6, 0x84, 0x70, 0x0, &(0x7f0000000440))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a32000000003c000000060a010400000000000000000100000308000b4000000000140004801000018008000100636d7000040002800900010073797a30"], 0xb0}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000001440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80418290}, 0xc, &(0x7f0000001400)={&(0x7f0000000f40)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x201, 0x0, 0x0, {0x4, 0x0, 0x9}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_RULE_POSITION_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101, 0x0, 0x0, {0xa}}, @NFT_MSG_NEWRULE={0x2f4, 0x6, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_RULE_USERDATA={0xec, 0x7, 0x1, 0x0, "fa9a7cf6ab45aa83c236d8db5e32ae283eaff70aa403a710a8c1cd5941c6273ae84e798cf44bb01e5d6404b1e55419d00b3de1318216e986256a6bed992af1b424df1c42972b75d021b00b265f72e00be5376be7ff6404d3797f0986e4c1592f622b1a866cd257ed2dfa02e1883b248b151cb43e51cb7b4ed749ca24c4e6580bdbe43e610a925fa1ced8daedb801bc77466d1bce38512a955f51310002c43ecb1b61131ec79cab6593141e2bc7ccec37e1ed8f32f8c2e3b82a2a2ca12739608abaed57e87cc21b2bbf4fc51bc22dcc5a81adc9d8f64912741498c3bdd4925f4b00c7ece036e6780c"}, @NFTA_RULE_USERDATA={0xd9, 0x7, 0x1, 0x0, "3392bf76a13eabf9fccd1209607334a8567fcfc4c7ece9899badbdb25b0884da86ca0956845be72974aa739b9cc7ec960d0cbe82d86562d9b89e779946471a0aa54daa6762beb162431a6ffc76d93c2ac996f76831dc8e1469108ae5de56aa3490e1f4330897da791f3b7f67436987f87b675243cd4df81e73ed188e3a2eb348ca35d25e3e6f7209da1233e37fe75f67e9f3720697162bd74440a932151f37bccf72b2eab664665e4d189043728c96c11c7f808e013745f44408a1ac92af13209aa3cf94fa12b7b8628ecdeadef160d625115476a3"}, @NFTA_RULE_EXPRESSIONS={0x118, 0x4, 0x0, 0x1, [{0x64, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_SREG={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8, 0x7, 0x1, 0x0, 0x9}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xd9}, @NFTA_PAYLOAD_CSUM_TYPE={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x9d}, @NFTA_PAYLOAD_CSUM_TYPE={0x8}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8, 0x7, 0x1, 0x0, 0x5}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_PAYLOAD_SREG={0x8, 0x5, 0x1, 0x0, 0x9}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0xf6}]}}}, {0xc, 0x1, 0x0, 0x1, @fwd={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x14, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x4}}}, {0xc, 0x1, 0x0, 0x1, @fwd={{0x8}, @void}}, {0x14, 0x1, 0x0, 0x1, @synproxy={{0xd}, @void}}, {0x40, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_SREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_BYTEORDER_OP={0x8}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0xaa}, @NFTA_BYTEORDER_SREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_BYTEORDER_LEN={0x8, 0x4, 0x1, 0x0, 0xf8}]}}}, {0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x10, 0x1, 0x0, 0x1, @socket={{0xb}, @void}}]}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x4}, @NFT_OBJECT_CONNLIMIT=@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x301, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x5}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0x7ffffffffffffffc}]}, @NFT_MSG_DELOBJ={0x20, 0x14, 0xa, 0x201, 0x0, 0x0, {0x3}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x88, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_CHAIN_COUNTERS={0x28, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x4}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x480000000}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x1ff}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffe}]}, @NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x494}, 0x1, 0x0, 0x0, 0x91}, 0x40)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r6, 0x84, 0x65, &(0x7f00000001c0)=[@in6={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}], 0x1c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000000)={{0xffff, 0x1d7, 0xd6, 0xd}, 'syz0\x00', 0x8})
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000100)={{0x100}, 'syz1\x00', 0x19})
ioctl$UI_DEV_CREATE(r0, 0x5501)
r8 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x1)
r9 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r8, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, r9, 0x0, 0x0, 'syz1\x00', 0x0})
r10 = syz_open_dev$video4linux(&(0x7f0000000240), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r10, 0xc0585605, &(0x7f0000000100)={0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3}})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002"], 0xfc}}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})

21.082123764s ago: executing program 1 (id=991):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x0)
r1 = openat$nmem0(0xffffff9c, 0x0, 0x200, 0x0)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000280)={0x5, 0xffff, 0x24b, 0x1, 0x81, 0x1ff})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="18001000001095000000f1000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000000180)=[{{&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x0, @empty}, 0x10, 0x0}}], 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtfilter={0x2c, 0x2c, 0xf3f, 0x30bd29, 0x24dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xfff3}, {0x0, 0xd}, {0x7, 0xfff1}}, [@TCA_RATE={0x6, 0x5, {0x4, 0x40}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0xd0)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0)
mremap(&(0x7f00007ca000/0x800000)=nil, 0x800000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)

20.206349713s ago: executing program 1 (id=995):
r0 = syz_open_dev$loop(0x0, 0x75f, 0xa382)
sendfile(r0, r0, 0x0, 0x24002de8)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_usb_connect$uac2(0x5, 0x7b, &(0x7f0000000280)=ANY=[@ANYBLOB="12011003000000401e043732400001020301090269000301053009080b00010107208c090400000001012000092401004004090007090401000001022000090401010101022000090501090002"], 0x0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044880}, 0x40040)
socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_IOC_CATATONIC(r0, 0x9362, 0x0)
r1 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000140)='cgroup.freeze\x00', 0x275a, 0x0)
ftruncate(r3, 0x8008976)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (fail_nth: 23)

18.861554287s ago: executing program 1 (id=1002):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="340a0000000000007910480000000000610410000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r0, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
io_uring_setup(0x6baa, &(0x7f0000000300)={0x0, 0x9cf7, 0x10000, 0x1, 0x63})
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
syslog(0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1}}, './file0\x00'})

18.661132442s ago: executing program 1 (id=1003):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000040)=0x80000001, 0x2)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r2, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
listen(r2, 0x3)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000180)={0x0, 0x1, 0x1, 0xa, 0x200, &(0x7f0000000c80)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309002500000000030f4743f490c585108c1331c7749299a25a705f5096cb268cbc60efd680e186250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca512b5f379c4eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7f804bb4713019a83353dc519d11c3cc1c22a3b86cf3c645413fcea0ce9ded703699d2bb6a4a663b99b6069da5aaf64785a58847440f064b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200216032811fadcf1e0f49a514df529061e09ce45e3f303a03fe9b4a6bcfa7d04594e4f6d07144ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a250200000000000000d23d324205000000000000000a617f22133b6cb5087f4c6057942ad995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a3cff46591ccaff3075b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8841416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedcbefc5990d7fed29a002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d559b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756d732533c2722e03002293e37966611602f297de6ff5408777d7a93c45cee3ee5c56e8a3e94266b295ea7a86812a7ab8896ec5ea1b1203001844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f6579ef62866a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c909cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc562507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800000000000017000000000000000000000000000000000002000000000000000200"})

18.121684433s ago: executing program 1 (id=1005):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
socket$netlink(0x10, 0x3, 0x15)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='reno', 0x4)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r4 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, &(0x7f0000000b80)={0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r5, 0x0, 0xb3)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000100)={'vlan0\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0xe, 0x0, 0x0, 0x400000]}})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)

18.029461927s ago: executing program 32 (id=1005):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
socket$netlink(0x10, 0x3, 0x15)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='reno', 0x4)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r4 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, &(0x7f0000000b80)={0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r5, 0x0, 0xb3)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000100)={'vlan0\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0xe, 0x0, 0x0, 0x400000]}})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)

10.711844676s ago: executing program 2 (id=1035):
syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000003880), 0x4, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f7", 0x1}], 0x1}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000004c0)=""/90, 0x5a}], 0x1}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ec000000100013070000000000000000200100000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000ffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000045fdffffffffffff000000000000000000000000000000000000000000008000"/133], 0xec}}, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000400)={0x1, 0x0, 0x80, 0x2ff, "b75fc47f994d6d4056b9b835c0a5dd0fcd70131cb9a8f007512701d3987e5821"})
r4 = userfaultfd(0x80800)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r5, 0x6, 0x3, 0x0, &(0x7f0000000300)=0xffffffffffffff94)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000))

9.531531708s ago: executing program 4 (id=1043):
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000580)={0x0, 0xffffff20, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b8, &(0x7f0000000000)={0x0, r1, 0x1, 0x0, 0x1000000000000})

9.480747938s ago: executing program 4 (id=1044):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000040)=@filename='./bus\x00', &(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='f2fs\x00', 0x2800080, &(0x7f00000001c0)='discard')
r0 = syz_open_dev$media(&(0x7f0000001a80), 0x2, 0x2000)
socket$nl_route(0x10, 0x3, 0x0)
r1 = fsopen(&(0x7f0000000140)='mqueue\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0xa)
fchdir(r2)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r4 = creat(0x0, 0x40)
sendmsg$nl_generic(r2, &(0x7f0000000680)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000340)={0x2e0, 0x36, 0x200, 0x70bd2d, 0x25dfdbfd, {0x14}, [@nested={0x2ca, 0x154, 0x0, 0x1, [@nested={0x4, 0x4}, @nested={0x4, 0x153}, @typed={0xfd, 0x32, 0x0, 0x0, @binary="aed811a42fc3ec3215012daa72a0ccdcb904499cc87a46d57976a3db2f96ae26195166a0bed4222958b455cb36077a359bb53fa47cdd71cde3af86bb0f0fc7cbfd782af1292cc1ef987488ad419e9919cc12bedb8535027051d325a831523a11c6af8fe6106e93171574c6e4dbfc9dd45bc76a1ede95b6c130707ee7b77020573b16e907238a20c0b9657aebda1dc5dd96f4faf1fdf57b241183ce9a602b0863cd210ab17b3eb51ccd1165c594e4bdaea206f3b2b7b4fe1a51db2b3b7e1a087cf47fb222624562bfbbcd43c8e7c39f890402611eced333a44cd6d7f3b0d1fdcd6ef4bb9181f612b4d689396b628ab32af0c13b98956ef67566"}, @nested={0x4, 0xe9}, @typed={0x8, 0x72, 0x0, 0x0, @u32=0x9}, @typed={0x8, 0x2c, 0x0, 0x0, @u32=0x4}, @generic="6ff48f5be832b2a598a334a229718188755e53832a25f5ba3d286da9a99fc145109f508e6f064b0af04b011eee7ce17f74d027feb4fd3a1870541f020faa7648500c3ba1eb4aab0f8d41fadc6b916afbffa5a9ae5aa59de60ff7bc8fb57048af8ca8e119dd65a48520d426c59e887be4fcc470934740c1fce0996d9aad16c28631579e3d469745656ee8d0c6e7278bb7d979c6d617b60136e40749ed9d5d2640a4de39851cb30c3797f947470595", @generic="f5d4425941bf89d9430531fd0e80400445a3ba3d919abd6c891f60294f95507a95a041f9f57dec8dcd06f1df22ad3e4d6f8075bb6727fe03cbc439cd42073c90c5628474fd1f0cb478b9502783d0313413b080fd1c6aaaaecddf274db8947d00f1c24ec17b3abd3fbc6f772065061212ec4a9da074d4a3e6179f8e74af7b2aa4094e29a013360ef72361024c98ee814c50892b4850c6b45f45cd95a6ebd90cf776258d088c087f32b799af3136c8727534415eeeff217b58ddda6b16707f587757a65944ce8ed146106c9b4e4cca197d1690825223c5f6fe50eb41c0554715", @generic="4dcc2ca7b3f985fd448ccb028854aed48d41359596eda637ba6b841596"]}]}, 0x2e0}}, 0x400c080)
fcntl$notify(r3, 0x402, 0x25)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r4, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x2c, 0x1, 0x8, 0x101, 0x0, 0x0, {0x0, 0x0, 0x6}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)})

9.409238624s ago: executing program 4 (id=1045):
add_key(&(0x7f0000000040)='rxrpc\x00', 0x0, &(0x7f0000000080)="0000000000000002ff69000000000001000000c000000002000200861fa72e5b01504104bfeacdd5a9007d167c71e3b8a93aa64d957a684161c833020a6da8881fb79e110483bfadf224a22c76ecc7a56843a85f7df51293f0eb84ef8f0f07342db3b0e5a5647b7bed1fbf069ca713670adf7d9fb6d2600fd9c1981fe9f095cfe9d2fe1e1e34f6096bf02543747b2c792890f07c0da0fa25e6101062e6c9176a70e41698814a213711764f88495994cfd8a57c1e13f6b5298e7ab3a2bfb58dde34d58536633c27882e51ced17d67999b00094461", 0xd4, 0xffffffffffffffff)
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000040)=0x3164, 0x4)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000300))
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000bd500020050000009500000000000000fd46b8bf205bdf98befdb91c2d4c692a71d2986fab4a5c7a86797603a63345279b399d0a05854dd249fb29c5733a5da15635eb4a4bc54f0ec8416a312410958d29835ce6ee71a46d38e7ea78133aa5cac3047b50f028ded627a14b36b4a5f185ca15076bad27577cda8bcf7d5e068648c82c9bd6ec5f92c2b54c09718a12b3749b1ada6f05a20427070b6a34416197391b1c63ecfc50266aaaa5559a1cd81c5a756e163e583636246381c41110b9b298f0306ed2de54e1a89a79a8ae068f4eb6e55dd6a71ea7b468f6a62c25a02d7952b930f65b9327db37108a9fda"], &(0x7f0000000380)='syzkaller\x00'}, 0x94)
clock_gettime(0x0, &(0x7f0000000000))
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000000203010100000000000000000000000008000100010000004752e0f7064461e78b05ab3f002808cc05cfddbcf1c68a79b0590aa91daf44"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB="200000000203010a000000000000000002000000090002000000024870"], 0x20}, 0x1, 0x0, 0x0, 0x44001}, 0x40000c0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="2800000010000108fdffffff0000000800000000", @ANYRES32=0x0, @ANYBLOB="000000002104020002001b00000000002af142c928d4aee1cda27d6c4ccb42e3b0988c0d5bd2227f3f50d4908664d77fb2f3125ceb83b5523b27e2db0120f7507e09461df1a2c3fd691987af77b051ba98a4c7221cc08b989b7e307444c6c047e7617d3fe5427ad30f4e4ac8e179a67e6fad89af4507fae2dc6d03911eedf8947e0c8635b83186f4812272055232fdca085c431d940f117dcc6b2623b650634336dfb4cd77e0cf191b71d3a91fce89c317e0dfe88d5409d5af306ce1e53edaa176f47422015ac0b407284b38f2425e4851c849e1a03070ee505bdf400506c5f5a5098eb8b633ab9bc24c8f34afcec406a726"], 0x28}, 0x1, 0x0, 0x0, 0x4040000}, 0x8024)
socket(0x80000000000000a, 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x34, 0x10, 0x10, 0x100, 0x0, {0x6, 0x0, 0x8100, 0x0, {0x3}, {0x0, 0x7}, {0x6, 0xb}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x7f}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x448c0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000280)=0xc9, 0x4)
readv(r3, &(0x7f0000000200)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1)
sendmsg$can_bcm(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES64=0x0], 0x80}}, 0x0)
r7 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0)

9.061334068s ago: executing program 2 (id=1047):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000580)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000005c0)=0x1, r1, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000480)={0x7, 0x8, 0xfa00, {r1, 0x10}}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x400b, 0x2)
r5 = socket$kcm(0x10, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r4, 0x80045301, &(0x7f0000000240))
ioctl$FBIOGET_VSCREENINFO(r4, 0x4600, &(0x7f0000000300))
r6 = socket$nl_audit(0x10, 0x3, 0x9)
r7 = openat$dlm_monitor(0xffffff9c, 0x0, 0x100, 0x0)
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
quotactl_fd$Q_GETFMT(r7, 0xffffffff80000400, r8, &(0x7f0000000480))
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="02126200110000002bbd7000fddbdf25010014005400000001001400db000000050017003c2000000a004e2300000004000000000000001c4000000000000001030000000000000008001200000002d6ef072614e066ab569456e91c70027f00bb6b6e000600000006002b000904000000000000000600000a010100000000000000000000000000ff1200000100"/152], 0x88}}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r11, 0x10e, 0x1, &(0x7f0000000040)=0x1, 0x4)
lstat(&(0x7f0000000140)='./file0\x00', 0x0)
quotactl_fd$Q_GETFMT(r6, 0xffffffff80000400, 0x0, &(0x7f0000000200))
r12 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd700004dbdf250900020073797a3100000000080041007369770014003300626f6e643000"/56], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r13 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r13, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x11, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421e03001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x3, 0x100000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xcccc0000, 0x1000, &(0x7f0000f15000/0x1000)=nil})

8.531345287s ago: executing program 4 (id=1049):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="340a0000000000007910480000000000610410000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r0, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
io_uring_setup(0x6baa, &(0x7f0000000300)={0x0, 0x9cf7, 0x10000, 0x1, 0x63})
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

8.451387246s ago: executing program 4 (id=1050):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000140)={0x2a, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_control_io$uac3(r1, 0x0, &(0x7f0000000d40)={0x24, &(0x7f0000000b00)={0x20, 0x38}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$HIDIOCGUSAGE(r2, 0x5b04, 0x0)
r3 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r3, &(0x7f0000000400)=[{0x0, 0x0, 0x0}], 0x1, 0x8040010)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/87, 0x57}], 0x1, 0x0, 0x0, 0xf5000000}, 0x0)

8.094752067s ago: executing program 0 (id=1054):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
fdatasync(r2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xb)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xd}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x54}}, 0x0)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2fdfffffd}, 0xc)
socket$inet6_sctp(0xa, 0x801, 0x84)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x20, r7, 0x73b, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x20000080)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8)
r8 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi0\x00', 0x101001, 0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r10, 0x702, 0x36, 0x0, &(0x7f0000000380)="e460334470b8d480eb20c15286dda4fba8285e2e31ca72823a29dad4781041a996430bbe5ecac76a351df831cdb98842af6450b2abf5", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r11=>0x0})
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002480)=ANY=[@ANYBLOB="3c0000001000030400000000fedbdf2500007400", @ANYRES32=r11, @ANYBLOB="00080000075005001c0012800b00010062726964676500000c00028006002700010400009bca6a49404e8ae61d771c58efd8a78f162031007db0091cc59675174067202240a321334a080b6bfcf0442da999"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, &(0x7f0000000140)={'comedi_bond\x00', [0x9, 0x2, 0x7fffffff, 0x84e1, 0x6f8c, 0x2006, 0x9, 0x8, 0x80ffa, 0x0, 0x0, 0x84fe, 0x1003, 0x1000004, 0xf, 0x10000, 0xffffffa8, 0x7ffffffd, 0x1ff, 0x9ea, 0x10, 0x200, 0x7, 0x5, 0x5, 0x8, 0x400, 0x8, 0x10000, 0x4, 0x7ffd]})
r13 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r13}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r14 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r14, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x106, 0x1, @scatter={0x0, 0x5c00, 0x0}, &(0x7f00000004c0)="851666ce20db96ab0c7d83e114e7ef1762249711e34f4ce12c6afeb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9fa225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9fa73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acd52eab032468cc8075451bcd5c081a8db84ff509a2f874daf6b3ddff977834d87", 0x0, 0x10, 0x5bb727690d5f0ff6, 0x0, 0x0})

8.082003797s ago: executing program 2 (id=1056):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x2010040, 0x0)
r1 = syz_clone(0x2b00b100, 0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
r2 = syz_open_procfs$pagemap(r1, &(0x7f0000000040))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f00000006c0)={0x60, 0x0, &(0x7f0000594000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x7, 0x0, 0x0, 0x3, 0x30, 0x50, 0x5a, 0x58})

7.991688753s ago: executing program 3 (id=1057):
syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r0 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x25, 0xe, @void}, 0x10)
fstat64(r0, &(0x7f0000000040))
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
syz_emit_ethernet(0x46, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x70bd29, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xfffffffffffffcad, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
prlimit64(r2, 0x1, 0x0, &(0x7f0000000180))
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x0, 0x0, 0x0)
syz_usbip_server_init(0x6)
writev(0xffffffffffffffff, &(0x7f0000002480)=[{0x0}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0xfffffffffffffdca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000002e00010026bdf000fc00000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x4c0d9}, 0x20004000)
ioctl$KDSIGACCEPT(r1, 0x5607, 0x1)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r6, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r7, 0x40085112, &(0x7f0000000080)=@v={0x93, 0x0, 0xa0})

7.840034812s ago: executing program 2 (id=1058):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="340a0000000000007910480000000000610410000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r0, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
io_uring_setup(0x6baa, &(0x7f0000000300)={0x0, 0x9cf7, 0x10000, 0x1, 0x63})
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

7.771620949s ago: executing program 2 (id=1059):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x20846, 0x2)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
keyctl$update(0x2, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_hci(r1, 0x0, 0x2, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001180)=ANY=[@ANYBLOB="20000000400007012bbd7000ffdbdf250340000000004280080009"], 0x20}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000040)=0x4)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x4, 0x1000}, 0x4)
setsockopt$packet_int(r5, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0x2, 0x3b}, 0x1c)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
lgetxattr(&(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)=@known='system.posix_acl_default\x00', 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000500)={0x38, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x38}}, 0x40090)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$tun(0xffffffffffffffff, &(0x7f0000000040)={@val={0x0, 0x6005}, @void, @eth={@multicast, @multicast, @val={@val={0x88a8, 0x4, 0x0, 0x1}, {0x8100, 0x4, 0x0, 0x2}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x6, 0x14, 0xe4, 0x0, 0x0, 0x84, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}, @loopback}}}}}}, 0x2e)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9774c95d6c007c91903f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a68faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410aa300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf8110d5df1beb1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c4095a27cc8c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5c7792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5ba446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffab9199b541013c0aadc36484da57511896c14776a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078aef94d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162fd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a33c1bbc29c0035657da66a87150bbb885be5ee123e431fd793ea179a0fc77aaee66d874c0616cb32324826b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266ce9ef639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d3e2c74f4925ad58377b0d6ae9b97034f94"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.55993574s ago: executing program 4 (id=1060):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x1, @rand_addr, 0x2}, 0x1c)
listen(r0, 0x2)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x8a, &(0x7f00000001c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x80}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x54, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x15, 0x1, 0x0, 0x0, 0x0, {[@generic={0x2, 0x12, "25a31641bba628b7daf641a6958cd749"}, @exp_fastopen={0xfe, 0x13, 0xf989, "e895eefe1935234b314d142257be74"}, @exp_fastopen={0xfe, 0x6, 0xf989, "c20d"}, @md5sig={0x13, 0x12, "15a7d9fa6b6f3ffffa3afbf87ff8e812"}]}}}}}}}}, 0x0)

7.417516854s ago: executing program 33 (id=1060):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x1, @rand_addr, 0x2}, 0x1c)
listen(r0, 0x2)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x8a, &(0x7f00000001c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x80}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x54, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x15, 0x1, 0x0, 0x0, 0x0, {[@generic={0x2, 0x12, "25a31641bba628b7daf641a6958cd749"}, @exp_fastopen={0xfe, 0x13, 0xf989, "e895eefe1935234b314d142257be74"}, @exp_fastopen={0xfe, 0x6, 0xf989, "c20d"}, @md5sig={0x13, 0x12, "15a7d9fa6b6f3ffffa3afbf87ff8e812"}]}}}}}}}}, 0x0)

7.371458699s ago: executing program 2 (id=1062):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRES8], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000001200)={@local, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b81923", 0x10, 0x0, 0x0, @local, @local, {[@dstopts={0x89, 0x1, '\x00', [@generic={0x7}, @padn, @ra={0x5, 0x2, 0xfffd}]}]}}}}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0xa}, @union={0x0, 0x2, 0x0, 0x5, 0x0, 0x0, [{}]}]}}, &(0x7f0000000f40)=""/4089, 0x3e, 0xff9, 0xa}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0x5, 0x0, 0x0)
writev(r3, 0x0, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000001100), r3)
socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
pwritev2(r4, &(0x7f0000000980)=[{0x0}], 0x1, 0x5, 0xa, 0x14)
syz_open_dev$usbfs(&(0x7f0000000280), 0x20d, 0x8401)
syz_open_procfs(0x0, &(0x7f0000000000)='net/ptype\x00')
unshare(0x400)
r5 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r5, 0x4610, &(0x7f00000000c0)={0x1})

7.268433995s ago: executing program 34 (id=1062):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRES8], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000001200)={@local, @broadcast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b81923", 0x10, 0x0, 0x0, @local, @local, {[@dstopts={0x89, 0x1, '\x00', [@generic={0x7}, @padn, @ra={0x5, 0x2, 0xfffd}]}]}}}}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0xa}, @union={0x0, 0x2, 0x0, 0x5, 0x0, 0x0, [{}]}]}}, &(0x7f0000000f40)=""/4089, 0x3e, 0xff9, 0xa}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0x5, 0x0, 0x0)
writev(r3, 0x0, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000001100), r3)
socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
pwritev2(r4, &(0x7f0000000980)=[{0x0}], 0x1, 0x5, 0xa, 0x14)
syz_open_dev$usbfs(&(0x7f0000000280), 0x20d, 0x8401)
syz_open_procfs(0x0, &(0x7f0000000000)='net/ptype\x00')
unshare(0x400)
r5 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r5, 0x4610, &(0x7f00000000c0)={0x1})

7.219275191s ago: executing program 0 (id=1064):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x2000000000000013, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xb8, &(0x7f0000000140)=""/184, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
keyctl$set_reqkey_keyring(0xe, 0x2)
request_key(0x0, &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)='q\xa9', 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @loopback}, 0x10)
fstatfs(r0, &(0x7f0000000400)=""/83)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='bic', 0xff3d)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0x4)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000fffff0000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200000000000000000000000000000a030000000000000000000002"], 0x0, 0x56}, 0x20)

5.392967912s ago: executing program 0 (id=1065):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="7c00000010000104000000000000000000000081", @ANYRES32=r2, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000500000000000500", @ANYRES8=r0], 0x7c}}, 0x24000004)

5.392709502s ago: executing program 3 (id=1066):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
setns(0xffffffffffffffff, 0x24020000)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0xfffffffc, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x7}, 0x8)
connect$netlink(0xffffffffffffffff, &(0x7f0000000180)=@proc={0x10, 0x0, 0x25dfdbfe, 0x800}, 0xc)
listen(r1, 0x4)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
ioctl$FE_GET_INFO(0xffffffffffffffff, 0x80a86f3d, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f00000002c0)=0x1)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRESDEC=r0, @ANYRESHEX, @ANYRESDEC, @ANYRES16=0x0], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x42)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)

5.270739835s ago: executing program 0 (id=1067):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="340a0000000000007910480000000000610410000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r0, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
io_uring_setup(0x6baa, &(0x7f0000000300)={0x0, 0x9cf7, 0x10000, 0x1, 0x63})
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

5.191694683s ago: executing program 0 (id=1068):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000, 0xfffffffe}, 0x800}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x24c4436d5a174b6d, 0x2}}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r4 = syz_clone(0xa000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ptrace(0x10, r4)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000000)=0x1d6f4194, 0x8, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
setgroups(0x0, 0x0)
shmat(r5, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
lseek(r0, 0x1000000, 0x1)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/mdstat\x00', 0x0, 0x0)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r6 = syz_open_dev$I2C(&(0x7f00000000c0), 0xc, 0x88000)
ioctl$I2C_RDWR(r6, 0x707, &(0x7f0000000000)={&(0x7f0000000380)=[{0x4, 0x4801, 0x0, 0x0}], 0x1})
epoll_create(0x3)

4.910310635s ago: executing program 0 (id=1069):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c00000002060108000000000000000007000000050004000000000009000200737993310000000014000300686173683a69702c706f72742c6970000000000000000000e7000000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4040841}, 0x40c0)
syz_open_dev$video(0x0, 0x485, 0x40000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x0, 0x0, {0x30}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}]}, 0x3c}}, 0x48800)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_J1939_PROMISC(0xffffffffffffffff, 0x6b, 0x2, &(0x7f0000000200)=0x1, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socket$key(0xf, 0x3, 0x2)
r3 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000040)={0x0, 0x8ee6, 0x800, 0xfffffffd}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_ublk_add_dev(r3, r4, r5, r6, &(0x7f0000000180)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, <r7=>0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@any_dev={0x1, 0xe50, 0x0, 0x0, 0x1000, 0x2000003, 0x0, 0x0, 0x16}}}, &(0x7f0000000280)=<r8=>0x0)
syz_ublk_setup_queues(r3, r8, &(0x7f0000000540)={0x0, 0x1460, 0x10, 0x3, 0xb2}, &(0x7f00000002c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0xca33, 0x0, 0x6, 0x273, 0x0, r3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1e3c, 0x8000, 0x9, 0x112, 0x0, r3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xf39, 0x1000, 0x3, 0x102c4, 0x0, r3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x2e84, 0x1000, 0x2, 0x21b, 0x0, r3}}], 0x4, &(0x7f0000001540)={0x2e, 0x41, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x1, {0x6}, 0x0, r7, '\x00', {0x1, 0xffff, 0x0, 0x0}}, 0x0)

4.785268732s ago: executing program 35 (id=1069):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c00000002060108000000000000000007000000050004000000000009000200737993310000000014000300686173683a69702c706f72742c6970000000000000000000e7000000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4040841}, 0x40c0)
syz_open_dev$video(0x0, 0x485, 0x40000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x0, 0x0, {0x30}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}]}, 0x3c}}, 0x48800)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_J1939_PROMISC(0xffffffffffffffff, 0x6b, 0x2, &(0x7f0000000200)=0x1, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socket$key(0xf, 0x3, 0x2)
r3 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000040)={0x0, 0x8ee6, 0x800, 0xfffffffd}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_ublk_add_dev(r3, r4, r5, r6, &(0x7f0000000180)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, <r7=>0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@any_dev={0x1, 0xe50, 0x0, 0x0, 0x1000, 0x2000003, 0x0, 0x0, 0x16}}}, &(0x7f0000000280)=<r8=>0x0)
syz_ublk_setup_queues(r3, r8, &(0x7f0000000540)={0x0, 0x1460, 0x10, 0x3, 0xb2}, &(0x7f00000002c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0xca33, 0x0, 0x6, 0x273, 0x0, r3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1e3c, 0x8000, 0x9, 0x112, 0x0, r3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xf39, 0x1000, 0x3, 0x102c4, 0x0, r3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x2e84, 0x1000, 0x2, 0x21b, 0x0, r3}}], 0x4, &(0x7f0000001540)={0x2e, 0x41, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x1, {0x6}, 0x0, r7, '\x00', {0x1, 0xffff, 0x0, 0x0}}, 0x0)

3.421444154s ago: executing program 3 (id=1082):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000080)=0x2, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x50, 0x10, 0x401, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x50158}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'syz_tun\x00'}, @IFLA_CARRIER={0x5, 0x21, 0x5}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TRUST={0xc, 0x9, {0x80000000, 0x80000000}}]}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x5}, 0x40080)
setsockopt$inet_udp_encap(r0, 0x11, 0x68, &(0x7f0000000100)=0x4, 0x4)

3.213525533s ago: executing program 3 (id=1083):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000000)={'macsec0\x00', 0x8001})
setresuid(0x0, 0xee00, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x4d000000, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='quota,grpquota_block_hardlimit=3'])
chdir(&(0x7f0000000100)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1e, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x904}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113380000000000bf3000000000000025000200091bfeff3d200000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200000300000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_msg}, 0x48)
r6 = creat(&(0x7f0000000100)='./file0\x00', 0x59)
quotactl_fd$Q_GETNEXTQUOTA(r6, 0xffffffff80000900, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x403, 0x0, 0xfffffffb, {0x0, 0x0, 0x4, 0x0, 0x10461}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIN_LINKS={0x8, 0x12, 0x3}]}}}]}, 0x3c}}, 0x44004)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, 0x0, &(0x7f0000000080))
fsetxattr$security_evm(r0, &(0x7f0000000000), &(0x7f0000000040)=ANY=[@ANYBLOB="b40b"], 0x7, 0xba8ce99fd21d5f50)

2.529666287s ago: executing program 5 (id=1089):
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_PREPARE_BUF(r0, 0xc04c565d, &(0x7f00000000c0)=@multiplanar_overlay={0x41, 0xa, 0x4, 0x100000, 0x8, {}, {0x3, 0x1, 0x1, 0x71, 0x0, 0x1, "e5e64701"}, 0x69, 0x3, {0x0}, 0x5})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f00000002c0)=[{0x6, 0x3, 0xf7, 0x7fff7ffb}]})
close_range(r2, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0xffffffff, 0x7a6a)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) (async)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000100))
r5 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
r6 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
ftruncate(r6, 0x2)
lseek(r6, 0x0, 0x3)
ioctl$SNDCTL_DSP_GETODELAY(r5, 0x80045017, 0x0) (async)
ioctl$SNDCTL_DSP_GETODELAY(r5, 0x80045017, 0x0)
r7 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2) (async)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) (async)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r8, 0xc058565d, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x8, 0x4, 0x0, 0x0, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfc, "244cb303"}, 0x0, 0x1, {0x0}}) (async)
ioctl$vim2m_VIDIOC_QBUF(r8, 0xc058565d, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x8, 0x4, 0x0, 0x0, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfc, "244cb303"}, 0x0, 0x1, {0x0}})
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r7, 0x4112, 0x0) (async)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r7, 0x4112, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r5, 0x8010500c, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x28, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0x0, 0x700}, @generic={0x0, 0x2, "d58838000391"}]}}}}}}, 0xfd6c)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e00000004000000040000000200000000000000", @ANYRES32, @ANYBLOB="fdffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x33}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x33}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r10, 0x2000012, 0xe, 0xffffffffffffff79, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r4, 0xc2c45512, &(0x7f0000000700)={{0x1, 0x2, 0x513ecab3, 0xa, '\x00', 0x2c}, 0x0, [0x0, 0xa, 0x45, 0x6, 0x29, 0x8, 0x0, 0x4, 0x0, 0x1, 0x0, 0x83, 0x2d4, 0x7, 0x7, 0x4, 0xffffffff, 0x3, 0x1, 0xffff, 0x0, 0xfffffffd, 0x5, 0x3, 0x7, 0x6, 0x3, 0x0, 0x4, 0x0, 0xe, 0x1, 0x7d9ee141, 0x3, 0x17, 0x0, 0x8, 0x4, 0xa, 0x3, 0x0, 0x8, 0x3, 0x4, 0xffffffff, 0x0, 0x6, 0x0, 0x3, 0x3, 0xfffffff9, 0x3, 0xff2, 0x7ff, 0x7, 0x95a09c2, 0x8, 0xfffff001, 0x4000300, 0x9, 0xfffffeff, 0x8, 0x7, 0x1, 0x9, 0x8001, 0x3, 0x7f, 0xffffff01, 0xd388, 0x1, 0x7, 0x0, 0x1, 0x0, 0x5, 0x0, 0x8001, 0x4, 0x27, 0x2, 0xfff, 0x4, 0x0, 0x327, 0x200, 0xffffffff, 0xf, 0x49, 0x4, 0x7, 0x73e, 0x1, 0x29, 0x8, 0x8, 0xc5, 0xa8e, 0x2, 0x7fff, 0x8, 0x80, 0x948, 0x0, 0x6, 0x7d, 0x2, 0x3, 0x87, 0x1, 0x9, 0x549a, 0xb, 0x9, 0x4, 0x8, 0x81, 0x1, 0x5, 0x9, 0x8, 0x6, 0xc, 0x3, 0xc, 0x5, 0x7, 0x9]})
sendmsg$FOU_CMD_ADD(r7, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x4, 0x0, 0x25dfdbfd, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x3b}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e21}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x8094) (async)
sendmsg$FOU_CMD_ADD(r7, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x4, 0x0, 0x25dfdbfd, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x3b}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e21}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x8094)

2.323241191s ago: executing program 6 (id=1091):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x800, 0x0)
ioctl$SYNC_IOC_FILE_INFO(0xffffffffffffffff, 0x40103e05, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0xfdef)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000500)={0x0, 0x200, 0x0, 'queue0\x00', 0x1fd})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000440)={0x0, 0x0, {0x1, 0x2, 0x0, 0x1, 0x1}, 0x801})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
write$sndseq(r4, &(0x7f0000000080)=[{0x1e, 0x0, 0x8, 0xfd, @time={0x9, 0x4}, {}, {}, @result}], 0x1c)
syz_open_dev$loop(&(0x7f0000000240), 0xffffffff7ffffffd, 0x160862)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRESHEX=r5])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r8 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r7, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r9=>r8}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r6, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r9, {0x4}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000100)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x1, 0x61, 0x10, 0x18}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}]}, &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x200}, 0x10}, 0x94)

2.131499892s ago: executing program 5 (id=1092):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000001600010000000400000000000a000000", @ANYRES32=0x0], 0x18}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x63)
write$P9_RLERRORu(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="d1cc67"], 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x78, 0x2, 0x2, 0x603, 0x0, 0x0, {0x8, 0x0, 0x9}, [@CTA_EXPECT_FN={0x8, 0xb, 'sip\x00'}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x2}, @CTA_EXPECT_HELP_NAME={0x9, 0x6, 'snmp\x00'}, @CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @local}}}]}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x3}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x3}]}, 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x44)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x2], 0x0, 0x0, 0x1, 0x1}}, 0x40)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, r0, 0x0)

2.131255676s ago: executing program 6 (id=1093):
unshare(0x2a020400)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
poll(&(0x7f00000000c0)=[{r1, 0xe7d4c009da6c1985}], 0x1, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x68)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000240)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0x2)
ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000040)={{r2}, 0xda86, 0x2, 0x2e})

2.003295439s ago: executing program 6 (id=1094):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002680)={0x6, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x2}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x468d81, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs_stats\x00')
read$FUSE(r0, &(0x7f0000002740)={0x2020}, 0xfffffffffffffef0)
sendmmsg$inet6(r4, &(0x7f0000000d00)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffc}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000400)="b8", 0x1}], 0x1, 0x0, 0x0, 0xff0001fc}}, {{&(0x7f0000000080)={0xa, 0x4e20, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x45af}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000340)="01", 0x1}], 0x1b6}}], 0x2, 0x0)

1.987683938s ago: executing program 5 (id=1095):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xaf, &(0x7f0000000140)=""/175, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3a}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000000980)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e2d7ae6a21d056c2c51a416a76b1a03dc55ea62d43c809e0ed6e56162fdab317afd5c34d614367e4425bb9a97e38b8beb840200549eed5aaa86dbe646fc95b4b88e2afb55ae6f1229bcf13ecff7a597f452bed6b6fb4c812df9be8e35d8d15086609c033a5d2a42d5dca30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec907000000ba5ae65e31f00e641832d29ed658b91f349b80e830fa29fc891b8b0d2de59d006ce210a0351b6bbd06c77c9aa67b5d7287fc1bfa1d0bf035ccdd4b20d7f95b5c77afde046b146ce8b395126f00000000000000000000aa7c93213bc6ef4da9e28ef7", 0x135, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha256\x00'}})
add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000240)="bc30a071d8bcb8794f5d8e1334b133b0cc64874f1a44052e038135a56412a20d4363f5df408fc6441639e75c7470bb11f031bf8ed2", 0x35, 0xfffffffffffffffe)
syz_open_dev$video4linux(&(0x7f00000001c0), 0x3, 0x42583)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x70f9a000)
r6 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCGFEATURE(r6, 0xc0404807, 0x0)

1.318284901s ago: executing program 3 (id=1096):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000001480)) (async)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000001480))
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x2, 0x2, 0x801, 0x0, 0x0, {0xa, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)={0x3c, r3, 0x1, 0x0, 0x25dfdbfe, {0x39}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}]}, 0x3c}}, 0x4000)
ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000001440)={0x2, 0x0, 0x200015, 0x1, 0x8c, &(0x7f0000001040)="539b728253b34833c989afc1bf0fd2343286e09b0591477383e9204d07a30c435ea1057f6b822d4a3afa4a94b1cbf36cedac70f37a7fc21de5fe69b2454931c37bc2a93f6f177066e8df71ccebafeae48a6b4f97b3d0dfe02e8da7f4e18c6efac020157b302bf87217da4217db1a30ef34d9358fa20adcf2077a4a25ccc967303dc237e40dc20617b40cb8f373a2adba1c4b7ba5a3336d5c33a04df45f13750a0d23920fd6b6628ce5780733289d22ddc7b4007b704e7e83b67df68c443e464e71b29b8e859044fc7920455b98f2ed409f2668bb39ede445a64a8e22ac553277144875f1800890651b5a2f242224de71f0f9ba9694c094295dcbac8ff99f8fcbda07007b2f87d0dd5d9eb6f3ac4c922c2f2b3ed2a5c0fc15be916183153044fe905f0bfa24450a2e3aa826d469dfccc384163f6617e25865e22a0c44a5acaced3a84da67ffb8df584d28b3c99a5a1b9f7621383d85de659c834fb8b405fb7f5e4709e66844abef1898e2156e4be6bd7e305c004ba0e4801b56ad0f01f45e69a6338a30b4ad40bb718b59688468cc1ec8ebd999dfba5eb17cf2d7b4868e550bf59302f2bac5e87431520d144be8adb1cfc301551894cba065c71f1a06e9d14628fb289955a502d6c3871f23ecd4e32e14b613f2667a6be1816324a74ce9fd5fe38f7efc8fa834850d4d65f7543ea5251f816504d1d8f2c5f4767359b67c440a7b61535a916188a00055892565bbd8d61c4a835edeafa44ddb6c33d3a0edc0cf3e6feca69f311c1a4d6c8a64eba0187431c2971d0c55123b8e63f7d4c2ec0b3c50102cb1b2962edc54f6cae7344eb15053270149a3cb9eb1fb1e1fb59ed449076f3ae9a38cf0ce112f25331177c3d730b1e527a5ebfa8b1f7301b9301c1158291b1f36dc6bcecd2fba16a041c1cde8cb5653a37daa34705da16ff50cadcd9a8f9a8b941808f72ac4995c64a3a03679399560e39aa58aa5c8a3bff901f6d757a872f0d97c85448c3eb8400a36f62019c07a0130b83c5f81f4dd3ed145f0b63c146cd7edf800298083968d1b181aee97b77b2f0b23a0c21591b9ae9a595767b3b033421475db873a7eaa6c7ea782549f21d12f61cfcadfe00c577e4c1669a4022648cfe612e46ff4a1c6fcb28e6c92db016f65d7a8e08c1662c097faad1040d390887a37889e14e57857e8931cf6e6cb7c2d49cbc245722b58391fa25ae0d4dd7c2a5a277d792b9c7c0f99d41361eb6676379b78bb494cede3d0c187b626a708d6c010f021c93004ba591c288d99fcdd1bad325f9cf44e263312e422e5e66e79d505db2e0a7d6213c8abc923bea708e93a06bbc4d19ee65dc648e91518a99bb5d8819f474bde517abd6085d5674ddd94d5d8cef0251d6ac4a894654f0b2b5589c0f30431e5667c1af38037a656adbcd404ff4570cdb25edafd756d42a2a670f98c4b"})
write$UHID_INPUT(r1, &(0x7f0000000000)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d670a8b089b3f393563030890e0879b0af8c6e70a9b334a959b669a9b2f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d073b5d0acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669114e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20da911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78020000000000000095104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813491ad8deff4b05f60cea0da7710ac0014000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21cc4e3fe9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8000f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebd8d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414440f8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eb4581f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab9640071550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c513a9177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f411254c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486229e5b2e30bfc43c10ec23ea6283994a7dde4da12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df7227dfdb0d2b9e935c5af3cf474bed79dfc24ab0f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78c8fa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609daf1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000026347ee8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000650c00", 0x1000}}, 0x1006) (async)
write$UHID_INPUT(r1, &(0x7f0000000000)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d670a8b089b3f393563030890e0879b0af8c6e70a9b334a959b669a9b2f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d073b5d0acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669114e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20da911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78020000000000000095104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813491ad8deff4b05f60cea0da7710ac0014000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21cc4e3fe9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8000f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebd8d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414440f8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eb4581f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab9640071550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c513a9177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f411254c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486229e5b2e30bfc43c10ec23ea6283994a7dde4da12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df7227dfdb0d2b9e935c5af3cf474bed79dfc24ab0f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78c8fa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609daf1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000026347ee8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000650c00", 0x1000}}, 0x1006)

1.081201786s ago: executing program 6 (id=1097):
r0 = syz_io_uring_setup(0x320, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f00000c0000/0x5000)=nil, 0x5000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, 0x0, 0x0)

981.773854ms ago: executing program 5 (id=1098):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$sock(r0, &(0x7f0000005a40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc02}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000005300)=[@txtime={{0x14, 0x1, 0x4f, 0x2}}], 0x14}}], 0x2, 0x400885c)

981.465599ms ago: executing program 6 (id=1099):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x606824f5, 0x80100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000040)={0x1})
r1 = openat$mixer(0xffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$SOUND_PCM_READ_CHANNELS(r1, 0x80045006, &(0x7f0000000200))

903.708928ms ago: executing program 5 (id=1100):
faccessat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) (async)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000040)={'ip6_vti0\x00', <r1=>0x0, 0x29, 0xa, 0x6, 0x3, 0x8d, @empty, @mcast2, 0x7, 0x20, 0x80000001, 0x2}}) (async, rerun: 32)
ioctl$OCFS2_IOC_GROUP_ADD(r0, 0x40186f02, &(0x7f0000000100)={0x2, 0x4, 0x2, 0x7}) (rerun: 32)
r2 = syz_usb_connect$cdc_ncm(0x0, 0xa7, &(0x7f0000000140)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x95, 0x2, 0x1, 0x6, 0x60, 0x9e, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x8, 0x24, 0x6, 0x0, 0x1, "ded52b"}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0x4, 0xd, 0x401, 0x9}, {0x6, 0x24, 0x1a, 0xb680, 0x2}, [@country_functional={0xe, 0x24, 0x7, 0xe, 0x570a, [0x4, 0x5, 0x5, 0xdca6]}, @country_functional={0x12, 0x24, 0x7, 0x80, 0xfffe, [0x2, 0x7, 0x5, 0xfff, 0x3, 0x69]}, @network_terminal={0x7, 0x24, 0xa, 0x2, 0x71, 0x2, 0x6}, @mbim_extended={0x8, 0x24, 0x1c, 0x7, 0x6}, @dmm={0x7, 0x24, 0x14, 0x6112, 0x9}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x40, 0x39, 0x7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0x80, 0x5, 0x5}}, {{0x9, 0x5, 0x3, 0x2, 0x270, 0x3, 0x8, 0x7}}}}}}}]}}, &(0x7f0000000680)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x200, 0x1, 0xaa, 0x7, 0xff, 0x1}, 0xa5, &(0x7f0000000240)={0x5, 0xf, 0xa5, 0x4, [@generic={0x71, 0x10, 0x2, "f942f93b6078d19f2cf77102aefe7ca38b3f8579c86a1e2c49247c19b2f4f7ad9fb9b7bbb0bd6b25da7d9653ed8d4dde2f123fe5b3f30241a0194433d41e3740317fe125c59f9c550c132f9a467e6fe844d1e3070577ca1ee4a440fd1d5a11b9276299489686a47d0df050a0a66c"}, @ssp_cap={0x14, 0x10, 0xa, 0x9, 0x2, 0x2, 0xf, 0x830, [0xffffc0, 0xff00f0]}, @ss_container_id={0x14, 0x10, 0x4, 0x1, "f8215a2d92cf5496db287df5769aafb5"}, @ext_cap={0x7, 0x10, 0x2, 0x6, 0x0, 0x7, 0x5}]}, 0x8, [{0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x3009}}, {0x36, &(0x7f0000000340)=@string={0x36, 0x3, "51100366e571e5211398a3e1532f2ca985f29394381f428a2649a5248f2f5d861be7d279cb9dc7130234126f10866f82848ed754"}}, {0x68, &(0x7f0000000380)=@string={0x68, 0x3, "6ea35c6de8aa034e9cfe79125f8dbf04792cca46017564e3e7d3a3f9d71d131eb1992d542eb30d601e959979c2e0b85f39ab829b6c5b8ce1c33ffb997246984ce84b2ace45439fc5f4ff6832978058e35d7fc6e89f479f1d678eb0064e1a2e73a5e9854f2d37"}}, {0x30, &(0x7f0000000400)=@string={0x30, 0x3, "2a0649256d3219e46a889e3939a1ecaa741f123c1f5f464526f2a20af8ff9abe58da9cbf935e82214056c3fa1d9b"}}, {0xf0, &(0x7f0000000440)=@string={0xf0, 0x3, "f2a5747cda2ed626bcb8d43e6a00dd7b4e7b7609de28d1cf28786e8c818710d4c7ac0ac092c2dacab7391d9304d26993674579baad5a44e27c9a6035759c60bdfcc0bf609f9b5616d8fd368020447c7ccb45702baa76b416a12df32e8a9a57caf2925d491bd8e0fdfa87bcf3ae35255afb1b4731284652b62a0e81a472da825c1f77503b639c25ef39ef2a37e97ebb9144b23d4a978d1e0b31313de159618ed4d93bb2578c311c844a6ad7306d02c57462dd64c4950cc743813a3b4c65aeb624e255eb7ebdda1619d62d947d4d79ce95b9411c6f14bf2eb9244b6e6dc5132d50cce8c1c23e2c1305cf1da922e6be"}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x820}}, {0xab, &(0x7f0000000580)=@string={0xab, 0x3, "230ffc1bb127fd57a1702264116b7372e1fd2fb9fa2a0bdaabddc151b14274f71d5c5afc7560bd7d7a04e9bfee68a385be733ed9314016f783cfdc5a095ef82c4287ed5a87c7d959fa0e9f114b4c8e146a5f2f04392e97f68d50cc14563bc8184c8d72adeb4cc0596e399fb1fbf36ebfaa059379f0687cb082ebcf6ab56e30b53404499aeebc5e9e7153c0aab47069b7158e53d3d3b5764167cd059863d4067d781e6698b02a7d13f3"}}, {0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0x340a}}]})
syz_usb_control_io(r2, &(0x7f0000000a00)={0x18, &(0x7f0000000700)={0x20, 0x10, 0x102, {0x102, 0x31, "ed5cbf455600cc0073d367f27ab0ee8488d74bdfc015b1a25965ab8821188f3a107c50f073a5b3cd60ce0941135c6c32ab8d025e8cef318448fb6ec0c780615bff6c61e25700c3bdd7ef886eb9cb67aec210b18f2fef21c906c191325c11289c4d2189da1229c50b34f79ac8c3245489ee90c18bc4c69f711bd8d2d32b24f8ade0c6dcb53609c0ee3ca04e85eace4c7fedf54520b3f6baa2fe946d8de4d7657dcb63b11240e932c548ee8411eed50462b117ec2a3ba7eaafa99023c43ee8227320fb777950782ef68ffd7848fb6c6d21dc9ec125f206b6cc7a570fb54c34b0ef88486f15343d278d6538ff2a1d557655e6b9f4a6f9de3921b3e7da475353dc2e"}}, &(0x7f0000000840)={0x0, 0x3, 0x8e, @string={0x8e, 0x3, "cdeccfeb6b8d6d9c9cb4c7ad9b92e49f521c14329b19b9a9a5be6f29fbb2cd3be08d01debc01d1775b07b972f9fa0c82b858f017f85c274d448daa1304ef9033662be3dcd42c8b4511ea388b6d6f2757badd28816dfc50b13b06a2fb27bf68b411450c47c49ca74b323ebc1a9a9b5770cc6ae27a48b6c881e86fc2f6b4a3eedb90af61345a05e6d9fa42a2cf"}}, &(0x7f0000000900)={0x0, 0xf, 0x47, {0x5, 0xf, 0x47, 0x5, [@ptm_cap={0x3}, @ssp_cap={0x14, 0x10, 0xa, 0x4, 0x2, 0x4, 0xff00, 0x5, [0xff0000, 0x0]}, @ssp_cap={0x14, 0x10, 0xa, 0x7, 0x2, 0x1000, 0xff00, 0x0, [0xe080, 0x0]}, @ss_container_id={0x14, 0x10, 0x4, 0x2, "c717c7e52320ac64b429b6e066a28509"}, @ptm_cap={0x3}]}}, &(0x7f0000000980)={0x20, 0x29, 0xf, {0xf, 0x29, 0x4, 0x80, 0x42, 0x8, "551e26be", "9c568559"}}, &(0x7f00000009c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x6, 0x3, 0xff, 0xd6, 0x2, 0x3, 0x3}}}, &(0x7f0000000f00)={0x44, &(0x7f0000000a40)={0x0, 0x17, 0xdf, "d688d34504dc30caeaa5087a986973ceb850cbd8954bb2c62823bb51fbe95f76009fbf8f7a4706807e65b49e72f34cbdc0da6d4f386b8a0efd2399cbb0848ac925ee1a1b50f91230de0c15f85ca21bcd663a56410e31a8dc6af5196bb8b4ef46a00fa88d79e2a4218de3ed1fdf459c63f1977e544000d081b58429df7a105226a083d51e91999d993044b1ac8370e55fcd7b5f07c181164878bd0d90294e73df73d70147bdeec32c10daa3a35c8455cafb85292f18dac9214fd44a522a68b3f0ed7b0d793a2c5db5f500e2277b406a948314cc0750959f0e1dd0d72c53fda1"}, &(0x7f0000000b40)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000b80)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000000bc0)={0x20, 0x0, 0x4, {0x2, 0x3}}, &(0x7f0000000c00)={0x20, 0x0, 0x4, {0xa0, 0x50}}, &(0x7f0000000c40)={0x40, 0x7, 0x2, 0x7}, &(0x7f0000000c80)={0x40, 0x9, 0x1, 0x7}, &(0x7f0000000cc0)={0x40, 0xb, 0x2, "ed15"}, &(0x7f0000000d00)={0x40, 0xf, 0x2, 0x7}, &(0x7f0000000d40)={0x40, 0x13, 0x6, @remote}, &(0x7f0000000d80)={0x40, 0x17, 0x6, @local}, &(0x7f0000000dc0)={0x40, 0x19, 0x2, "73c4"}, &(0x7f0000000e00)={0x40, 0x1a, 0x2, 0x5}, &(0x7f0000000e40)={0x40, 0x1c, 0x1, 0x5}, &(0x7f0000000e80)={0x40, 0x1e, 0x1, 0x14}, &(0x7f0000000ec0)={0x40, 0x21, 0x1, 0x8}})
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000c, 0x10010, r0, 0xe2768000)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000f80)=0xb) (async)
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f0000000fc0)=0x35) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r3, &(0x7f0000001100)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001040)={0x58, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e23}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x6}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_MRU={0x6, 0x1d, 0xebc0}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}]}, 0x58}}, 0x800)
r4 = openat$mice(0xffffff9c, &(0x7f0000001140), 0x40002)
write$cgroup_int(r4, &(0x7f0000001180), 0x12) (async)
read$FUSE(r4, &(0x7f00000011c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
r6 = syz_open_procfs(r5, &(0x7f0000003200)='net/hci\x00')
ioctl$XFS_IOC_FD_TO_HANDLE(r6, 0xc01c586a, &(0x7f0000003340)={<r7=>r4, &(0x7f0000003240)='/dev/input/mice\x00', 0x408400, &(0x7f0000003280)={@_ha_fsid={[0x9, 0x549d]}, {0xb434, 0x9, 0x6, 0x63}}, 0x80, &(0x7f00000032c0)={@_ha_fsid}, &(0x7f0000003300)=0x4})
ioctl$PPPIOCBRIDGECHAN(r7, 0x40047435, &(0x7f0000003380)=0x81) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000033c0), r8) (async, rerun: 32)
ioctl$TUNGETIFF(r4, 0x800454d2, &(0x7f0000003400)={'bridge_slave_0\x00'}) (rerun: 32)
r9 = syz_genetlink_get_family_id$gtp(&(0x7f0000003480), r4) (async)
r10 = syz_open_procfs$userns(r5, &(0x7f00000034c0))
sendmsg$GTP_CMD_NEWPDP(r7, &(0x7f00000035c0)={&(0x7f0000003440)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000003580)={&(0x7f0000003500)={0x74, r9, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@GTPA_TID={0xc, 0x3, 0x4}, @GTPA_I_TEI={0x8}, @GTPA_PEER_ADDR6={0x14, 0xb, @dev={0xfe, 0x80, '\x00', 0x21}}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_NET_NS_FD={0x8, 0x7, r10}, @GTPA_PEER_ADDR6={0x14, 0xb, @local}, @GTPA_TID={0xc, 0x3, 0x4}, @GTPA_NET_NS_FD={0x8, 0x7, r7}]}, 0x74}, 0x1, 0x0, 0x0, 0x80}, 0x800) (async)
syz_usb_connect$midi(0x6, 0xd2, &(0x7f0000003600)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0xa7, 0x1430, 0x474b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc0, 0x1, 0x1, 0x7, 0x130, 0x2, "", {{{0x9, 0x4, 0x0, 0x0, 0x7, 0x1, 0x3, 0x20, 0x0, [@ms_header={0x7, 0x24, 0x1, 0x0, 0x7}, @midi_in_jack={0x6, 0x24, 0x2, 0x3, 0x8}], [{{0x9, 0x5, 0x94638be01000f7e2, 0x0, 0x8, 0x10, 0x4, 0x42, {0xe, 0x25, 0x1, 0xa, "c9bed5928a1b64c3356a"}}}, {{0x9, 0x5, 0x9, 0x4, 0x8, 0x6, 0x5, 0x10, {0x13, 0x25, 0x1, 0xf, "ca9a1b32245ddd770fd61f476a65da"}}}, {{0x9, 0x5, 0x4, 0x0, 0x8, 0x7e, 0xb, 0x2, {0x11, 0x25, 0x1, 0xd, "06923c633565c33ced29c433a5"}}}, {{0x9, 0x5, 0x80, 0x10, 0x40, 0x7, 0x3, 0x4, {0x7, 0x25, 0x1, 0x3, 'KGb'}}}, {{0x9, 0x5, 0x4, 0x4, 0x3ff, 0xa6, 0x80, 0xf, {0x10, 0x25, 0x1, 0xc, "e8e29c33df3973c161f03899"}}}, {{0x9, 0x5, 0x8, 0x0, 0x8, 0x4, 0xc0, 0x15, {0xa, 0x25, 0x1, 0x6, "36b5fea9c5ed"}}}, {{0x9, 0x5, 0x4, 0x3, 0x400, 0x0, 0xa, 0xf8, {0xf, 0x25, 0x1, 0xb, "d88322fd63af14ff182115"}}}]}}}}}]}}, &(0x7f0000003a00)={0xa, &(0x7f0000003700)={0xa, 0x6, 0x110, 0x8, 0x8f, 0x3, 0x8, 0x80}, 0x9b, &(0x7f0000003740)={0x5, 0xf, 0x9b, 0x5, [@generic={0x6e, 0x10, 0x3, "ed4ebb2f4adc0df3b11f4d76f137a1a279a8d7e99637b8fdcd626df176e6cfc289bd421c023b234318452476cfca981da9745b2b78b996a4b02f151295598018ee145e3bfb51cd05332f7322b7dc75631473fa43fc36bac1028fecf040a9ad5fccf327f79724e1e98bc894"}, @ss_container_id={0x14, 0x10, 0x4, 0xf3, "462bbb8b025c298c6913850f772e5db0"}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x0, 0x6, 0x668}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x7, 0xf8, 0xf, 0x6}]}, 0x5, [{0x86, &(0x7f0000003800)=@string={0x86, 0x3, "6cf3d65d67521255b5af77b6a8a3f0c30919ea709442ae0ec9b89b7b6b964864e935eb0c914099b19dc8e1947bd09b066bab606cb193eb3fc7c71be1272bf4f6fab777302f438224b8f506649b24341d50854529bf762af72679c70636af4b795added8078875301a6d0a091a416febad39bd17a62f7c7558852a93a37c951c974991adc"}}, {0x5, &(0x7f00000038c0)=@string={0x5, 0x3, "37588c"}}, {0x4, &(0x7f0000003900)=@lang_id={0x4, 0x3, 0x44d}}, {0x3e, &(0x7f0000003940)=@string={0x3e, 0x3, "0c1e065ab8a6be26c9ff2c5b33807989d25774ec79061034ba3c8fca7f63443bde7c917ec7f085edc00e925e88d10d49ca653ab5fd9307e029000bd9"}}, {0x7c, &(0x7f0000003980)=@string={0x7c, 0x3, "a34dbed4d6d81fdc5e8129033126125781a20e8a02a65701390c1390f5cd80f0612cf00517a7a9fab53640cfa0cf125b6912204eb46f7a4e2406fe10d146db304e976d19c0bae09cec2206462b30a03c461f19a1b83354f3b383731398c8f6975b63b5a2d61ec3427294bde359c7eff8459ce133945b212f2dfe"}}]})
sendmsg$GTP_CMD_GETPDP(r8, &(0x7f0000003b00)={&(0x7f0000003a40)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000003ac0)={&(0x7f0000003a80)={0x1c, r9, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@GTPA_LINK={0x8, 0x1, r1}]}, 0x1c}}, 0x4004040)
r11 = socket$kcm(0x29, 0x4, 0x0)
sendmsg$kcm(r11, &(0x7f00000043c0)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000003b40)="95add8b46f7d443e74061ccd88d5feba333aae1580857ea951a8209a5608fce24937c02ab4c81132e168c58f7114acabed2f4c2ea411bd80c5ad6e2c518c4c00580e2324578d8e9c23fb48d2734da6930cca547b23cc1a63e9606d6ebcb7f21df3cc5e6fb7789a4ead964bea49d2379eb683faafef10e3e74e34010dd294ce395bdd8e4cf1478e22035c2dcb62e60d65a94720cc52c3dd6107d93c9c3153773da96c8baed7064c5f13fef46caf30bf202f22ea3385a94b80d3c071bf999aa8edc4c3cd7f0b43f8702ef3848da9157faea46c21f3b2a78bef706742df9a0430a2a187a9fb7a06e8c63f3ce7ff89bd429d8c2e3d79478b7bec352c4eedc072", 0xfe}, {&(0x7f0000003c40)="e6dd5aad127b9fc9ff0552490fc4865621ff727b2213efbd4ddb6ef894f40414ebe06d3b4985ab0485289a24295f70cfc33dd05e6e05a1fc61", 0x39}, {&(0x7f0000003c80)="50913d29b41fd21c641f50de4d7e7c751bf286b555a22a04808e9a76f34c630f2bf0f452e0a12d9b002b9b8ded9294811339952b7ecf04c6b8b2a6623d8c196a3934638ebb9ba259eac619271dd4d1202efde05aa991fec7406c9420142d73a79234a5d2c208dbadeeafff674d056c3d6e9a97574a25bf03cbb9cfd32696bc62478c23d5d1f908f7c81cdf3eb61939ae91e045cef85729a13b70f736a74315e55f471026cdce20c7fac3f496cbeb878d1f1222c2b9164b5ea52edb296a526621e10bd10cef19e1591dfdcf", 0xcb}, {&(0x7f0000003d80)="a9cfe61b46d88dfd2b5766c93ff31327f61903adcc0c259f88ade54e517125bde878226e75775f1b6efb249b411a7cbbe436f114fd0a320c0e79b0d3b68df259e7e6ace03de4ba1168d92213424177d1a257c41a87348e0911a848bf02a092c0d5390de5232e01f521b31aaa7d43ae87e89c7df682cceba883cdd7ea930e27cdfd2e16e42192dbea40b4176a8bc6954a265e6c2f55ef7dcde88c55dd8f9069e7a1c14e26416f273e2ca8c7529960d5bcc1242f8b8e63b5b9dc379d1966651f10df8f9ae643a7d081e818daaf6b1340c4eccd7dcb3b225d454971", 0xda}, {&(0x7f0000003e80)="536472a6fbf2c4f057479a20e3a45ccbcdd2681ddb055dbb8e4d68ee51ab0441d91dd60297e1023af4f6239e8aa49ed08f1e20734377d3e009a60c096e50d6f73277a0d00c98b151392d18512f39d4bfb9b40557eda9c410fc215b9674e4ebdb7e017c44a1788ea12c47ab549af49d09e2dbe019", 0x74}, {&(0x7f0000003f00)="1924c214bf7b54c1dc4247ca1ab11b4b71a933008534bb377c507c01b9692d11fa0f0f6e316a38c6ae026c48ab11fceec54609bc07f2d279e6f4da32994dbf540ed6b1ad06a5d36848d84512c04150f2e5aa91a8d2691af05383ddcdf7cdb14278221154da2cd363df86f2693dd55dc5b60c32ba7f94e9437ca4f2387b19c3fd75ff4373dbd3def4d689e812e41bca5d26e4b45b0c89ddc47e8981d81a38309797b35f22480f93a3c418d33fa58b759cb406b40c6bb90b7ad86770d9394a2304d80bedfe1b66a784dd87a957cf0524bda1d961d0ad44df470d9e768d862f", 0xde}], 0x6, &(0x7f0000004040)=[{0xb0, 0xff, 0x2, "3c9277ffcb87ca136cb93ba2bf1446d0689e26ac4a9a904528047198c4496abd85afff758fb7a622ed6c254593b4ef693de31e5fe8579649bcad6a820ca9a20d6579dbd8a2895a2a7d6a56067ae02bbd507e9d26f9f8f7521835b7c58906d94ec218452efc38c9e71a8628b816a9c0aae76a845cd82673b4a3511b281c90e543b20604b3d5707a173208f4d751a78d0edb05bacbe091a2b5b688577f7d52a472ef6692fe"}, {0xc8, 0x3a, 0x8, "6cd30e70504a204da3b29de762666d55e8712299695f7107bff28bca0f612d0399d49463d51604006ac0904408d372e0f7785068d43166aba88dd617f51613981d4b96244cd15fe0fe1eab41dda2549b71111c8978f444001fba283183a8befb3df3c21797d4bb5ad43202be653fe399311dd3ff7f28e73e91b3e3b3a80f6953678a31c927d256995db32b5cbdfc3dc62c903a497ccfb12184ae9aece73e41c55ea7655222a0e99faab5c1f14e42e1f8e2a802f2f72bc72540a2"}, {0x30, 0x1, 0x200, "4721fbdea696dbe99458f18ac59985d0cd825a7339d80c53a46c0de7fd1c3416ade580e9"}, {0x9c, 0x84, 0xffff7fff, "269b5fbca95ad066722cd60b3d25e70cbc42feef29fb5b8542007e9450c1432fcbdf4c85060152b9f032b568f04aabd8931814ccb89e7341b3f602116ac09acd1033243f252e4c4f16d22ff4692cd1a666ee1c68a9f6e9ec9c80302fb1efaaf744945a2b341fa221dd1c492c55b9108cf75f420238c4276cd7ce7d984e8d3488c10ee19dbbc9e0174b090b561e228300"}, {0x38, 0x30e, 0xffffffff, "d18ee7e014aacc6a9a39dc51ee27b3b3176ffc930e5727c94a46289f41c6586b69a7184bee9e392967"}, {0xd8, 0xff, 0x4, "db6f9e84c22e6ee3f86e2764cb1621a45a19fc477a7260d8f5d7a00710fd53a0a2ba9bb11164545714fca28878b394736fe4d640c0eeef506b221fd6a45d8517e1110546ede8e819ad9a6aa27f829da02f1ee29f34e4bc6da3201c52ab4a1cc18fef1acec2d208cc35a02b70c5e9ac97a4ab9ef388c29686671262f74f72445be760a459708fa080fc10f79bf732418d9b8df70a4f3fe295b42b184beaeb0d1299f12b06ac63e06e659134f2819f25a68f3bc00fc359742b4f892fa98002a8c4606ec50a3c93e3a5074dc472"}], 0x354}, 0x804) (async)
setsockopt$inet_mreqn(r6, 0x0, 0x24, &(0x7f0000004400)={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, r1}, 0xc) (async)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0xf503, 0x0) (async)
ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f0000004440)={'veth1_to_hsr\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}})

829.192564ms ago: executing program 6 (id=1101):
r0 = openat$tun(0xffffff9c, &(0x7f0000000000), 0x240200, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'ip6tnl0\x00', 0x2})
syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x101040)
r1 = openat$tcp_congestion(0xffffff9c, &(0x7f00000000c0), 0x1, 0x0)
r2 = signalfd(r1, &(0x7f0000000100)={[0x10000, 0x5]}, 0x8)
ioctl$TUNATTACHFILTER(r2, 0x400854d5, &(0x7f00000001c0)={0xa, &(0x7f0000000140)=[{0x8, 0x1, 0x1, 0xa96}, {0x5, 0x7f, 0x5, 0x8}, {0x8, 0x9, 0x9, 0x6a46}, {0x1000, 0x4, 0x9, 0xe00000}, {0x0, 0x8a, 0x0, 0xc63}, {0xffff, 0x6, 0x9, 0x10001}, {0x0, 0x0, 0x9, 0x6}, {0x1, 0x3, 0x3, 0x3}, {0xffff, 0x6, 0xff, 0x2}, {0x98, 0x4, 0xd, 0x9}]})
rt_sigprocmask(0x2, &(0x7f0000000200)={[0x0, 0x3]}, &(0x7f0000000240), 0x8)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r2, 0x400c4150, &(0x7f0000000380)={0x0, &(0x7f0000000280)="a72ff1c815fd85565074895d6bbdd25e4b3f17615b8a241a45e8818d2142de0be65fe8d6f4d2ecfa1c1ccd5d2a2e510f358f7736a2b055088e68d0ad5fa1ff97de1363f2dde9957a3efb54fa7a64e81d5db6fab80b9fc2036158879e31030dadc03af3db639405cc35371e90d481d282cfa7545cf64bf313d823d491b1587785d84726ad55910f4e8edcc8317e52cfafd3557e3819a465a7df42f8092c5ad28dac64e251ed847cd37072f528c476289392d0edca307529aaafaa989636e6dba5aa9387e4060a2aae0b254984fa075b27b596a931a2513985cfd33cd946f723fecf1b68bae6c01feeefccd4d682ea13601324f66cfd5a3f595e00ac", 0xfb})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f00000003c0)={'veth0_vlan\x00', @multicast})
pselect6(0x40, &(0x7f0000000400)={0x1, 0x9, 0x1, 0x1000, 0x8000, 0x5695, 0xb65, 0x1}, &(0x7f0000000440)={0x9, 0x3ff, 0x4, 0x1, 0xd440000000, 0x8001, 0x4, 0x5}, &(0x7f0000000480)={0x3, 0x9, 0x1, 0x7fffffffffffffff, 0x8000000000000001, 0x1, 0x2, 0xb539}, &(0x7f00000004c0)={0x0, 0x3938700}, &(0x7f0000000540)={&(0x7f0000000500)={[0x8, 0x5]}, 0x8})
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_dev$audion(&(0x7f0000000580), 0x7, 0x400080)
syz_clone(0x10803900, &(0x7f00000005c0)="8133e35be1b47fc6bcb0bc58c46b764d0dde5b34c2f7f76f9119eae4eb9bdaa116a1af968bf98cea3c340a11bd1965c1d2d061cb8eb240f9717e37ccc88a2562c3a01c86", 0x44, &(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0)="1fb3134f29bb143fcdf5ff5e15647f88a2f1f9d6cd60a41fd4d520353f3110ca3c0512d80e5e1bd200d31ae6d18a26295b2cdc54103d5d728a9e2c2683e8b8383183ce1bf84a10370765c721396a61cdcdda0333c52b331304a5bd51b31732ea4ba4f3b2adabe100af283f7aa06dff1ed609c90bf400b72fb57d689d9b8dc809f8c41cddb54d3c10519b9416e4e4864184850ad724049085f202a6ae61f27ecf05f596a08efd44c737a3efb58875c7")
io_setup(0xfff, &(0x7f0000000780)=<r5=>0x0)
io_pgetevents(r5, 0x2a, 0x2, &(0x7f00000007c0)=[{}, {}], &(0x7f0000000800)={0x77359400}, &(0x7f0000000880)={&(0x7f0000000840)={[0x8, 0x8]}, 0x8})
r6 = openat$ocfs2_control(0xffffff9c, &(0x7f00000008c0), 0x20100, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f0000000900)={{0x1, 0x1, 0x18, r2, {0x2}}, './file0\x00'})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000a40)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000940)="7f885cd81d846215f9529dd5b5723008273d065996d246cc80b13c8f944c7bb5024b121cfbddeed7f2b8b466647107f561eabcd8d550b250a06e95def9d536215814cda932c585c4104a532df4ea87dc1e6d5da45986f1ad71e6abbf00f35b61ecbb5ade7938d9bdf72ce25a33bc32f93a412a81ffa383c60d1edb508bc8ac2fb445fc1e520abadfc84c738a0a3e87a3ef5504fd6daa57b4f4fa7d8205fafd8c18ca28362532ab5292a9d6892d28a73efa2673b8dc24326d162b9c2a72aaf597241fc06ddd425bcc77", 0xc9}, 0x64)
r7 = syz_open_dev$vcsa(&(0x7f0000000ac0), 0x0, 0x40)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x1b)
ioctl$MON_IOCQ_URB_LEN(r4, 0x9201)
sendmsg$inet6(r6, &(0x7f0000001e00)={&(0x7f0000000b00)={0xa, 0x4e22, 0xf, @local, 0x4}, 0x1c, &(0x7f0000001c80)=[{&(0x7f0000000b40)="51558252e7859976b09aa4f8cc0358f444e8ea5b810eacc7d9eaa69681d13267fc94e6346b845074897caf83fb5f7d85f021ba7022f84eaf7779b1dca2c00ea13b799da49629b4d6aecdf86a54292fc6be8da4a56cecc29ce9340d4aef1c44df34dc2faa858376355e56f0f8c8cb05be0f081252c1ea9546b410269707909bb472e2b3bbe668068f8e9466ea813f109dd5ff5a2ac33145944f85ea20a67643f0bd1347da69faa5ba1b52b2e7723de6789f65083c1db7d8095aa1b875c7bcf698516a33fcc50d4caff5d24b9d7ae7d1e7b79d4c2653941e2a729502", 0xdb}, {&(0x7f0000000c40)="6a12d22979bf59ec9e2be46ef5b570c3e92b09054982dc7030e32c4771a33182be7086b724d443ee92e9b944ae5fe0af9b6dd8e89fb36a237afd15e19b0b97d25ccf221805afe024fd9c05b406a7e6818a3b41e4efdfa6e66a753e0f60da4d7ae7d95d0da61c861b4aeb842dece1e4cafe14fad24ce37017daf165421a7420577442e2b96a937c5ea576034ea51440510701b7092ce1fa25f20c13572b271a21dfd26741cd9816d235e873a9fbae7425fdf958cb68a468584eb14f8f88c24c6dfa6b7c4e3834e8ba5d28ee83421c19e1b76d71bcb7caa17619810aa61b5e172682e396f270c31ce6044b9365df3f19b611fa96be158bb1b907ca32fbcd492a93b2f91eddd0f879e53df5b39fbda96f80afddcbaf4eac2d70183a565718ea4d95e3aa99e647a54e549e0514687c25c62112bcc6400f67c778da5bfe112f81e63ae2af7641f636f060bba224ab0a0c044ec19830ecc5c38a067683183c1c0ce46b8a560234320baae8c31c28bad73e7896313cfec1508d413c31238e1a6226c10da54f697d253369098d8b8b0a3ae678784cb92bcc15eca128267e61a9e427e572b804959e3e98664b997b88c2db268697a6d0f421b2f0906581ac6125859d6e82c73973f570ffce1d2ffd7e48f9ddec7b34b9f921f3a420aa56475cfcce31395dc0ec4aa1663c4e17ac77d7fb9fe32a1ce592eba94432adb12cb95cb9fce7d0b46a83dd4979fcf3b749965e98e54e893a3187f978079329be798d7a9ec0641fb3706cf1138ab8a6d32a348d083f8b28330d8310a123645c275df9a6ccde44e2bcba6327fa3dd5751328d02d49afaa68b822994dc36849cb0f8a2e3726dc8f956e6194c2aaac1fb028325bf10df18dd0cd97945b4cb60f7bdaccef639a5e09c13606b8f42296947cd425ea673d7943d65d7a7e3709308f57e307a26c2715d1b8d4476fd1307bf5109fc42b336750cba870adf9e8857ee47ed1c1d88be99d29a16e7104de9a3e380cda5106d94e076a686c96c20cbfd9e016a90e943f98bc1a3460be177263b46f03c6205a9601100e83415e78f6778261624124c0cf0322ba0509ef4cd3b9415b04e299a0625867710cceaec34f45eee25442689825e75b32bc83a6add632acef4d87e66811bcbbd945d720e228a8de2b2fbf5534dba86756b1ab17a47580643f4b6173f05e860cf7faf3b650223c85ee8e7ddd5accfa93d93e1ab240761dbbe12e09043ecef5d04c10454c2d441156d98fc86388b20af83f22b378307aa2f105631adfe058e0bf242ad3f3cdf9048a5d0c563023fc97be607db80cf0c02d3f21f013862c4d76331a207a6c785b97f406fc8623dc685074343733c6b02d1b9028cd42ede992622815bfd2ab6fc52e277f743dfddf203c74c8770ebc003f31f243eaa4349a9f7a7f3593811ae9e3874f56982a4581037a29f6803b45f416340fe9acfcbdac82aa2aa951abd9e36e86a9d1c0868ffbc6e8f6d5f3d40821b9bf45bcff833fe7e11fc447aef13d9fcec9d6cd99a4ce4264dfeef53705c36b838fe42c43db372d307a8c9173973d034dbab212f1781bd0aa5b6ddcac6577939a9c3879a6d8133cf3b1491c146fa2abb97eb0e59fa8967edc8e59f00081b23d40cec9fdadbafdf091f2952072303688d29e074e2dc11386ac3724a1e0e5371ac736d9ff7135275e6dab422618a05259b428770b307a41bd522a06c989820f2e2307b6a42f2ee215ea5add4402cec721fce42a0b0399325083f16ce94cc68a9f915bc3a3549a28651c9a7f4b25f18cf40970c14926f246a1c1b54b3809daf0ec1a5f7d60f55d5678e95446d1662d352e7995188eba6dd4489620d4cb18c3afb77dacbeb6ab128d6949cd535e428a9614e0939f5c650d187e7f9d39f8a86c08af038339da94bafe644475ed7136967eb9e206f0466e679b06305234919a62e311bc8e15b7f58a197e2811cc79ab5a29c6d9887e8dbb0f7139234ee406a0ba1d78de656efe6c8611a73b97689ec72164dbe61ef9f8bd03eed899f84847cc8ad4ac0936de52afa1b2710cb82f1f95973559564d24687c4f8ff35900848041cae0c9766f09a51435b80fb32377170ed5af543f79e1466d93b7941fe299fff87bff42c4edea8e25e3798b30431597bd3f9383a31bb9d0fa84bd24fcdbfafd0432e24d224991b15dad1e9418f5cf6cb376534b830e6679e6183abec95d897d042dde624909bde5d0a75767abbf36939dc33274e6a52c33f3a9f1aea6be96ca6cfe8ad646d3d68a009aa7b7f9ffd3cc79c255eb3752d9d105d93c02df6d6b6dad7b8b95edf2ef9d422b141eb15afc863c744651976660d63e8585df661ee7bf4eb37ce2861f457d10fbf65259e79692f7dd59ec42b53308a23ac97687298ca0a48b8ce76aca4b3dd4f4301f522589bbde098d2166bc49cfcacb715ccc7995db840c2bd0f68ec6ca40908c82a5a21c99f0e47699472655a94dabb3949e0c137798c013f02209778f006a844887b5030c302f04d1e0cb3b1750396926c254e5f67cf4595aba7d1a2b0521e22ad03f02139d578b97759955c22c9e6a70bf1fbe58efc2a576533ab295a7c82d2419a6a28c4ccc4eda477415c17e03f7da5817a883592863c3d0aa4880cd1c0e0e482509bcbcf9f29447071dfc7c473b696c4537dca76aaf704bb4b3cf2e5b522657253fd29be2a9042a0680a90a1774ab3f85261449ec2cc4fe561c0be8cbeeceacb97c2a4ae4c75c75267baa8b297a76f092e03efeff8c5c6f7c8fc7c2a19f0eeb749ac23622456fee5a11b9a470fb617187b7241ec21b4ab07b743e59e3499a6e99f34036add30458741b82d9b1c9b0d089a9bc530d5d54ffb624c1305e52ef2c07aadb99fc9bf90f1c023492ef421d40cffdd09604db0d08bf1eebb803aa76dff1737a8db24eb0a7dfe5977a95153b2a55bf43dd7d2001077f3e69f7e4ae1e933636cd2e9f17e5f0348020285f5d4d07b2a69a074b0e13c731033ba5f88e281e6eaf66c2ecac07df897a43048b400bea43230eee9f4614ded8b97aa99adb535e3cb1ea52fbb5327eb12d99e7681a1b83e0a344ff7944f30ee8eb5150617e206a7518c4d77c6112692a8910b5da79958d4384e929d5ba0d2f4bb07c4533e17375c35f5a0154ebc4af494e94a0ffa37e7b57e2473ec1b83362ddf854e5b88eacbc6e0ef4996414b2b11052b3c3dfc3afb8565941f3b29059239df22c7dd0042298661ba099adf99f0932bec7fcf9d4d918b8a74f6725e406c35a59d628c30e9543ca8bdbda242642ca518ee9b62a5f77ef74cdf887b882443f6ea925270717bade47eeaf28531768285c298c14ab794c2aa7aecf8e418f3aee67c4818aada7e4030bbfd6ca0b1defde024954740f1e507d03642b5a1c476684fab58065e7b6114aec56c0657936bcad339be518140b9b721d94a0adf871086c3147d562158d33c1266def104e538c6824aa6a54483cd63813f971ec3b3f31bdb2aa572cc4e9c2ba96ff41e31b6902154c482cc3809c4db8ada007c4b0c4367862187df0f226fba4bb297e2ae8c6e239e287026b5963ce31e28258e0c5291209ce1c3a7fb2ae70693580a325bb0f067f9f487e56f846f4b579a51a9f2609691b98fa81689c07c04eb37bde72ac95d261d514fe462324801dfbefaa9ef56ed6bd3f90e8ccffc4ce11e2b403a65abddbb95af083d7f0b7e844870341bd85a7161e4d1d59ea679aa553d58247cb2a3a9e56f09b5670cccae7b400db55dba61925aefcee01571f85fe42f17ef2dda9cdef4669912f157a22e1660a2f343e857b3d3cec9c93c9c7329fd2a9eac33fc5dd623ded516f34c06395e667c1743b1e611bbd6b604f63e2715b44e779bb5e99421fbb38f5aee36dcfd306dea5ede02a3048dbcec6f2c79fd4fa8a6a97f3027ae343e7a6fcffe50a0da9dc48ff28f86fdcd5ca2533d864e979ce444aa65ad442d8923c93ded115f8473bb3ed1fa978e0c93e51301b8eb1376bbbb815d3a66f8beab9b2692d9a810c1a831730fbb99f2ae0f7b05929f9b7d5d0e0ee2bef880fb2a820e710f253c890af7c246a24a8b637b3e179ac876d53dc134f4f5f279deeb725b049dd141a53bf41b35efb24ea6db030fef9b0c7c4197f620eb23fdcb57a01e8e3773de5a42cb697747210ea05ab60ee0c5def8fb8372d35012854ba588756eea49a6578b13e43135d4680787804cfffccc9016edc1ddca566a0a53e8b80580d3f1e07bfd45e8233ee5ea912d4d8a500c61970b85b96997f1abf5c9f0a6717e6de7b76b3df07d23a47181f0b45eb748350752e7b5f15733dcfd049370f764cfb44f974908821a1c0b1e13dbc939514749544e6ea0b96febb02d2b22e02c5e2e2de8b9a5dde0e4e852468581c985734c1631ccae61e8da707bf3e40ae25a2660c1ada385b95521aa301c37184d04d38c4b1ee034a7106760018b2a50e4963c53d3380c12add659ad0c8c8f47ac7c3f8204149435e7db65a808f66d9d99697028391d30daf0ee83eff7f09a1ea7aaae9d8a6220725b2a4f085a8572713905f693ba7674d7367a9ee1579882b9678dd2f6c0df1b8be6318d9e96732c9c844a33e6e56bc6558dfa8e7c359667bfb1932997dbc3c0c0816f4e38075e0dc9cf07da695462faaa0ced6b87ae525ef90dd90e35522cb18097da63a710cf002e24a0ac8d7c13dc79eb0207908233791be722dd767b9af59c4f36a92fc05985af91a2cd7332fcd3a95cd7965d2c1e077a00f2cf62abdad528c247de3490f8e004b1f133a77a90918cacc289b51e3073e69a6947e3bd73f0e10c07fcce8e74c69cb581226ca0044cdd5606a4db1b306d14e862a2c048f639b4fdc14d15689dd9c9be952aeb1d3aa77dee089d1de97bf629379c177fa33eafd0666e3b91feeabf929f92c5209bfb6155bed43546da9137bcfcac8134ab454eebbc743bc3e64d9b0c8852f02e0b6ea06d21123598c486257b336f4d33c6706842a725e0bf676994330751b1a7df5f922b135cd8c58f286cae247506bb2f236bf63d8fc0bbaa23adf4718347f88ef8844ca48c1ba97b88d687be61a0994a1c2aca3bb8cc5dfa8c9751d3ecb3b1785c06f2e22759e815aafab2fd1c02d9e4ca086952b67f880911e7f82082713d4a634613294f7b82a612e99463694968aedd88578e040666b212d3f4de0f28fc2354cd0963161407eca2508fd606d86bb0fe72fd96b5e2550836635d414690d0b8f29c07a5e2a99f5bfe1fa35f31d1411cd9d91956c8791911dd86e8736dfcd91d46b4693598187bbe25f2fc97731f004f7c300866263436c1f4e21c5338f0547ca767ecc21621485075953788c7d504329f94983896ca3e8f3223cee4a3977641074b69213b05e8a001783bddb5ef3c0a0fd1ed556255335af199a5b42b08b13193faa260dc7118542ced0582547a08c79a746a7e222aa22c98256ac1e24886051061a8b4ca3501f4624c48f50d848f75491c9862306f51461374b9cad775574cef741546ce4e1dea581af5d13ec7d36a0bf3edfd8ce69c51a6310e451ff6b57c8b477369859498aa2b3ebb27bb75a49728f10c301c35e4517251e232a38a0b689497dfd53d131e730fb0744010a93cbb9e2b6e5f84173a984c02c1a482d95bd1ae6685ebe08d874995b41151cb41ba5d1e27c0612266a6f074b2a88dc9dfbf148c59961f0b015f773f19da8f0609394aa66c65ae0f2b89d63a4f53dca3a2f23eea1d8290d5b4b3ba856b5b5afc233ab4f0d7b1c76cccf4c35f9417ce92e67b376b5590c18aa92fc482ae9642355fb", 0x1000}, {&(0x7f0000001c40)="fa7169ca05765f", 0x7}], 0x3, &(0x7f0000001cc0)=[@rthdrdstopts={{0xa4, 0x29, 0x37, {0x2, 0x11, '\x00', [@generic={0x10, 0x8d, "a1f161ef67d5318cea579ac6b9895539aa6a563ef07643fe54b05ee79a2c1992ec182a48aa8d5b1951779e841885c8c79192746cbee48987a09365215382dff7fe5b930c1a755733c35e39f15318d12a7db6cfdf09e2bd33389f45b9f4c254f0e357d6ed570fdfa9644b51c206b07d106c14df3a001a144bdcb16bd4d71d0663afdfb88296a05e489f2473faa1"}]}}}, @hoplimit={{0x10, 0x29, 0x34, 0xc51}}, @tclass={{0x10, 0x29, 0x43, 0x2}}, @dstopts={{0x24, 0x29, 0x37, {0x3a, 0x1, '\x00', [@padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @flowinfo={{0x10, 0x29, 0xb, 0x3}}, @hoplimit_2292={{0x10, 0x29, 0x8, 0x3}}, @hoplimit_2292={{0x10, 0x29, 0x8, 0x8001}}], 0x118}, 0x4040)
ioctl$XFS_IOC_SCRUB_METADATA(r8, 0xc040583c, &(0x7f0000001e40)={0x16, 0x10, 0x10000, 0x80000001, 0xfffffffa})
futex(&(0x7f0000001e80)=0x2, 0x6, 0x2, &(0x7f0000001ec0)={0x0, 0x989680}, &(0x7f0000001f00)=0x2, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r7, 0x0, 0x10, &(0x7f0000001fc0)={{{@in6=@initdev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@private0}, 0x0, @in=@initdev}}, &(0x7f00000020c0)=0xe4)
mount$overlay(0x0, &(0x7f0000001f40)='./file0\x00', &(0x7f0000001f80), 0x200400, &(0x7f0000002100)={[{@index_off}], [{@subj_role={'subj_role', 0x3d, '%\''}}, {@permit_directio}, {@uid_eq={'uid', 0x3d, r9}}]})
clock_nanosleep(0x2, 0x1, &(0x7f0000002180)={0x77359400}, 0x0)
setsockopt$sock_int(r3, 0x1, 0x13, &(0x7f00000021c0)=0x2, 0x4)
ioctl$VHOST_VDPA_SET_STATUS(r4, 0x4001af72, &(0x7f0000002200))

791.468432ms ago: executing program 7 (id=1070):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000d00)=@raw={'raw\x00', 0x8, 0x3, 0x21c, 0x0, 0x60, 0xd0e0000, 0xb8, 0x300, 0x188, 0x1d8, 0x1d8, 0x188, 0x1d8, 0x7fffffe, 0x0, {[{{@uncond, 0xee02, 0x98, 0xb8, 0x0, {}, [@common=@unspec=@cpu={{0x28}, {0x9, 0x1}}]}, @unspec=@NOTRACK={0x20}}, {{@ip={@empty, @empty, 0xffffffff, 0xffffff00, 'veth0_to_bridge\x00', 'caif0\x00', {}, {}, 0x5c, 0x1, 0x6c}, 0x9400, 0x70, 0xd0, 0x94}, @common=@SET={0x20, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x0, 0x5, 0x0, 0x6, 0x4, 0x3], 0x0, 0x3}, {0x0, [0x3, 0xa, 0x6, 0x0, 0x3, 0x2]}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x27e)

710.888608ms ago: executing program 7 (id=1102):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000004000000040000000a"], 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
openat2(0xffffffffffffffff, &(0x7f0000000100)='./cgroup/../file0\x00', &(0x7f0000000080)={0x40242, 0x22, 0x10}, 0x18)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x381, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8080)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x61)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone3(&(0x7f0000000040)={0x2a0a00300, 0x0, 0x0, 0x0, {0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58)
r3 = socket$igmp(0x2, 0x3, 0x2)
r4 = openat$binder_debug(0xffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r2], 0x0, 0x26, 0x0, 0x0, 0x2, 0x10000, @value=r4}, 0x28)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r8, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r6], 0x3c}, 0x1, 0x0, 0x0, 0x8800}, 0x10)

651.544955ms ago: executing program 7 (id=1103):
listen(0xffffffffffffffff, 0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="07000000040000001000000005"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x9, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000050000850000001b000000b700000018000000850000005000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r3}, 0xc)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000f80)={r3}, 0xc)
recvmmsg(r0, &(0x7f0000001e80), 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000000406010800000000000020000a0000050500010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4002}, 0x24000000)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(0xffffffffffffffff, 0x13, &(0x7f0000000400)=[0xe758, 0xf8de], 0x2)
syz_open_procfs(0xffffffffffffffff, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00005f7000/0x1000)=nil, 0x1000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_PROMISC(r5, 0x6b, 0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x8, 0x5, 0x7fff7ffc}]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x7, 0x2001, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ife={0x48, 0x11, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)

120.401303ms ago: executing program 3 (id=1104):
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300200d, 0x102) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000200)={'wlan0\x00', &(0x7f0000000340)=@ethtool_stats={0x2b}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
getpid() (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r3, 0x114, 0x1, 0x0, 0x0) (async)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000ffff26bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7d1e128009000108000200c000020000000000004f8f1f5e49000000"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="38000000400701010000000001000000020000010c00064000000000000060000c00078008000240000088b9b96c037e94531f0000000006"], 0x38}, 0x1, 0x0, 0x0, 0x4004000}, 0x8000) (async)
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
ioctl$EVIOCGKEY(r5, 0x80404518, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b) (async)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

0s ago: executing program 5 (id=1105):
sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, 0x0, 0x4000000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r4=>0x0})
ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x68, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x800, 0x42021}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x30, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x1c, 0x5, 0x0, 0x1, [{0xa, 0x4, @local}, {0xa, 0x4, @remote}]}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000010}, 0x8000002)
sendmsg(r0, &(0x7f0000000b40)={&(0x7f0000000000)=@ll={0x11, 0x18, r4, 0x1, 0x81, 0x6, @broadcast}, 0x80, &(0x7f0000000500)=[{&(0x7f00000000c0)="cfe9947a635524682e163055b369c1183bf35afed69b51d60792f5f39c81218977984f3985cc8340a04d56d9e12d6869f599a4314ee70acddf40da318d65b62102f53d5e8954444b4ff3fdd64875ba4665cc0184c6eef9eb1b3138f21b17b019a344eded35fad5c9b826aa0258495d1f4f4c9aa59a7eba8aabf481e79a1893e010de8302d3252b5563c1fa90ce42d4dc316648e16e58a1eeb5", 0x99}, {&(0x7f0000000380)="c0cd87ca112c211b516221302a4598ad6b68b7", 0x13}, {&(0x7f0000000400)="47fd8402cea3360b4e760761a414032e2337bb682e034f5191d24800ef79d7992ff8208c1aad813d8ba19cf3a873a97f3cca8cf00f0baf5d4c8af707061a2fe2a44af2da9d3761b868c58863a075346947e35497a61b110226f1e0790e67c4d46d87515ed3ada9db82ef5c95a50244b04b50aa9b27c85bceca0b2112ac9e5e955075999080858d0aff90a35dfa6d5aad971ae918b9f817512c6e97a76cd75ac0d553fa704500deab2f46c73e197993f7bb76bb9a5316f8593c5f12c73454c9ad82e74c4068e65f", 0xc7}], 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="c80000000f010000750a0000ee2732f84dd9bf1accc5d48afb2f606afa19b671723f81b9391f364c22cfd9f420050895cbe68057ccd13bdf50939d3cf277dd72c1062e3c26ccec365d99fbcded82d5b048063428f2c286e1dfd26e75ae4f455db6fffd009d667ba25c9284fc14b7a3626948627d9607506edb5988ca8901bd57fc12c7f0f75ae90ef98477cfa164f6c13f2c81be9ecf703e7cc66bf3a3eb44a7f631b1852f5503a800abff475548a40fa72657c7adcce3564fbf87fade43e0e6300000000200000031fe7c354d47a93d7b15bc403bc0ef3a38bb1ed874160e01e3af8857546cedf691120d70f80000000c0100000d00000008b3cf810833b614ca132432cb8e55e0c0e5b9f6f08e8e1fb598af6edbb5582a4e28cf477f5468d1622b2cb8a54dbbbde624460dea0a2d12211f45e489c445ba0735b51a4bc4e7f5d027d0e1557ad7cb676bf1e844f04fd41dee44281713abf596ab0d34362f703e1e8832923164497ed5d4444a473cd8287770ea33598e9fb159b28f0c84cd63376c250e8a1c8e38f5deecdc9dba821d186b5865532fb0e1d68ad86c8015bc857533449770084ab5277690c3ad2d3cd2f6e498b71ad0d6047858d4655a6fe547683be7edf55997aa17dcd9f1189b2346e66fa36bf356ce3acfea1fe09331506e00a00000000f01000004000000977bcc814f99fe5d78558b9b05b83da02d39d6cc2873f96dec8dd2af403d8e809934540e123347b7280d918c78256fc9d99fb10e42bafdb75d0486c89c8aab25be6dcf262a83ae99a144a54b9d09327981775c0643478c24e85399ad37472c06479d9b7a86adccb198fdc49104edd5798f7c3e9c331881cd6ac70343e3d87f7f92da6d9f314926b090c8b34c580000001601000003000000e0bd42576a8b2660db90aa452d49774541a92e2c3cc6435a252c3c85d86aa705f3c8b35e9a7c227267b76aabdbf5c30ccbd3ea439571a6b031cad22247aa42f376590000400000000101000005000000ed25f9e605bf38fab5e650f29425d55d69e73d873da8aecfedb1f49daa0d66e54b87d53bb2431425d5a93465320000001000000008010000fa080000"], 0x338}, 0x4000004)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="580000000206030000000000000000000300000705000100070000000900020073797a31000000000c00078008001240000000050500050002000000050004000100000011000300686173683a69702c706f727400"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r5, 0x6, 0x9, &(0x7f00000003c0)={{0x2, @multicast2, 0xdffd, 0x800002, 'nq\x00', 0x8, 0x3, 0x3}, {@private=0xa010300, 0xfffd, 0x3, 0x8, 0x8, 0x2000050}}, 0x44)
getsockopt$inet_tcp_int(r5, 0x6, 0x9, 0x0, &(0x7f0000000040))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FS_IOC_GETFSSYSFSPATH(r3, 0x80811501, &(0x7f0000000580)={0x80})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})
sendmsg$IPSET_CMD_LIST(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x7, 0x6, 0x301, 0x0, 0x0, {0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000040)
r8 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x4e20, 0xffffff86, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x2}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x3, 0xc}, 0x20)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r9, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)

kernel console output (not intermixed with test programs):

r with address 0xAB, changing to 0x8B
[  134.870984][   T24] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  134.874896][   T24] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  134.878199][   T24] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  134.883111][   T24] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  134.886991][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.892377][   T24] usb 6-1: config 0 descriptor??
[  134.895609][ T7540] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  134.899250][ T7540] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  134.909163][   T24] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  135.054497][ T5860] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  135.152995][   T24] usb 6-1: USB disconnect, device number 4
[  135.155376][    C2] ldusb 6-1:0.55: usb_submit_urb failed (-19)
[  135.169354][   T24] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  135.204646][ T5860] usb 5-1: device descriptor read/64, error -71
[  135.315999][ T5860] usb usb5-port1: attempt power cycle
[  135.360709][ T7540] ldusb: No device or device unplugged -19
[  135.656988][ T5860] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  135.675162][ T5860] usb 5-1: device descriptor read/8, error -71
[  135.896281][   T40] kauditd_printk_skb: 218 callbacks suppressed
[  135.896297][   T40] audit: type=1326 audit(1780832525.044:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7551 comm="syz.1.426" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702ef7c code=0x0
[  135.914415][ T5860] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  135.935803][ T5860] usb 5-1: device descriptor read/8, error -71
[  136.045578][ T5860] usb usb5-port1: unable to enumerate USB device
[  136.071685][ T7557] syzkaller0: entered promiscuous mode
[  136.073497][ T7557] syzkaller0: entered allmulticast mode
[  136.087475][ T7557] tipc: Started in network mode
[  136.089268][ T7557] tipc: Node identity fe8bf7c9f005, cluster identity 4711
[  136.093825][ T7557] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  136.098369][ T7556] tipc: Resetting bearer <eth:syzkaller0>
[  136.107901][ T7556] tipc: Disabling bearer <eth:syzkaller0>
[  136.274115][ T7561] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  136.277244][ T7561] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  136.299615][ T7561] netlink: 52 bytes leftover after parsing attributes in process `syz.2.430'.
[  136.755145][ T7573] netlink: 52 bytes leftover after parsing attributes in process `syz.3.434'.
[  136.772602][ T7573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.434'.
[  137.434095][ T1432] ieee802154 phy0 wpan0: encryption failed: -22
[  138.858153][ T7624] 9p: Bad value for 'wfdno'
[  138.987359][ T7629] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1
[  139.178833][ T7634] netem: change failed
[  139.186634][   T40] audit: type=1326 audit(1780832528.334:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.196247][   T40] audit: type=1326 audit(1780832528.334:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.204195][   T40] audit: type=1326 audit(1780832528.334:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=143 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.210738][   T40] audit: type=1326 audit(1780832528.334:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.217596][   T40] audit: type=1326 audit(1780832528.334:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.225838][   T40] audit: type=1326 audit(1780832528.334:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.234488][   T40] audit: type=1326 audit(1780832528.334:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.242608][   T40] audit: type=1326 audit(1780832528.334:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.249805][   T40] audit: type=1326 audit(1780832528.334:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.2.451" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  139.877823][ T7646] FAULT_INJECTION: forcing a failure.
[  139.877823][ T7646] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  139.883891][ T7646] CPU: 2 UID: 0 PID: 7646 Comm: syz.3.454 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  139.883936][ T7646] Tainted: [L]=SOFTLOCKUP
[  139.883943][ T7646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  139.883954][ T7646] Call Trace:
[  139.883960][ T7646]  <TASK>
[  139.883967][ T7646]  dump_stack_lvl+0x100/0x190
[  139.884002][ T7646]  should_fail_ex.cold+0x5/0xa
[  139.884021][ T7646]  ? prepare_alloc_pages+0x16d/0x5f0
[  139.884047][ T7646]  should_fail_alloc_page+0xeb/0x140
[  139.884070][ T7646]  prepare_alloc_pages+0x1f0/0x5f0
[  139.884097][ T7646]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  139.884141][ T7646]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  139.884175][ T7646]  ? __lock_acquire+0x4a5/0x2630
[  139.884202][ T7646]  ? __lock_acquire+0x4a5/0x2630
[  139.884226][ T7646]  ? __css_rstat_updated+0x1ce/0x5a0
[  139.884276][ T7646]  ? lock_acquire+0x1b1/0x370
[  139.884299][ T7646]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  139.884348][ T7646]  ? policy_nodemask+0xed/0x4f0
[  139.884371][ T7646]  alloc_pages_mpol+0x1fb/0x540
[  139.884393][ T7646]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  139.884415][ T7646]  ? __lock_acquire+0x4a5/0x2630
[  139.884442][ T7646]  folio_alloc_mpol_noprof+0x36/0x260
[  139.884468][ T7646]  vma_alloc_folio_noprof+0xed/0x1d0
[  139.884491][ T7646]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  139.884522][ T7646]  do_anonymous_page+0xb46/0x2050
[  139.884549][ T7646]  ? rcu_read_unlock+0x2d/0xb0
[  139.884581][ T7646]  __handle_mm_fault+0x1d2c/0x2a00
[  139.884611][ T7646]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  139.884634][ T7646]  ? __pfx___handle_mm_fault+0x10/0x10
[  139.884662][ T7646]  ? pte_offset_map_lock+0x174/0x320
[  139.884683][ T7646]  ? find_held_lock+0x2b/0x80
[  139.884712][ T7646]  ? follow_page_pte+0x4d0/0x13f0
[  139.884739][ T7646]  handle_mm_fault+0x37b/0xa30
[  139.884770][ T7646]  __get_user_pages+0x1178/0x32a0
[  139.884805][ T7646]  ? down_read_killable+0x307/0x4b0
[  139.884824][ T7646]  ? __pfx___get_user_pages+0x10/0x10
[  139.884854][ T7646]  __gup_longterm_locked+0x87d/0x16f0
[  139.884884][ T7646]  ? __pfx___gup_longterm_locked+0x10/0x10
[  139.884910][ T7646]  ? find_held_lock+0x2b/0x80
[  139.884931][ T7646]  ? gup_fast_fallback+0x7e8/0x2790
[  139.884952][ T7646]  ? sanity_check_pinned_pages+0x4f2/0x8b0
[  139.884973][ T7646]  ? rcu_is_watching+0x12/0xc0
[  139.884996][ T7646]  gup_fast_fallback+0x16dc/0x2790
[  139.885037][ T7646]  ? __pfx_gup_fast_fallback+0x10/0x10
[  139.885061][ T7646]  ? stack_trace_save+0x8e/0xc0
[  139.885084][ T7646]  ? __pfx_stack_trace_save+0x10/0x10
[  139.885106][ T7646]  ? blkdev_read_iter+0x225/0x4f0
[  139.885133][ T7646]  ? stack_depot_save_flags+0x27/0x9d0
[  139.885167][ T7646]  pin_user_pages_fast+0xa7/0xf0
[  139.885190][ T7646]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  139.885211][ T7646]  ? bio_alloc_bioset+0xb34/0x1070
[  139.885228][ T7646]  ? blkdev_read_iter+0x225/0x4f0
[  139.885254][ T7646]  ? do_iter_readv_writev+0x60d/0x920
[  139.885271][ T7646]  ? do_preadv+0x1ac/0x270
[  139.885292][ T7646]  iov_iter_extract_pages+0xa0d/0x1ef0
[  139.885327][ T7646]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  139.885353][ T7646]  ? find_held_lock+0x2b/0x80
[  139.885374][ T7646]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  139.885400][ T7646]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  139.885433][ T7646]  iov_iter_extract_bvecs+0x10b/0xa60
[  139.885458][ T7646]  ? find_held_lock+0x2b/0x80
[  139.885478][ T7646]  ? bio_associate_blkg+0x137/0x2a0
[  139.885502][ T7646]  ? bio_associate_blkg+0x137/0x2a0
[  139.885537][ T7646]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  139.885561][ T7646]  ? bio_init+0x404/0x610
[  139.885578][ T7646]  ? bio_alloc_bioset+0x24a/0x1070
[  139.885602][ T7646]  bio_iov_iter_get_pages+0x26f/0x670
[  139.885632][ T7646]  blkdev_direct_IO+0x1302/0x1fb0
[  139.885672][ T7646]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  139.885705][ T7646]  ? touch_atime+0xa5/0x7a0
[  139.885721][ T7646]  ? filemap_write_and_wait_range.part.0+0x60/0x110
[  139.885753][ T7646]  blkdev_read_iter+0x225/0x4f0
[  139.885789][ T7646]  do_iter_readv_writev+0x60d/0x920
[  139.885810][ T7646]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  139.885833][ T7646]  ? bpf_lsm_file_permission+0x9/0x10
[  139.885850][ T7646]  ? security_file_permission+0x76/0x210
[  139.885874][ T7646]  ? rw_verify_area+0xce/0x6d0
[  139.885893][ T7646]  vfs_readv+0x4d3/0x8d0
[  139.885918][ T7646]  ? __pfx_vfs_readv+0x10/0x10
[  139.885938][ T7646]  ? find_held_lock+0x2b/0x80
[  139.885975][ T7646]  ? __fget_files+0x21f/0x3d0
[  139.886002][ T7646]  ? do_preadv+0x1ac/0x270
[  139.886019][ T7646]  do_preadv+0x1ac/0x270
[  139.886039][ T7646]  ? __pfx_do_preadv+0x10/0x10
[  139.886058][ T7646]  ? fput+0x79/0x100
[  139.886086][ T7646]  __ia32_compat_sys_preadv2+0x121/0x1b0
[  139.886114][ T7646]  __do_fast_syscall_32+0xe7/0x970
[  139.886140][ T7646]  ? lockdep_hardirqs_on+0x78/0x100
[  139.886167][ T7646]  do_fast_syscall_32+0x32/0x70
[  139.886194][ T7646]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  139.886216][ T7646] RIP: 0023:0xf707ef7c
[  139.886231][ T7646] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  139.886249][ T7646] RSP: 002b:00000000f544c50c EFLAGS: 00000292 ORIG_RAX: 000000000000017a
[  139.886267][ T7646] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  139.886277][ T7646] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  139.886287][ T7646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  139.886297][ T7646] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  139.886306][ T7646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  139.886329][ T7646]  </TASK>
[  139.964811][ T7649] input: syz1 as /devices/virtual/input/input8
[  140.333024][ T7655] siw: device registration error -23
[  140.344024][ T7655] netlink: 14 bytes leftover after parsing attributes in process `syz.0.457'.
[  140.352524][ T7655] bond0 (unregistering): Released all slaves
[  140.883962][ T7667] netlink: 'syz.1.461': attribute type 1 has an invalid length.
[  140.918143][ T7667] bond1: entered promiscuous mode
[  140.920670][ T7667] 8021q: adding VLAN 0 to HW filter on device bond1
[  140.944629][ T7667] netlink: 28 bytes leftover after parsing attributes in process `syz.1.461'.
[  140.951259][ T7667] bond1: entered allmulticast mode
[  141.034476][   T24] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  141.115958][ T7669] bond1: (slave bridge2): making interface the new active one
[  141.119232][ T7669] bridge2: entered promiscuous mode
[  141.121526][ T7669] bridge2: entered allmulticast mode
[  141.126914][ T7669] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  141.136193][ T7672] 9p: Invalid gid '0x00000000ffffffff'
[  141.187907][   T24] usb 5-1: config 128 has an invalid interface number: 148 but max is 0
[  141.193052][   T24] usb 5-1: config 128 has no interface number 0
[  141.195038][   T24] usb 5-1: config 128 interface 148 altsetting 9 endpoint 0x7 has invalid wMaxPacketSize 0
[  141.198095][   T24] usb 5-1: config 128 interface 148 altsetting 9 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  141.201569][   T24] usb 5-1: config 128 interface 148 has no altsetting 0
[  141.205389][   T24] usb 5-1: New USB device found, idVendor=0cf3, idProduct=e019, bcdDevice=fb.4f
[  141.208204][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.210784][   T24] usb 5-1: Product: syz
[  141.212065][   T24] usb 5-1: Manufacturer: syz
[  141.213490][   T24] usb 5-1: SerialNumber: syz
[  141.438423][   T24] usb 5-1: USB disconnect, device number 9
[  141.838353][ T7685] 8021q: adding VLAN 0 to HW filter on device bond2
[  141.878243][   T24] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  142.335389][ T7698] netlink: 'syz.1.470': attribute type 10 has an invalid length.
[  142.341310][ T7698] netlink: 40 bytes leftover after parsing attributes in process `syz.1.470'.
[  142.345103][ T7698] team0: entered promiscuous mode
[  142.347025][ T7698] team_slave_0: entered promiscuous mode
[  142.349212][ T7698] team_slave_1: entered promiscuous mode
[  142.354005][ T7698] bridge0: port 4(team0) entered blocking state
[  142.357407][ T7698] bridge0: port 4(team0) entered disabled state
[  142.359972][ T7698] team0: entered allmulticast mode
[  142.362019][ T7698] team_slave_0: entered allmulticast mode
[  142.364347][ T7698] team_slave_1: entered allmulticast mode
[  142.368558][ T7698] bridge0: port 4(team0) entered blocking state
[  142.371163][ T7698] bridge0: port 4(team0) entered forwarding state
[  142.383754][ T7696] tipc: Started in network mode
[  142.386158][ T7696] tipc: Node identity fa51194d6d25, cluster identity 4711
[  142.388834][ T7696] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  142.534035][ T7696] syzkaller0: entered promiscuous mode
[  142.539041][ T7696] syzkaller0: entered allmulticast mode
[  142.549940][ T7696] tipc: Resetting bearer <eth:syzkaller0>
[  142.599289][ T7695] tipc: Resetting bearer <eth:syzkaller0>
[  142.848164][   T24] usb 5-1: Using ep0 maxpacket: 8
[  142.856373][   T24] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  142.862833][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  142.865973][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  142.869360][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 16
[  142.877204][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  142.881211][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  142.884064][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.095385][   T24] usb 5-1: usb_control_msg returned -32
[  143.097803][   T24] usbtmc 5-1:16.0: can't read capabilities
[  144.041636][ T5893] usb 5-1: USB disconnect, device number 10
[  144.079387][ T7695] tipc: Disabling bearer <eth:syzkaller0>
[  144.083456][ T6381] tipc: Node number set to 2540968269
[  144.414393][   T24] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  144.575960][   T24] usb 7-1: Using ep0 maxpacket: 8
[  144.639108][   T24] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  144.644619][   T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  144.648443][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  144.652017][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  144.655729][   T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  144.663267][   T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  144.668235][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.707583][ T7735] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  145.440015][ T7742] usbtmc 7-1:16.0: simple usb_control_msg returned 0
[  146.640875][ T7751] program syz.0.483 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  147.224590][ T6381] usb 7-1: USB disconnect, device number 7
[  147.336815][ T7771] FAULT_INJECTION: forcing a failure.
[  147.336815][ T7771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.341454][ T7772] netlink: 'syz.3.489': attribute type 21 has an invalid length.
[  147.345227][ T7771] CPU: 0 UID: 0 PID: 7771 Comm: syz.2.488 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  147.345251][ T7771] Tainted: [L]=SOFTLOCKUP
[  147.345257][ T7771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  147.345267][ T7771] Call Trace:
[  147.345273][ T7771]  <TASK>
[  147.345280][ T7771]  dump_stack_lvl+0x100/0x190
[  147.345314][ T7771]  should_fail_ex.cold+0x5/0xa
[  147.345337][ T7771]  _copy_from_user+0x2e/0xd0
[  147.345364][ T7771]  get_compat_msghdr+0xb3/0x4b0
[  147.345386][ T7771]  ? __pfx_get_compat_msghdr+0x10/0x10
[  147.345408][ T7771]  ? rcu_is_watching+0x12/0xc0
[  147.345427][ T7771]  ? ___sys_recvmsg+0x177/0x1a0
[  147.345450][ T7771]  ? kfree+0x1dd/0x6c0
[  147.345479][ T7771]  ___sys_recvmsg+0x193/0x1a0
[  147.345504][ T7771]  ? __pfx____sys_recvmsg+0x10/0x10
[  147.345542][ T7771]  ? __pfx___might_resched+0x10/0x10
[  147.345565][ T7771]  do_recvmmsg+0x563/0x760
[  147.345592][ T7771]  ? __pfx_do_recvmmsg+0x10/0x10
[  147.345625][ T7771]  ? ksys_write+0x190/0x250
[  147.345644][ T7771]  ? ksys_write+0x190/0x250
[  147.345670][ T7771]  ? __fget_files+0x215/0x3d0
[  147.345685][ T7771]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  147.345711][ T7771]  __sys_recvmmsg+0x21f/0x270
[  147.345730][ T7771]  ? __pfx___sys_recvmmsg+0x10/0x10
[  147.345751][ T7771]  ? ksys_write+0x1ac/0x250
[  147.345774][ T7771]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  147.345796][ T7771]  ? __do_fast_syscall_32+0x98/0x970
[  147.345823][ T7771]  ? lockdep_hardirqs_on+0x78/0x100
[  147.345847][ T7771]  __do_fast_syscall_32+0xe7/0x970
[  147.345872][ T7771]  ? lockdep_hardirqs_on+0x78/0x100
[  147.345899][ T7771]  do_fast_syscall_32+0x32/0x70
[  147.345926][ T7771]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.345949][ T7771] RIP: 0023:0xf7fb4f7c
[  147.345964][ T7771] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  147.345981][ T7771] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  147.345998][ T7771] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000500
[  147.346009][ T7771] RDX: 000000000000073d RSI: 0000000000000000 RDI: 0000000000000000
[  147.346019][ T7771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.346028][ T7771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.346038][ T7771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.346061][ T7771]  </TASK>
[  147.350348][ T7772] netlink: 128 bytes leftover after parsing attributes in process `syz.3.489'.
[  147.449622][ T7772] netlink: 'syz.3.489': attribute type 4 has an invalid length.
[  147.455273][ T7772] netlink: 3 bytes leftover after parsing attributes in process `syz.3.489'.
[  147.558488][ T7772] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  147.582773][ T7777] 8021q: adding VLAN 0 to HW filter on device bond3
[  147.600471][ T7777] bond3: entered promiscuous mode
[  147.627348][ T7777] bond0: (slave bond3): Enslaving as an active interface with an up link
[  147.657018][ T7782] netlink: 8 bytes leftover after parsing attributes in process `syz.3.491'.
[  147.660670][ T7782] netlink: 36 bytes leftover after parsing attributes in process `syz.3.491'.
[  148.334459][ T6381] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  148.335305][ T5894] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  148.484339][ T6381] usb 6-1: Using ep0 maxpacket: 32
[  148.492726][ T6381] usb 6-1: unable to get BOS descriptor or descriptor too short
[  148.497755][ T5894] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  148.498035][ T6381] usb 6-1: too many configurations: 128, using maximum allowed: 8
[  148.502580][ T5894] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  148.512344][ T5894] usb 5-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[  148.516456][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.518048][ T6381] usb 6-1: unable to read config index 0 descriptor/start: -61
[  148.519966][ T5894] usb 5-1: Product: syz
[  148.523619][ T5894] usb 5-1: Manufacturer: syz
[  148.523763][ T6381] usb 6-1: can't read configurations, error -61
[  148.530199][ T5894] usb 5-1: SerialNumber: syz
[  148.657920][ T6381] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  148.741743][ T7809] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0
[  148.748691][ T7809] binder: 7808:7809 ioctl 4018620d 80000480 returned -1
[  148.755535][ T7809] binder: 7808:7809 ioctl c0145608 80000140 returned -22
[  148.765123][ T5894] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  148.806716][ T6381] usb 6-1: Using ep0 maxpacket: 32
[  148.809458][ T7830] FAULT_INJECTION: forcing a failure.
[  148.809458][ T7830] name failslab, interval 1, probability 0, space 0, times 0
[  148.809971][ T6381] usb 6-1: unable to get BOS descriptor or descriptor too short
[  148.814026][ T7830] CPU: 3 UID: 0 PID: 7830 Comm: syz.3.499 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  148.814052][ T7830] Tainted: [L]=SOFTLOCKUP
[  148.814058][ T7830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  148.814068][ T7830] Call Trace:
[  148.814074][ T7830]  <TASK>
[  148.814081][ T7830]  dump_stack_lvl+0x100/0x190
[  148.814114][ T7830]  should_fail_ex.cold+0x5/0xa
[  148.814137][ T7830]  should_failslab+0xc2/0x120
[  148.814157][ T7830]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  148.814183][ T7830]  ? __alloc_skb+0x140/0x710
[  148.814195][ T7830]  ? __alloc_skb+0x5b7/0x710
[  148.814211][ T7830]  __alloc_skb+0x140/0x710
[  148.814223][ T7830]  ? __alloc_skb+0x5b7/0x710
[  148.814235][ T7830]  ? __pfx___alloc_skb+0x10/0x10
[  148.814267][ T7830]  netlink_alloc_large_skb+0x69/0x150
[  148.814289][ T7830]  netlink_sendmsg+0x680/0xda0
[  148.814314][ T7830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.814338][ T7830]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  148.814361][ T7830]  ____sys_sendmsg+0x9e1/0xb70
[  148.814383][ T7830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.814404][ T7830]  ? __pfx_____sys_sendmsg+0x10/0x10
[  148.814435][ T7830]  ___sys_sendmsg+0x190/0x1e0
[  148.814460][ T7830]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.814494][ T7830]  ? find_held_lock+0x2b/0x80
[  148.814528][ T7830]  __sys_sendmsg+0x170/0x220
[  148.814545][ T7830]  ? __pfx___sys_sendmsg+0x10/0x10
[  148.814561][ T7830]  ? __fget_files+0x21f/0x3d0
[  148.814584][ T7830]  ? ksys_write+0x1ac/0x250
[  148.814605][ T7830]  ? rcu_is_watching+0x12/0xc0
[  148.814627][ T7830]  __do_fast_syscall_32+0xe7/0x970
[  148.814652][ T7830]  ? lockdep_hardirqs_on+0x78/0x100
[  148.814684][ T7830]  do_fast_syscall_32+0x32/0x70
[  148.814709][ T7830]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.814731][ T7830] RIP: 0023:0xf707ef7c
[  148.814745][ T7830] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  148.814764][ T7830] RSP: 002b:00000000f546d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  148.814782][ T7830] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  148.814792][ T7830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  148.814802][ T7830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  148.814812][ T7830] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  148.814822][ T7830] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.814844][ T7830]  </TASK>
[  148.817513][ T5894] usb 5-1: USB disconnect, device number 11
[  148.822931][ T6381] usb 6-1: too many configurations: 128, using maximum allowed: 8
[  148.899306][ T7217] udevd[7217]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  148.901920][ T6381] usb 6-1: unable to read config index 0 descriptor/start: -61
[  148.908594][ T6381] usb 6-1: can't read configurations, error -61
[  148.910725][ T6381] usb usb6-port1: attempt power cycle
[  149.254495][ T6381] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  149.275682][ T6381] usb 6-1: Using ep0 maxpacket: 32
[  149.280375][ T6381] usb 6-1: unable to get BOS descriptor or descriptor too short
[  149.283388][ T6381] usb 6-1: too many configurations: 128, using maximum allowed: 8
[  149.292039][ T6381] usb 6-1: unable to read config index 0 descriptor/start: -61
[  149.295390][ T6381] usb 6-1: can't read configurations, error -61
[  149.444425][ T6381] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  149.477379][ T6381] usb 6-1: Using ep0 maxpacket: 32
[  149.481654][ T6381] usb 6-1: unable to get BOS descriptor or descriptor too short
[  149.484801][ T6381] usb 6-1: too many configurations: 128, using maximum allowed: 8
[  149.489418][ T6381] usb 6-1: unable to read config index 0 descriptor/start: -61
[  149.491823][ T6381] usb 6-1: can't read configurations, error -61
[  149.496458][ T6381] usb usb6-port1: unable to enumerate USB device
[  149.591839][ T7845] IPVS: Error connecting to the multicast addr
[  150.546267][ T7856] overlayfs: conflicting lowerdir path
[  153.694575][   T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  153.854350][   T24] usb 6-1: Using ep0 maxpacket: 16
[  153.859690][   T24] usb 6-1: config 0 has no interfaces?
[  153.867349][   T24] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  153.871518][   T24] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  153.875249][   T24] usb 6-1: Manufacturer: syz
[  153.879257][   T24] usb 6-1: config 0 descriptor??
[  154.110819][   T40] kauditd_printk_skb: 41 callbacks suppressed
[  154.110964][   T40] audit: type=1326 audit(1780832543.254:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.126211][   T40] audit: type=1326 audit(1780832543.264:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.150689][   T40] audit: type=1326 audit(1780832543.264:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.158519][   T40] audit: type=1326 audit(1780832543.264:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.169910][   T40] audit: type=1326 audit(1780832543.264:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.180870][   T40] audit: type=1326 audit(1780832543.264:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.192807][   T40] audit: type=1326 audit(1780832543.264:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.204893][   T40] audit: type=1326 audit(1780832543.274:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.214965][   T40] audit: type=1326 audit(1780832543.274:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.224200][   T40] audit: type=1326 audit(1780832543.274:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7935 comm="syz.2.527" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  154.281077][ T5894] usb 6-1: USB disconnect, device number 9
[  155.274859][   T24] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  155.444519][   T24] usb 6-1: Using ep0 maxpacket: 16
[  155.495517][   T62] Bluetooth: hci0: Malformed LE Event: 0x0d
[  155.577899][   T24] usb 6-1: unable to get BOS descriptor or descriptor too short
[  155.583231][   T24] usb 6-1: unable to read config index 0 descriptor/start: -71
[  155.586013][   T24] usb 6-1: can't read configurations, error -71
[  156.724361][   T24] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  156.854371][   T24] usb 6-1: device descriptor read/64, error -71
[  157.094486][   T24] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  157.169845][ T8008] netlink: 'syz.2.546': attribute type 12 has an invalid length.
[  157.172834][ T8008] netlink: 'syz.2.546': attribute type 29 has an invalid length.
[  157.176086][ T8008] netlink: 148 bytes leftover after parsing attributes in process `syz.2.546'.
[  157.232355][ T7995] 9pnet_fd: p9_fd_create_tcp (7995): problem connecting socket to 127.0.0.1
[  157.235986][   T24] usb 6-1: device descriptor read/64, error -71
[  157.344686][   T24] usb usb6-port1: attempt power cycle
[  157.390892][ T8021] FAULT_INJECTION: forcing a failure.
[  157.390892][ T8021] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.397566][ T8021] CPU: 2 UID: 0 PID: 8021 Comm: syz.2.549 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  157.397586][ T8021] Tainted: [L]=SOFTLOCKUP
[  157.397590][ T8021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  157.397596][ T8021] Call Trace:
[  157.397601][ T8021]  <TASK>
[  157.397606][ T8021]  dump_stack_lvl+0x100/0x190
[  157.397629][ T8021]  should_fail_ex.cold+0x5/0xa
[  157.397654][ T8021]  _copy_from_iter+0x1f4/0x1690
[  157.397675][ T8021]  ? __asan_memset+0x23/0x50
[  157.397692][ T8021]  ? __pfx__copy_from_iter+0x10/0x10
[  157.397707][ T8021]  ? __pfx___alloc_skb+0x10/0x10
[  157.397724][ T8021]  netlink_sendmsg+0x808/0xda0
[  157.397742][ T8021]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.397758][ T8021]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  157.397771][ T8021]  ____sys_sendmsg+0x9e1/0xb70
[  157.397785][ T8021]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.397801][ T8021]  ? __pfx_____sys_sendmsg+0x10/0x10
[  157.397821][ T8021]  ___sys_sendmsg+0x190/0x1e0
[  157.397837][ T8021]  ? __pfx____sys_sendmsg+0x10/0x10
[  157.397858][ T8021]  ? find_held_lock+0x2b/0x80
[  157.397881][ T8021]  __sys_sendmsg+0x170/0x220
[  157.397892][ T8021]  ? __pfx___sys_sendmsg+0x10/0x10
[  157.397903][ T8021]  ? __fget_files+0x21f/0x3d0
[  157.397919][ T8021]  ? ksys_write+0x1ac/0x250
[  157.397933][ T8021]  ? rcu_is_watching+0x12/0xc0
[  157.397947][ T8021]  __do_fast_syscall_32+0xe7/0x970
[  157.397963][ T8021]  ? lockdep_hardirqs_on+0x78/0x100
[  157.397980][ T8021]  do_fast_syscall_32+0x32/0x70
[  157.397998][ T8021]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.398013][ T8021] RIP: 0023:0xf7fb4f7c
[  157.398022][ T8021] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  157.398033][ T8021] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  157.398044][ T8021] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  157.398051][ T8021] RDX: 000000000000c0c4 RSI: 0000000000000000 RDI: 0000000000000000
[  157.398058][ T8021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.398064][ T8021] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  157.398070][ T8021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.398084][ T8021]  </TASK>
[  157.674160][ T8031] netlink: 'syz.0.550': attribute type 10 has an invalid length.
[  157.676829][ T8031] netlink: 40 bytes leftover after parsing attributes in process `syz.0.550'.
[  157.680551][ T8031] dummy0: entered promiscuous mode
[  157.683614][ T8031] bridge0: port 1(dummy0) entered blocking state
[  157.685874][ T8031] bridge0: port 1(dummy0) entered disabled state
[  157.687973][ T8031] dummy0: entered allmulticast mode
[  157.744367][   T24] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  157.764754][   T24] usb 6-1: device descriptor read/8, error -71
[  157.912708][ T8036] netlink: 32 bytes leftover after parsing attributes in process `syz.3.555'.
[  158.005432][   T24] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  158.035298][   T24] usb 6-1: device descriptor read/8, error -71
[  158.144609][   T24] usb usb6-port1: unable to enumerate USB device
[  158.409870][ T8044] FAULT_INJECTION: forcing a failure.
[  158.409870][ T8044] name failslab, interval 1, probability 0, space 0, times 0
[  158.414399][ T8044] CPU: 1 UID: 0 PID: 8044 Comm: syz.0.558 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  158.414416][ T8044] Tainted: [L]=SOFTLOCKUP
[  158.414420][ T8044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  158.414426][ T8044] Call Trace:
[  158.414429][ T8044]  <TASK>
[  158.414434][ T8044]  dump_stack_lvl+0x100/0x190
[  158.414455][ T8044]  should_fail_ex.cold+0x5/0xa
[  158.414469][ T8044]  should_failslab+0xc2/0x120
[  158.414482][ T8044]  __kmalloc_cache_noprof+0x7a/0x6f0
[  158.414497][ T8044]  ? copy_mount_options+0x55/0x190
[  158.414516][ T8044]  copy_mount_options+0x55/0x190
[  158.414533][ T8044]  __ia32_sys_mount+0x1ab/0x310
[  158.414552][ T8044]  ? __pfx___ia32_sys_mount+0x10/0x10
[  158.414566][ T8044]  ? ksys_write+0x1ac/0x250
[  158.414579][ T8044]  ? rcu_is_watching+0x12/0xc0
[  158.414593][ T8044]  __do_fast_syscall_32+0xe7/0x970
[  158.414622][ T8044]  ? lockdep_hardirqs_on+0x78/0x100
[  158.414637][ T8044]  do_fast_syscall_32+0x32/0x70
[  158.414653][ T8044]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  158.414666][ T8044] RIP: 0023:0xf6ffef7c
[  158.414675][ T8044] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  158.414685][ T8044] RSP: 002b:00000000f53ed50c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  158.414696][ T8044] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000280
[  158.414702][ T8044] RDX: 00000000800002c0 RSI: 0000000001000000 RDI: 0000000080000480
[  158.414709][ T8044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  158.414715][ T8044] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  158.414721][ T8044] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.414734][ T8044]  </TASK>
[  160.073545][ T8066] FAULT_INJECTION: forcing a failure.
[  160.073545][ T8066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.077681][ T8066] CPU: 2 UID: 0 PID: 8066 Comm: syz.2.565 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  160.077699][ T8066] Tainted: [L]=SOFTLOCKUP
[  160.077702][ T8066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  160.077708][ T8066] Call Trace:
[  160.077712][ T8066]  <TASK>
[  160.077716][ T8066]  dump_stack_lvl+0x100/0x190
[  160.077737][ T8066]  should_fail_ex.cold+0x5/0xa
[  160.077751][ T8066]  _copy_from_iter+0x1f4/0x1690
[  160.077767][ T8066]  ? __asan_memset+0x23/0x50
[  160.077784][ T8066]  ? __pfx__copy_from_iter+0x10/0x10
[  160.077798][ T8066]  ? __pfx___alloc_skb+0x10/0x10
[  160.077813][ T8066]  netlink_sendmsg+0x808/0xda0
[  160.077829][ T8066]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.077845][ T8066]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  160.077858][ T8066]  ____sys_sendmsg+0x9e1/0xb70
[  160.077871][ T8066]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.077885][ T8066]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.077904][ T8066]  ___sys_sendmsg+0x190/0x1e0
[  160.077919][ T8066]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.077953][ T8066]  ? find_held_lock+0x2b/0x80
[  160.077976][ T8066]  __sys_sendmsg+0x170/0x220
[  160.077986][ T8066]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.077996][ T8066]  ? __fget_files+0x21f/0x3d0
[  160.078012][ T8066]  ? ksys_write+0x1ac/0x250
[  160.078025][ T8066]  ? rcu_is_watching+0x12/0xc0
[  160.078043][ T8066]  __do_fast_syscall_32+0xe7/0x970
[  160.078058][ T8066]  ? lockdep_hardirqs_on+0x78/0x100
[  160.078073][ T8066]  do_fast_syscall_32+0x32/0x70
[  160.078089][ T8066]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  160.078103][ T8066] RIP: 0023:0xf7fb4f7c
[  160.078112][ T8066] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  160.078122][ T8066] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  160.078133][ T8066] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  160.078139][ T8066] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  160.078145][ T8066] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  160.078151][ T8066] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  160.078157][ T8066] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  160.078170][ T8066]  </TASK>
[  160.179959][ T8069] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  160.240112][ T5830] IPVS: starting estimator thread 0...
[  160.334662][ T8072] IPVS: using max 44 ests per chain, 105600 per kthread
[  161.632677][ T8092] syzkaller0: entered promiscuous mode
[  161.635166][ T8092] syzkaller0: entered allmulticast mode
[  161.854145][ T8096] netlink: 8 bytes leftover after parsing attributes in process `syz.1.573'.
[  161.862244][ T8096] netlink: 'syz.1.573': attribute type 21 has an invalid length.
[  162.628698][ T8117] FAULT_INJECTION: forcing a failure.
[  162.628698][ T8117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.634332][ T8117] CPU: 0 UID: 0 PID: 8117 Comm: syz.2.579 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  162.634361][ T8117] Tainted: [L]=SOFTLOCKUP
[  162.634367][ T8117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  162.634377][ T8117] Call Trace:
[  162.634383][ T8117]  <TASK>
[  162.634390][ T8117]  dump_stack_lvl+0x100/0x190
[  162.634424][ T8117]  should_fail_ex.cold+0x5/0xa
[  162.634448][ T8117]  _copy_to_iter+0x5a4/0x1720
[  162.634484][ T8117]  ? __pfx__copy_to_iter+0x10/0x10
[  162.634508][ T8117]  ? __pfx_bpf_map_show_fdinfo+0x10/0x10
[  162.634528][ T8117]  ? fput+0x79/0x100
[  162.634550][ T8117]  ? __pfx_bpf_map_show_fdinfo+0x10/0x10
[  162.634570][ T8117]  ? seq_show+0x590/0x870
[  162.634601][ T8117]  seq_read_iter+0xdab/0x1270
[  162.634633][ T8117]  seq_read+0x33b/0x4c0
[  162.634652][ T8117]  ? __pfx_seq_read+0x10/0x10
[  162.634669][ T8117]  ? __pfx___might_resched+0x10/0x10
[  162.634689][ T8117]  ? lock_acquire+0x1b1/0x370
[  162.634729][ T8117]  ? rw_verify_area+0xce/0x6d0
[  162.634745][ T8117]  ? __pfx_seq_read+0x10/0x10
[  162.634764][ T8117]  vfs_read+0x1e4/0xb30
[  162.634787][ T8117]  ? __pfx_vfs_read+0x10/0x10
[  162.634804][ T8117]  ? find_held_lock+0x2b/0x80
[  162.634825][ T8117]  ? __fget_files+0x215/0x3d0
[  162.634851][ T8117]  ? __fget_files+0x21f/0x3d0
[  162.634879][ T8117]  ksys_read+0x12a/0x250
[  162.634915][ T8117]  ? __pfx_ksys_read+0x10/0x10
[  162.634932][ T8117]  ? ksys_write+0x1ac/0x250
[  162.634953][ T8117]  ? rcu_is_watching+0x12/0xc0
[  162.634975][ T8117]  __do_fast_syscall_32+0xe7/0x970
[  162.635002][ T8117]  ? lockdep_hardirqs_on+0x78/0x100
[  162.635029][ T8117]  do_fast_syscall_32+0x32/0x70
[  162.635054][ T8117]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  162.635076][ T8117] RIP: 0023:0xf7fb4f7c
[  162.635091][ T8117] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  162.635108][ T8117] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[  162.635124][ T8117] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000a00
[  162.635135][ T8117] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  162.635145][ T8117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  162.635155][ T8117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  162.635165][ T8117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  162.635189][ T8117]  </TASK>
[  164.228664][   T40] kauditd_printk_skb: 42 callbacks suppressed
[  164.228677][   T40] audit: type=1800 audit(1780832553.374:440): pid=8136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.583" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  164.273932][ T8138] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  164.276477][ T8138] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  164.282501][ T8138] vhci_hcd vhci_hcd.0: Device attached
[  164.295675][ T8139] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[  164.313247][   T89] vhci_hcd vhci_hcd.3: stop threads
[  164.316793][   T89] vhci_hcd vhci_hcd.3: release socket
[  164.318490][   T89] vhci_hcd vhci_hcd.3: disconnect device
[  164.402678][ T8142] lapbether: lapb_data_request error - 4
[  165.189453][ T8155] fuse: root generation should be zero
[  165.277261][ T8163] binder: 8160:8163 ioctl c0306201 0 returned -14
[  165.315324][ T8155] NILFS (nullb0): couldn't find nilfs on the device
[  165.571270][ T8167] program syz.2.593 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  167.424417][ T5830] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  167.574374][ T5830] usb 7-1: Using ep0 maxpacket: 8
[  167.577246][ T5830] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  167.581634][ T5830] usb 7-1: config 0 has no interfaces?
[  167.585694][ T5830] usb 7-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[  167.590170][ T5830] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.596075][ T5830] usb 7-1: Product: syz
[  167.597829][ T5830] usb 7-1: Manufacturer: syz
[  167.599876][ T5830] usb 7-1: SerialNumber: syz
[  167.608769][ T5830] usb 7-1: config 0 descriptor??
[  167.801058][ T8186] input: syz0 as /devices/virtual/input/input9
[  167.833944][   T24] usb 7-1: USB disconnect, device number 8
[  168.044398][ T5847] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  168.204407][ T5847] usb 5-1: Using ep0 maxpacket: 8
[  168.207785][ T5847] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.210886][ T5847] usb 5-1: config 0 has no interfaces?
[  168.214349][ T5847] usb 5-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[  168.217470][ T5847] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.219937][ T5847] usb 5-1: Product: syz
[  168.221244][ T5847] usb 5-1: Manufacturer: syz
[  168.222667][ T5847] usb 5-1: SerialNumber: syz
[  168.228056][ T5847] usb 5-1: config 0 descriptor??
[  168.422908][ T8196] netlink: 24 bytes leftover after parsing attributes in process `syz.2.602'.
[  168.457764][ T8198] netlink: 8 bytes leftover after parsing attributes in process `syz.3.601'.
[  168.683950][ T8198] IPVS: set_ctl: invalid protocol: 0 1.0.1.0:1280
[  169.095478][ T8212] netlink: 'syz.2.605': attribute type 1 has an invalid length.
[  169.110370][ T8210] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  169.120337][   T40] audit: type=1326 audit(1780832558.264:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.139397][   T40] audit: type=1326 audit(1780832558.264:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.139676][ T8210] pim6reg: entered allmulticast mode
[  169.152501][   T40] audit: type=1326 audit(1780832558.264:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.174797][   T40] audit: type=1326 audit(1780832558.264:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.184898][   T40] audit: type=1326 audit(1780832558.264:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.193440][   T40] audit: type=1326 audit(1780832558.264:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.196655][ T8212] 8021q: adding VLAN 0 to HW filter on device bond5
[  169.201221][   T40] audit: type=1326 audit(1780832558.264:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.211871][   T40] audit: type=1326 audit(1780832558.264:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.220387][   T40] audit: type=1326 audit(1780832558.264:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.220640][ T8212] bond4: (slave bond5): making interface the new active one
[  169.233058][ T8212] bond4: (slave bond5): Enslaving as an active interface with an up link
[  169.296198][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  169.296214][   T40] audit: type=1326 audit(1780832558.424:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.324794][   T40] audit: type=1326 audit(1780832558.474:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.353138][ T8212] binder: 8211:8212 ioctl c0306201 80000640 returned -22
[  169.394217][ T8210] pim6reg: left allmulticast mode
[  169.394327][   T40] audit: type=1326 audit(1780832558.534:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.435649][ T8220] FAULT_INJECTION: forcing a failure.
[  169.435649][ T8220] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.439879][ T8220] CPU: 1 UID: 0 PID: 8220 Comm: syz.3.606 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  169.439924][ T8220] Tainted: [L]=SOFTLOCKUP
[  169.439930][ T8220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  169.439941][ T8220] Call Trace:
[  169.439947][ T8220]  <TASK>
[  169.439953][ T8220]  dump_stack_lvl+0x100/0x190
[  169.439987][ T8220]  should_fail_ex.cold+0x5/0xa
[  169.440010][ T8220]  _copy_from_user+0x2e/0xd0
[  169.440028][ T8220]  ? __pfx_binder_ioctl+0x10/0x10
[  169.440041][ T8220]  binder_ioctl+0x4cb/0x7550
[  169.440056][ T8220]  ? find_held_lock+0x2b/0x80
[  169.440069][ T8220]  ? tomoyo_path_number_perm+0x28f/0x580
[  169.440081][ T8220]  ? tomoyo_path_number_perm+0x28f/0x580
[  169.440096][ T8220]  ? tomoyo_path_number_perm+0x188/0x580
[  169.440110][ T8220]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  169.440123][ T8220]  ? __pfx_binder_ioctl+0x10/0x10
[  169.440138][ T8220]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  169.440153][ T8220]  ? do_vfs_ioctl+0x226/0x13e0
[  169.440165][ T8220]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  169.440179][ T8220]  ? find_held_lock+0x2b/0x80
[  169.440190][ T8220]  ? __fget_files+0x215/0x3d0
[  169.440201][ T8220]  ? hook_file_ioctl_common+0x149/0x410
[  169.440217][ T8220]  ? __fget_files+0x21f/0x3d0
[  169.440230][ T8220]  ? __pfx_binder_ioctl+0x10/0x10
[  169.440242][ T8220]  compat_ptr_ioctl+0x6e/0xa0
[  169.440251][ T8220]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  169.440261][ T8220]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  169.440273][ T8220]  __do_fast_syscall_32+0xe7/0x970
[  169.440290][ T8220]  ? lockdep_hardirqs_on+0x78/0x100
[  169.440305][ T8220]  do_fast_syscall_32+0x32/0x70
[  169.440320][ T8220]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  169.440334][ T8220] RIP: 0023:0xf707ef7c
[  169.440343][ T8220] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  169.440358][ T8220] RSP: 002b:00000000f546d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  169.440369][ T8220] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201
[  169.440375][ T8220] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  169.440381][ T8220] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  169.440387][ T8220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  169.440393][ T8220] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  169.440405][ T8220]  </TASK>
[  169.440410][ T8220] binder: 8219:8220 ioctl c0306201 80000180 returned -14
[  169.694014][   T40] audit: type=1326 audit(1780832558.834:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.702903][   T40] audit: type=1326 audit(1780832558.844:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.1.604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  169.789847][ T8226] autofs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ(�	Ir�\��u}ib�����T0;��my�[Gc��#�>Qk��bY�&���#�w�@/VV�L�~1�2��l�h<y����M�v��^7 !J�>�O�h'���rK1�\kU{!�e���ܚ7���
[  169.789847][ T8226] �U�e�[���%#s'
[  170.016366][   T40] audit: type=1326 audit(1780832559.164:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8228 comm="syz.1.609" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  170.023789][   T40] audit: type=1326 audit(1780832559.164:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8228 comm="syz.1.609" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  170.030835][   T40] audit: type=1326 audit(1780832559.164:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8228 comm="syz.1.609" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  170.038229][   T40] audit: type=1326 audit(1780832559.164:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8228 comm="syz.1.609" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  170.045793][   T40] audit: type=1326 audit(1780832559.164:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8228 comm="syz.1.609" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef7c code=0x7ffc0000
[  170.087588][ T8229] netlink: 8 bytes leftover after parsing attributes in process `syz.1.609'.
[  170.331666][ T8240] netlink: 4 bytes leftover after parsing attributes in process `syz.2.613'.
[  170.814782][ T8245] usb usb8: usbfs: process 8245 (syz.2.615) did not claim interface 6 before use
[  171.238440][ T5893] usb 5-1: USB disconnect, device number 12
[  171.362868][ T8252] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[  171.365558][ T8252] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  171.371514][ T8252] vhci_hcd vhci_hcd.0: Device attached
[  171.393146][ T8256] netlink: 'syz.1.619': attribute type 10 has an invalid length.
[  171.397171][ T8256] netlink: 55 bytes leftover after parsing attributes in process `syz.1.619'.
[  171.406674][ T8258] netlink: 'syz.0.618': attribute type 19 has an invalid length.
[  171.645228][ T5847] usb 44-1: SetAddress Request (2) to port 0
[  171.648715][ T5847] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  171.653206][ T5893] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  171.716387][ T5893] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  171.865968][ T8264] fido_id[8264]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  172.048702][ T8271] netlink: 36 bytes leftover after parsing attributes in process `syz.2.623'.
[  172.160749][ T8253] vhci_hcd: connection reset by peer
[  172.179422][ T6134] vhci_hcd vhci_hcd.3: stop threads
[  172.216693][ T6134] vhci_hcd vhci_hcd.3: release socket
[  172.227391][ T6134] vhci_hcd vhci_hcd.3: disconnect device
[  173.047073][ T8286] 9p: Bad value for 'rfdno'
[  173.049285][ T8287] 9p: Bad value for 'rfdno'
[  173.224483][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  173.299695][ T8291] 9p: Bad value for 'wfdno'
[  173.614849][ T8297] input: syz0 as /devices/virtual/input/input10
[  173.730937][ T5753] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  173.734633][ T5753] CPU: 1 UID: 0 PID: 5753 Comm: kworker/u33:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  173.734651][ T5753] Tainted: [L]=SOFTLOCKUP
[  173.734655][ T5753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  173.734663][ T5753] Workqueue: hci3 hci_rx_work
[  173.734680][ T5753] Call Trace:
[  173.734684][ T5753]  <TASK>
[  173.734689][ T5753]  dump_stack_lvl+0x100/0x190
[  173.734710][ T5753]  sysfs_warn_dup.cold+0x1c/0x28
[  173.734726][ T5753]  sysfs_create_dir_ns+0x24b/0x2b0
[  173.734739][ T5753]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  173.734749][ T5753]  ? find_held_lock+0x2b/0x80
[  173.734763][ T5753]  ? kobject_add_internal+0x25f/0x930
[  173.734774][ T5753]  ? kobject_add_internal+0x25f/0x930
[  173.734785][ T5753]  ? do_raw_spin_unlock+0x145/0x1e0
[  173.734798][ T5753]  kobject_add_internal+0x2c8/0x930
[  173.734811][ T5753]  kobject_add+0x16a/0x1e0
[  173.734821][ T5753]  ? __pfx_kobject_add+0x10/0x10
[  173.734830][ T5753]  ? class_to_subsys+0x10f/0x150
[  173.734845][ T5753]  ? kobject_put+0xb9/0x640
[  173.734861][ T5753]  ? _raw_spin_unlock+0x28/0x50
[  173.734878][ T5753]  device_add+0x294/0x1950
[  173.734890][ T5753]  ? __pfx_dev_set_name+0x10/0x10
[  173.734904][ T5753]  ? __pfx_device_add+0x10/0x10
[  173.734916][ T5753]  ? mgmt_send_event_skb+0x2fb/0x460
[  173.734933][ T5753]  hci_conn_add_sysfs+0x1a3/0x260
[  173.734950][ T5753]  le_conn_complete_evt+0x11eb/0x1f60
[  173.734970][ T5753]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  173.734988][ T5753]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[  173.735003][ T5753]  ? skb_pull_data+0x15f/0x1e0
[  173.735018][ T5753]  hci_le_meta_evt+0x34a/0x5f0
[  173.735032][ T5753]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  173.735048][ T5753]  hci_event_packet+0x51c/0xcd0
[  173.735061][ T5753]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  173.735076][ T5753]  ? __pfx_hci_event_packet+0x10/0x10
[  173.735091][ T5753]  ? kcov_remote_start+0x374/0x660
[  173.735105][ T5753]  ? lockdep_hardirqs_on+0x78/0x100
[  173.735123][ T5753]  hci_rx_work+0x451/0xfc0
[  173.735138][ T5753]  process_one_work+0xa0e/0x1980
[  173.735155][ T5753]  ? __pfx_process_one_work+0x10/0x10
[  173.735169][ T5753]  ? __pfx_hci_rx_work+0x10/0x10
[  173.735183][ T5753]  worker_thread+0x5ef/0xe50
[  173.735198][ T5753]  ? kthread+0x13a/0x450
[  173.735212][ T5753]  ? __pfx_worker_thread+0x10/0x10
[  173.735221][ T5753]  kthread+0x370/0x450
[  173.735236][ T5753]  ? __pfx_kthread+0x10/0x10
[  173.735252][ T5753]  ret_from_fork+0x72b/0xd50
[  173.735264][ T5753]  ? __pfx_ret_from_fork+0x10/0x10
[  173.735275][ T5753]  ? __switch_to+0x800/0x1100
[  173.735290][ T5753]  ? __pfx_kthread+0x10/0x10
[  173.735306][ T5753]  ret_from_fork_asm+0x1a/0x30
[  173.735326][ T5753]  </TASK>
[  173.735339][ T5753] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  173.822016][ T5753] Bluetooth: hci3: failed to register connection device
[  174.252654][ T8317] netlink: 24 bytes leftover after parsing attributes in process `syz.1.634'.
[  174.455265][ T8302] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  174.466710][ T8302] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  174.487750][ T8302] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  174.489715][ T8302] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  174.513731][ T8302] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  174.517160][ T8302] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  174.522396][ T8302] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  174.525731][ T8302] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  174.531126][ T8302] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  174.539256][ T8302] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  174.619074][ T8330] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  174.621193][ T8330] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  174.623734][ T8330] vhci_hcd vhci_hcd.0: Device attached
[  174.738214][ T8330] wg2 speed is unknown, defaulting to 1000
[  174.743748][ T8330] wg2 speed is unknown, defaulting to 1000
[  174.746979][ T8330] wg2 speed is unknown, defaulting to 1000
[  174.875922][ T8330] infiniband syz2: set active
[  174.877415][ T8330] infiniband syz2: added wg2
[  174.891085][ T8330] smbdirect: ib_dev[syz2]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[  174.897056][ T8330] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[  174.903693][ T8330] smbdirect: ib_dev[syz2]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[  174.904368][   T24] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  174.923325][ T8330] RDS/IB: syz2: added
[  174.925201][ T8330] smc: adding ib device syz2 with port count 1
[  174.927670][ T8330] smc:    ib device syz2 port 1 has no pnetid
[  174.930833][ T8330] wg2 speed is unknown, defaulting to 1000
[  174.996778][ T5893] wg2 speed is unknown, defaulting to 1000
[  175.004543][ T5893] wg2 speed is unknown, defaulting to 1000
[  175.054958][ T8340] netlink: 'syz.3.642': attribute type 5 has an invalid length.
[  175.055851][   T24] usb 7-1: Using ep0 maxpacket: 16
[  175.060709][ T8340] netlink: 196 bytes leftover after parsing attributes in process `syz.3.642'.
[  175.068918][ T8340] netlink: 196 bytes leftover after parsing attributes in process `syz.3.642'.
[  175.085713][   T24] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  175.088681][   T24] usb 7-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  175.092950][   T24] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  175.097625][   T24] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  175.098530][ T8340] input: syz0 as /devices/virtual/input/input11
[  175.103102][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  175.107192][   T24] usb 7-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  175.110036][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.112439][   T24] usb 7-1: Product: syz
[  175.116624][   T24] usb 7-1: Manufacturer: syz
[  175.118063][   T24] usb 7-1: SerialNumber: syz
[  175.163557][ T8330] wg2 speed is unknown, defaulting to 1000
[  175.175139][ T6381] usb 40-1: SetAddress Request (2) to port 0
[  175.178206][ T6381] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  175.207250][   T24] usb 7-1: config 0 descriptor??
[  175.211749][ T8334] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  175.214972][   T40] kauditd_printk_skb: 34 callbacks suppressed
[  175.214983][   T40] audit: type=1326 audit(1780832564.364:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.216588][ T8343] syz.0.643 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  175.217529][   T40] audit: type=1326 audit(1780832564.364:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.235509][   T40] audit: type=1326 audit(1780832564.364:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.243674][   T40] audit: type=1326 audit(1780832564.364:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.254599][   T40] audit: type=1326 audit(1780832564.374:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.254640][   T40] audit: type=1326 audit(1780832564.374:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.254677][   T40] audit: type=1326 audit(1780832564.374:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.254713][   T40] audit: type=1326 audit(1780832564.374:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.254748][   T40] audit: type=1326 audit(1780832564.374:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.254784][   T40] audit: type=1326 audit(1780832564.374:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.0.643" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000
[  175.426374][ T8330] wg2 speed is unknown, defaulting to 1000
[  175.430324][ T8334] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  175.438741][   T24] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input12
[  175.543354][ T8330] wg2 speed is unknown, defaulting to 1000
[  175.826013][ T8348] 9p: Bad value for 'wfdno'
[  175.874556][ T8331] vhci_hcd: connection reset by peer
[  175.879171][   T60] vhci_hcd vhci_hcd.1: stop threads
[  175.879201][   T60] vhci_hcd vhci_hcd.1: release socket
[  175.879242][   T60] vhci_hcd vhci_hcd.1: disconnect device
[  175.894582][ T5758] Bluetooth: hci0: command 0x0401 tx timeout
[  176.076106][ T5893] usb 7-1: USB disconnect, device number 9
[  176.554356][ T5761] Bluetooth: hci2: command 0x0406 tx timeout
[  176.558216][ T5760] Bluetooth: hci3: command 0x0405 tx timeout
[  176.560676][   T62] Bluetooth: hci1: command 0x0406 tx timeout
[  176.694454][ T5847] usb 44-1: device descriptor read/8, error -110
[  177.095565][ T5847] usb usb44-port1: attempt power cycle
[  177.260001][ T8362] netlink: 28 bytes leftover after parsing attributes in process `syz.0.648'.
[  177.482928][ T8360] openvswitch: netlink: EtherType 0 is less than min 600
[  177.527209][ T8360] IPv6: NLM_F_CREATE should be specified when creating new route
[  177.527914][ T8360] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.647'.
[  177.558793][ T8375] NILFS (nbd2): device size too small
[  177.747936][ T5847] usb usb44-port1: unable to enumerate USB device
[  177.816388][ T8379] netlink: 56 bytes leftover after parsing attributes in process `syz.3.654'.
[  177.828760][ T8379] ip6gretap0: entered promiscuous mode
[  177.874474][   T24] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  177.974565][ T5758] Bluetooth: hci0: command 0x0401 tx timeout
[  178.014786][ T8383] netlink: 260 bytes leftover after parsing attributes in process `syz.3.655'.
[  178.134943][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.154473][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.161715][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  178.167450][   T24] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  178.171478][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.242289][   T24] usb 7-1: config 0 descriptor??
[  178.625713][ T5758] Bluetooth: hci1: command 0x0406 tx timeout
[  178.627607][ T5758] Bluetooth: hci2: command 0x0406 tx timeout
[  178.629607][   T62] Bluetooth: hci3: command 0x0405 tx timeout
[  178.678141][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.681390][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.691114][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.696854][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.701218][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.706854][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.711733][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.715147][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.720375][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.760998][   T24] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  178.889569][   T24] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  179.056670][ T8375] netlink: 4 bytes leftover after parsing attributes in process `syz.2.652'.
[  179.142634][ T5830] usb 7-1: USB disconnect, device number 10
[  179.865669][ T8405] netlink: 24 bytes leftover after parsing attributes in process `syz.3.661'.
[  180.045514][   T24] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  180.204467][   T24] usb 7-1: Using ep0 maxpacket: 32
[  180.215937][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[  180.226422][   T24] usb 7-1: no configurations
[  180.228472][   T24] usb 7-1: can't read configurations, error -22
[  180.562485][ T8420] FAULT_INJECTION: forcing a failure.
[  180.562485][ T8420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.566752][ T8420] CPU: 2 UID: 0 PID: 8420 Comm: syz.0.666 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  180.566769][ T8420] Tainted: [L]=SOFTLOCKUP
[  180.566773][ T8420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  180.566778][ T8420] Call Trace:
[  180.566782][ T8420]  <TASK>
[  180.566787][ T8420]  dump_stack_lvl+0x100/0x190
[  180.566808][ T8420]  should_fail_ex.cold+0x5/0xa
[  180.566821][ T8420]  _copy_from_iter+0x1f4/0x1690
[  180.566838][ T8420]  ? __asan_memset+0x23/0x50
[  180.566855][ T8420]  ? __pfx__copy_from_iter+0x10/0x10
[  180.566869][ T8420]  ? __pfx___alloc_skb+0x10/0x10
[  180.566879][ T8420]  ? __pfx___might_resched+0x10/0x10
[  180.566895][ T8420]  netlink_sendmsg+0x808/0xda0
[  180.566911][ T8420]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.566926][ T8420]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  180.566940][ T8420]  ____sys_sendmsg+0x9e1/0xb70
[  180.566953][ T8420]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.566967][ T8420]  ? __pfx_____sys_sendmsg+0x10/0x10
[  180.566986][ T8420]  ___sys_sendmsg+0x190/0x1e0
[  180.567001][ T8420]  ? __pfx____sys_sendmsg+0x10/0x10
[  180.567021][ T8420]  ? find_held_lock+0x2b/0x80
[  180.567041][ T8420]  __sys_sendmsg+0x170/0x220
[  180.567052][ T8420]  ? __pfx___sys_sendmsg+0x10/0x10
[  180.567062][ T8420]  ? __fget_files+0x21f/0x3d0
[  180.567078][ T8420]  ? ksys_write+0x1ac/0x250
[  180.567091][ T8420]  ? rcu_is_watching+0x12/0xc0
[  180.567105][ T8420]  __do_fast_syscall_32+0xe7/0x970
[  180.567120][ T8420]  ? lockdep_hardirqs_on+0x78/0x100
[  180.567135][ T8420]  do_fast_syscall_32+0x32/0x70
[  180.567151][ T8420]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  180.567164][ T8420] RIP: 0023:0xf6ffef7c
[  180.567172][ T8420] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  180.567183][ T8420] RSP: 002b:00000000f53ed50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  180.567194][ T8420] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  180.567202][ T8420] RDX: 00000000040040c0 RSI: 0000000000000000 RDI: 0000000000000000
[  180.567208][ T8420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  180.567214][ T8420] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  180.567220][ T8420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  180.567233][ T8420]  </TASK>
[  180.626264][ T6381] usb 40-1: device descriptor read/8, error -110
[  180.694623][ T5758] Bluetooth: hci3: command 0x0405 tx timeout
[  180.911760][ T8432] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.670'.
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x90000)
[  181.180401][ T6381] usb usb40-port1: attempt power cycle
[  181.844880][ T6381] usb usb40-port1: unable to enumerate USB device
[  181.965509][ T1129] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  182.024431][ T1129] ata1: failed to read log page 10h (errno=-5)
[  182.027087][ T1129] ata1.00: NCQ disabled due to excessive errors
[  182.029738][ T1129] ata1.00: exception Emask 0x1 SAct 0x40000000 SErr 0x0 action 0x0
[  182.033544][ T1129] ata1.00: irq_stat 0x41000008
[  182.035730][ T1129] ata1.00: failed command: WRITE FPDMA QUEUED
[  182.038301][ T1129] ata1.00: cmd 61/80:f0:b6:2c:0a/04:00:00:00:00/40 tag 30 ncq dma 589824 out
[  182.038301][ T1129]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  182.045513][ T1129] ata1.00: status: { DRDY }
[  182.047400][ T1129] ata1.00: error: { ABRT }
[  182.050219][ T1129] ata1.00: configured for UDMA/100
[  182.052680][ T1129] ata1: EH complete
[  182.479162][ T8446] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.527012][ T8452] xt_policy: output policy not valid in PREROUTING and INPUT
[  182.578356][ T8446] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.716529][ T8446] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.784637][ T5758] Bluetooth: hci3: command 0x0405 tx timeout
[  182.804794][ T8446] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.946694][   T60] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.958209][ T6134] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.966299][ T6134] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.973733][ T6134] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.070922][ T8468] netlink: 'syz.1.681': attribute type 21 has an invalid length.
[  183.073928][ T8468] IPv6: NLM_F_CREATE should be specified when creating new route
[  183.076699][ T8468] netlink: 'syz.1.681': attribute type 1 has an invalid length.
[  183.081170][ T8468] netlink: 4 bytes leftover after parsing attributes in process `syz.1.681'.
[  183.086173][ T8468] netlink: 28 bytes leftover after parsing attributes in process `syz.1.681'.
[  183.089500][ T8468] netlink: 28 bytes leftover after parsing attributes in process `syz.1.681'.
[  183.321887][ T8468] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 1��^!�l�1�*�$pOc�ɔ��r$�G����
[  183.558617][ T6381] IPVS: starting estimator thread 0...
[  183.645333][ T8482] IPVS: using max 41 ests per chain, 98400 per kthread
[  183.866056][ T8497] can0: slcan on ttyS3.
[  184.037021][ T8503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.691'.
[  184.040836][ T8503] netlink: 348 bytes leftover after parsing attributes in process `syz.2.691'.
[  184.044526][ T8503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.691'.
[  184.047921][ T8503] netlink: 348 bytes leftover after parsing attributes in process `syz.2.691'.
[  184.052062][ T8503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.691'.
[  185.751922][ T8521] netlink: 20 bytes leftover after parsing attributes in process `syz.0.694'.
[  185.754946][ T8521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.694'.
[  186.346852][ T8491] can0 (unregistered): slcan off ttyS3.
[  186.651074][ T8538] Mount JFS Failure: -5
[  186.670768][ T8538] netlink: 'syz.0.698': attribute type 1 has an invalid length.
[  186.673816][ T8538] netlink: 4 bytes leftover after parsing attributes in process `syz.0.698'.
[  187.052489][ T8544] 9p: Bad value for 'wfdno'
[  187.816266][ T5758] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  187.825504][ T5758] Bluetooth: hci3: Injecting HCI hardware error event
[  187.839527][ T5758] Bluetooth: hci3: hardware error 0x00
[  188.584370][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  188.760996][ T8572] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  188.764170][ T8572] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  188.768283][ T8572] overlayfs: missing 'lowerdir'
[  188.986472][ T8573] x_tables: duplicate underflow at hook 1
[  189.008237][ T8573] hub 8-0:1.0: USB hub found
[  189.016665][ T8573] hub 8-0:1.0: 1 port detected
[  189.756695][   T40] kauditd_printk_skb: 56 callbacks suppressed
[  189.756706][   T40] audit: type=1804 audit(1780832578.904:576): pid=8587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.712" name="bus" dev="ramfs" ino=24015 res=1 errno=0
[  189.782941][   T40] audit: type=1804 audit(1780832578.914:577): pid=8587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.712" name="bus" dev="ramfs" ino=24015 res=1 errno=0
[  189.909386][ T5758] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  190.534170][ T8593] 9p: Bad value for 'wfdno'
[  190.616840][ T8605] input: syz1 as /devices/virtual/input/input13
[  191.677269][ T8648] batadv0: entered promiscuous mode
[  191.700623][ T8648] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  191.704871][ T8648] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  191.719828][ T8648] batadv0: left promiscuous mode
[  194.018946][ T8675] netlink: 16 bytes leftover after parsing attributes in process `syz.1.738'.
[  194.314404][ T5847] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  194.398211][ T8683] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  194.400918][ T8683] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  194.409840][ T8683] vhci_hcd vhci_hcd.0: Device attached
[  194.494415][ T5830] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  194.644363][ T5830] usb 5-1: Using ep0 maxpacket: 32
[  194.648433][ T5830] usb 5-1: config 1 interface 0 has no altsetting 0
[  194.653296][ T5830] usb 5-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.40
[  194.658217][ T5830] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.661625][ T5830] usb 5-1: Product: syz
[  194.663461][ T5830] usb 5-1: Manufacturer: syz
[  194.665902][ T5830] usb 5-1: SerialNumber: syz
[  194.667784][ T8684] vhci_hcd: connection closed
[  194.668315][   T12] vhci_hcd vhci_hcd.2: stop threads
[  194.677908][   T12] vhci_hcd vhci_hcd.2: release socket
[  194.680392][   T12] vhci_hcd vhci_hcd.2: disconnect device
[  194.684360][   T57] usb 42-1: enqueue for inactive port 0
[  194.769075][ T5847] usb 6-1: unable to get BOS descriptor or descriptor too short
[  194.772155][ T5847] usb 6-1: unable to read config index 0 descriptor/start: -71
[  194.774858][ T5847] usb 6-1: can't read configurations, error -71
[  195.096216][ T8682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.099451][ T8682] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.105306][ T8682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.109415][ T8682] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.120841][ T5830] usbhid 5-1:1.0: can't add hid device: -71
[  195.122761][ T5830] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  195.130059][ T5830] usb 5-1: USB disconnect, device number 13
[  195.474673][   T57] usb usb42-port1: attempt power cycle
[  195.605271][ T8695] bridge_slave_0: left allmulticast mode
[  195.607255][ T8695] bridge_slave_0: left promiscuous mode
[  195.609344][ T8695] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.613276][ T8695] bridge_slave_1: left allmulticast mode
[  195.616009][ T8695] bridge_slave_1: left promiscuous mode
[  195.617994][ T8695] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.656513][ T8695] bond0: (slave bond_slave_0): Releasing backup interface
[  195.674904][ T8695] bond_slave_0: left promiscuous mode
[  195.695759][ T8695] bond0: (slave bond_slave_1): Releasing backup interface
[  195.712178][ T8695] bond_slave_1: left promiscuous mode
[  195.717314][ T8699] FAULT_INJECTION: forcing a failure.
[  195.717314][ T8699] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  195.721905][ T8699] CPU: 3 UID: 0 PID: 8699 Comm: syz.0.746 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  195.721933][ T8699] Tainted: [L]=SOFTLOCKUP
[  195.721936][ T8699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  195.721943][ T8699] Call Trace:
[  195.721947][ T8699]  <TASK>
[  195.721951][ T8699]  dump_stack_lvl+0x100/0x190
[  195.721972][ T8699]  should_fail_ex.cold+0x5/0xa
[  195.721984][ T8699]  ? prepare_alloc_pages+0x16d/0x5f0
[  195.721998][ T8699]  should_fail_alloc_page+0xeb/0x140
[  195.722012][ T8699]  prepare_alloc_pages+0x1f0/0x5f0
[  195.722028][ T8699]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  195.722045][ T8699]  ? find_held_lock+0x2b/0x80
[  195.722058][ T8699]  ? clockevents_program_event+0x1bf/0x820
[  195.722070][ T8699]  ? clockevents_program_event+0x1bf/0x820
[  195.722084][ T8699]  ? ktime_expiry_to_cycles+0xc0/0x2c0
[  195.722099][ T8699]  ? ktime_expiry_to_cycles+0x3c/0x2c0
[  195.722117][ T8699]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  195.722137][ T8699]  ? __lock_acquire+0x4a5/0x2630
[  195.722152][ T8699]  ? __lock_acquire+0x4a5/0x2630
[  195.722167][ T8699]  ? __css_rstat_updated+0x1ce/0x5a0
[  195.722187][ T8699]  ? lock_acquire+0x1b1/0x370
[  195.722202][ T8699]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  195.722218][ T8699]  ? policy_nodemask+0xed/0x4f0
[  195.722231][ T8699]  alloc_pages_mpol+0x1fb/0x540
[  195.722244][ T8699]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  195.722257][ T8699]  ? __lock_acquire+0x4a5/0x2630
[  195.722274][ T8699]  folio_alloc_mpol_noprof+0x36/0x260
[  195.722289][ T8699]  vma_alloc_folio_noprof+0xed/0x1d0
[  195.722303][ T8699]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  195.722322][ T8699]  do_anonymous_page+0xb46/0x2050
[  195.722338][ T8699]  ? rcu_read_unlock+0x2d/0xb0
[  195.722357][ T8699]  __handle_mm_fault+0x1d2c/0x2a00
[  195.722373][ T8699]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  195.722386][ T8699]  ? __pfx___handle_mm_fault+0x10/0x10
[  195.722403][ T8699]  ? pte_offset_map_lock+0x174/0x320
[  195.722414][ T8699]  ? find_held_lock+0x2b/0x80
[  195.722431][ T8699]  ? follow_page_pte+0x4d0/0x13f0
[  195.722447][ T8699]  handle_mm_fault+0x37b/0xa30
[  195.722464][ T8699]  __get_user_pages+0x1178/0x32a0
[  195.722481][ T8699]  ? down_read_killable+0x307/0x4b0
[  195.722497][ T8699]  ? __pfx___get_user_pages+0x10/0x10
[  195.722514][ T8699]  __gup_longterm_locked+0x87d/0x16f0
[  195.722531][ T8699]  ? __pfx___gup_longterm_locked+0x10/0x10
[  195.722546][ T8699]  ? find_held_lock+0x2b/0x80
[  195.722558][ T8699]  ? gup_fast_fallback+0x7e8/0x2790
[  195.722571][ T8699]  ? sanity_check_pinned_pages+0x4f2/0x8b0
[  195.722582][ T8699]  ? rcu_is_watching+0x12/0xc0
[  195.722596][ T8699]  gup_fast_fallback+0x16dc/0x2790
[  195.722619][ T8699]  ? __pfx_gup_fast_fallback+0x10/0x10
[  195.722633][ T8699]  ? stack_trace_save+0x8e/0xc0
[  195.722646][ T8699]  ? __pfx_stack_trace_save+0x10/0x10
[  195.722660][ T8699]  ? stack_depot_save_flags+0x27/0x9d0
[  195.722679][ T8699]  pin_user_pages_fast+0xa7/0xf0
[  195.722693][ T8699]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  195.722705][ T8699]  ? bio_alloc_bioset+0xb34/0x1070
[  195.722715][ T8699]  ? blkdev_read_iter+0x225/0x4f0
[  195.722731][ T8699]  ? do_iter_readv_writev+0x60d/0x920
[  195.722742][ T8699]  ? do_preadv+0x1ac/0x270
[  195.722754][ T8699]  iov_iter_extract_pages+0xa0d/0x1ef0
[  195.722774][ T8699]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  195.722789][ T8699]  ? find_held_lock+0x2b/0x80
[  195.722801][ T8699]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  195.722817][ T8699]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  195.722836][ T8699]  iov_iter_extract_bvecs+0x10b/0xa60
[  195.722850][ T8699]  ? find_held_lock+0x2b/0x80
[  195.722862][ T8699]  ? bio_associate_blkg+0x137/0x2a0
[  195.722876][ T8699]  ? bio_associate_blkg+0x137/0x2a0
[  195.722894][ T8699]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  195.722907][ T8699]  ? bio_init+0x404/0x610
[  195.722917][ T8699]  ? bio_alloc_bioset+0x24a/0x1070
[  195.722930][ T8699]  bio_iov_iter_get_pages+0x26f/0x670
[  195.722948][ T8699]  blkdev_direct_IO+0x1302/0x1fb0
[  195.722971][ T8699]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  195.722989][ T8699]  ? rcu_read_lock_any_held+0x6a/0xa0
[  195.723002][ T8699]  ? touch_atime+0xa5/0x7a0
[  195.723014][ T8699]  blkdev_read_iter+0x225/0x4f0
[  195.723033][ T8699]  do_iter_readv_writev+0x60d/0x920
[  195.723045][ T8699]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  195.723058][ T8699]  ? bpf_lsm_file_permission+0x9/0x10
[  195.723068][ T8699]  ? security_file_permission+0x76/0x210
[  195.723082][ T8699]  ? rw_verify_area+0xce/0x6d0
[  195.723094][ T8699]  vfs_readv+0x4d3/0x8d0
[  195.723108][ T8699]  ? __pfx_vfs_readv+0x10/0x10
[  195.723119][ T8699]  ? find_held_lock+0x2b/0x80
[  195.723140][ T8699]  ? __fget_files+0x21f/0x3d0
[  195.723155][ T8699]  ? do_preadv+0x1ac/0x270
[  195.723165][ T8699]  do_preadv+0x1ac/0x270
[  195.723176][ T8699]  ? __pfx_do_preadv+0x10/0x10
[  195.723187][ T8699]  ? fput+0x79/0x100
[  195.723203][ T8699]  __ia32_compat_sys_preadv2+0x121/0x1b0
[  195.723219][ T8699]  __do_fast_syscall_32+0xe7/0x970
[  195.723234][ T8699]  ? lockdep_hardirqs_on+0x78/0x100
[  195.723249][ T8699]  do_fast_syscall_32+0x32/0x70
[  195.723265][ T8699]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  195.723278][ T8699] RIP: 0023:0xf6ffef7c
[  195.723287][ T8699] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  195.723297][ T8699] RSP: 002b:00000000f53cc50c EFLAGS: 00000292 ORIG_RAX: 000000000000017a
[  195.723308][ T8699] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  195.723314][ T8699] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  195.723320][ T8699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  195.723326][ T8699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  195.723332][ T8699] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  195.723345][ T8699]  </TASK>
[  195.951155][ T8695] team0: Port device team_slave_0 removed
[  195.956735][ T8695] team0: Port device team_slave_1 removed
[  195.959550][ T8695] batman_adv: batadv0: Removing interface: batadv_slave_0
[  195.963342][ T8695] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.967253][ T8695] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  196.076213][   T57] usb usb42-port1: unable to enumerate USB device
[  196.206941][   T40] audit: type=1326 audit(1780832585.354:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef7c code=0x7ffc0000
[  196.208502][ T8704] syzkaller0: entered promiscuous mode
[  196.227969][ T8704] syzkaller0: entered allmulticast mode
[  196.229527][   T40] audit: type=1326 audit(1780832585.354:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf707ef7c code=0x7ffc0000
[  196.257190][   T40] audit: type=1326 audit(1780832585.354:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf707efa7 code=0x7ffc0000
[  196.273080][   T40] audit: type=1326 audit(1780832585.354:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf707ef7c code=0x7ffc0000
[  196.279866][   T40] audit: type=1326 audit(1780832585.354:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf707efa7 code=0x7ffc0000
[  196.286459][   T40] audit: type=1326 audit(1780832585.354:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf707ef7c code=0x7ffc0000
[  196.292912][   T40] audit: type=1326 audit(1780832585.354:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf707efa7 code=0x7ffc0000
[  196.299278][   T40] audit: type=1326 audit(1780832585.354:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf707ef7c code=0x7ffc0000
[  196.305748][   T40] audit: type=1326 audit(1780832585.354:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf707efa7 code=0x7ffc0000
[  196.312094][   T40] audit: type=1326 audit(1780832585.354:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8691 comm="syz.3.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf707ef7c code=0x7ffc0000
[  196.837081][ T8716] input: syz1 as /devices/virtual/input/input14
[  197.122470][ T8722] netlink: 'syz.2.752': attribute type 10 has an invalid length.
[  197.125222][ T8722] netlink: 40 bytes leftover after parsing attributes in process `syz.2.752'.
[  197.129207][ T8722] dummy0: entered promiscuous mode
[  197.143224][ T8722] bridge0: port 1(dummy0) entered blocking state
[  197.145391][ T8722] bridge0: port 1(dummy0) entered disabled state
[  197.148557][ T8722] dummy0: entered allmulticast mode
[  198.036423][ T8744] FAULT_INJECTION: forcing a failure.
[  198.036423][ T8744] name failslab, interval 1, probability 0, space 0, times 0
[  198.041752][ T8744] CPU: 1 UID: 0 PID: 8744 Comm: syz.0.758 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  198.041779][ T8744] Tainted: [L]=SOFTLOCKUP
[  198.041785][ T8744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  198.041794][ T8744] Call Trace:
[  198.041800][ T8744]  <TASK>
[  198.041806][ T8744]  dump_stack_lvl+0x100/0x190
[  198.041841][ T8744]  should_fail_ex.cold+0x5/0xa
[  198.041862][ T8744]  should_failslab+0xc2/0x120
[  198.041885][ T8744]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  198.041915][ T8744]  ? alloc_vmap_area+0x183e/0x2b70
[  198.041941][ T8744]  alloc_vmap_area+0x183e/0x2b70
[  198.041972][ T8744]  ? __pfx_alloc_vmap_area+0x10/0x10
[  198.041999][ T8744]  __get_vm_area_node+0x1ca/0x330
[  198.042026][ T8744]  __vmalloc_node_range_noprof+0x228/0x1630
[  198.042048][ T8744]  ? create_io_thread+0xc2/0x110
[  198.042072][ T8744]  ? rcu_is_watching+0x12/0xc0
[  198.042097][ T8744]  ? create_io_thread+0xc2/0x110
[  198.042126][ T8744]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  198.042157][ T8744]  ? rcu_is_watching+0x12/0xc0
[  198.042176][ T8744]  ? trace_kmem_cache_alloc+0xd5/0x100
[  198.042199][ T8744]  ? create_io_thread+0xc2/0x110
[  198.042222][ T8744]  __vmalloc_node_noprof+0xad/0xf0
[  198.042245][ T8744]  ? create_io_thread+0xc2/0x110
[  198.042271][ T8744]  copy_process+0x7fb/0x7ed0
[  198.042294][ T8744]  ? __lock_acquire+0x4a5/0x2630
[  198.042322][ T8744]  ? stack_depot_save_flags+0x27/0x9d0
[  198.042349][ T8744]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  198.042384][ T8744]  ? __pfx_copy_process+0x10/0x10
[  198.042413][ T8744]  ? __pfx_io_sq_thread+0x10/0x10
[  198.042435][ T8744]  create_io_thread+0xc2/0x110
[  198.042455][ T8744]  ? __pfx_create_io_thread+0x10/0x10
[  198.042483][ T8744]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  198.042514][ T8744]  ? __pfx_io_sq_thread+0x10/0x10
[  198.042537][ T8744]  ? rcu_is_watching+0x12/0xc0
[  198.042557][ T8744]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  198.042580][ T8744]  ? lockdep_hardirqs_on+0x78/0x100
[  198.042605][ T8744]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  198.042631][ T8744]  io_sq_offload_create+0xd11/0xf00
[  198.042654][ T8744]  ? __pfx_io_sq_offload_create+0x10/0x10
[  198.042673][ T8744]  ? bpf_lsm_capable+0x9/0x10
[  198.042692][ T8744]  ? security_capable+0x80/0x260
[  198.042714][ T8744]  io_uring_setup.cold+0x147f/0x1c6e
[  198.042746][ T8744]  ? __pfx_io_uring_setup+0x10/0x10
[  198.042791][ T8744]  ? fput+0x79/0x100
[  198.042815][ T8744]  ? ksys_write+0x1ac/0x250
[  198.042839][ T8744]  __ia32_sys_io_uring_setup+0xc2/0x170
[  198.042868][ T8744]  __do_fast_syscall_32+0xe7/0x970
[  198.042889][ T8744]  ? lockdep_hardirqs_on+0x78/0x100
[  198.042916][ T8744]  do_fast_syscall_32+0x32/0x70
[  198.042937][ T8744]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  198.042959][ T8744] RIP: 0023:0xf6ffef7c
[  198.042973][ T8744] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  198.042990][ T8744] RSP: 002b:00000000f53cc4bc EFLAGS: 00000282 ORIG_RAX: 00000000000001a9
[  198.043008][ T8744] RAX: ffffffffffffffda RBX: 0000000000000131 RCX: 0000000080000600
[  198.043018][ T8744] RDX: 0000000000000000 RSI: 00000000f53cc514 RDI: 00000000f53cc578
[  198.043030][ T8744] RBP: 0000000080ffe000 R08: 0000000000000000 R09: 0000000000000000
[  198.043040][ T8744] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  198.043050][ T8744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  198.043074][ T8744]  </TASK>
[  198.258423][ T8745] nft_compat: unsupported protocol 1
[  198.593735][ T8753] netlink: 8 bytes leftover after parsing attributes in process `syz.1.760'.
[  199.365026][ T8751] random: crng reseeded on system resumption
[  199.635353][ T8759] xt_bpf: check failed: parse error
[  199.970457][ T5830] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  200.735869][ T5830] usb 6-1: config 128 has an invalid interface number: 148 but max is 0
[  200.739865][ T5830] usb 6-1: config 128 has no interface number 0
[  200.742908][ T5830] usb 6-1: config 128 interface 148 altsetting 9 endpoint 0x7 has invalid wMaxPacketSize 0
[  200.747838][ T5830] usb 6-1: config 128 interface 148 altsetting 9 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  200.751585][ T5830] usb 6-1: config 128 interface 148 has no altsetting 0
[  200.755524][ T5830] usb 6-1: New USB device found, idVendor=0cf3, idProduct=e019, bcdDevice=fb.4f
[  200.758471][ T5830] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.764643][ T5830] usb 6-1: Product: syz
[  200.765969][ T5830] usb 6-1: Manufacturer: syz
[  200.768173][ T5830] usb 6-1: SerialNumber: syz
[  201.384771][ T8778] wg2 speed is unknown, defaulting to 1000
[  201.544593][ T8772] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  201.552716][ T8772] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  201.559884][ T8772] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  201.579305][ T8761] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  201.586968][ T8761] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  201.602082][ T5830] usb 6-1: USB disconnect, device number 18
[  202.130621][ T8798] netlink: 8 bytes leftover after parsing attributes in process `syz.1.774'.
[  202.133483][ T8798] netlink: 12 bytes leftover after parsing attributes in process `syz.1.774'.
[  202.176346][ T8798] netlink: 8 bytes leftover after parsing attributes in process `syz.1.774'.
[  202.179665][ T8798] netlink: 12 bytes leftover after parsing attributes in process `syz.1.774'.
[  202.182962][   T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  202.187113][   T12] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  202.190638][   T12] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  202.193948][   T12] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  202.794359][ T5758] Bluetooth: hci0: command 0x0401 tx timeout
[  203.394015][ T8815] IPv6: NLM_F_CREATE should be specified when creating new route
[  203.396579][ T8815] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  203.400197][ T8815] IPv6: NLM_F_CREATE should be set when creating new route
[  203.402567][ T8815] IPv6: NLM_F_CREATE should be set when creating new route
[  203.404906][ T8815] IPv6: NLM_F_CREATE should be set when creating new route
[  203.412607][ T8815] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.780'.
[  203.578097][ T5761] Bluetooth: hci1: command 0x0406 tx timeout
[  203.578098][ T5758] Bluetooth: hci2: command 0x0406 tx timeout
[  204.320808][ T8822] netlink: 68 bytes leftover after parsing attributes in process `syz.1.782'.
[  204.326588][ T8822] netlink: 20 bytes leftover after parsing attributes in process `syz.1.782'.
[  204.823483][ T8833] 9pnet_fd: Insufficient options for proto=fd
[  205.491968][ T8843] netlink: 76 bytes leftover after parsing attributes in process `syz.1.789'.
[  207.554024][ T8848] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  208.093377][ T8866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.797'.
[  209.012564][ T8870] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  209.014774][ T8870] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  209.022947][ T8870] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  209.026067][ T8870] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  209.032652][ T8870] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  209.034593][ T8870] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  209.359038][ T8888] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_vlan, syncid = 0, id = 0
[  209.799193][ T8910] netlink: 766 bytes leftover after parsing attributes in process `syz.3.806'.
[  209.840923][ T8913] binder: 8912:8913 ioctl c0306201 0 returned -14
[  210.102181][ T8922] 9p: Bad value for 'wfdno'
[  210.761967][ T8952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.814'.
[  211.484342][ T5894] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  211.654037][ T5894] usb 7-1: not running at top speed; connect to a high speed hub
[  211.659003][ T5894] usb 7-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  211.662659][ T5894] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 512, setting to 64
[  211.667764][ T5894] usb 7-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  211.676195][ T5894] usb 7-1: New USB device found, idVendor=0499, idProduct=5003, bcdDevice= 0.40
[  211.679481][ T5894] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.682017][ T5894] usb 7-1: Product: ㎲켚볇뫤煿縠왈⣗倴꾍畢䙇筡̿襹퓺⢗⯈珚
[  211.684864][ T5894] usb 7-1: Manufacturer: 
[  211.686369][ T5894] usb 7-1: SerialNumber: syz
[  211.915509][ T8960] FAULT_INJECTION: forcing a failure.
[  211.915509][ T8960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.927639][ T5894] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  211.935758][ T8960] CPU: 2 UID: 0 PID: 8960 Comm: syz.0.817 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  211.935782][ T8960] Tainted: [L]=SOFTLOCKUP
[  211.935793][ T8960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  211.935801][ T8960] Call Trace:
[  211.935806][ T8960]  <TASK>
[  211.935811][ T8960]  dump_stack_lvl+0x100/0x190
[  211.935840][ T8960]  should_fail_ex.cold+0x5/0xa
[  211.935859][ T8960]  _copy_from_user+0x2e/0xd0
[  211.935879][ T8960]  cmsghdr_from_user_compat_to_kern+0x354/0x7d0
[  211.935902][ T8960]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  211.935918][ T8960]  ? __import_iovec+0x1d2/0x640
[  211.935943][ T8960]  ____sys_sendmsg+0x607/0xb70
[  211.935963][ T8960]  ? __pfx_____sys_sendmsg+0x10/0x10
[  211.935985][ T8960]  ? _kstrtoull+0x13c/0x1f0
[  211.935999][ T8960]  ? __pfx__kstrtoull+0x10/0x10
[  211.936014][ T8960]  ___sys_sendmsg+0x190/0x1e0
[  211.936034][ T8960]  ? __pfx____sys_sendmsg+0x10/0x10
[  211.936053][ T8960]  ? __lock_acquire+0x4a5/0x2630
[  211.936097][ T8960]  __sys_sendmmsg+0x2ff/0x430
[  211.936113][ T8960]  ? __pfx___sys_sendmmsg+0x10/0x10
[  211.936134][ T8960]  ? __fget_files+0x215/0x3d0
[  211.936158][ T8960]  ? fput+0x79/0x100
[  211.936176][ T8960]  ? ksys_write+0x1ac/0x250
[  211.936194][ T8960]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  211.936211][ T8960]  ? lockdep_hardirqs_on+0x78/0x100
[  211.936231][ T8960]  __do_fast_syscall_32+0xe7/0x970
[  211.936250][ T8960]  ? lockdep_hardirqs_on+0x78/0x100
[  211.936270][ T8960]  do_fast_syscall_32+0x32/0x70
[  211.936290][ T8960]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  211.936310][ T8960] RIP: 0023:0xf6ffef7c
[  211.936323][ T8960] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  211.936337][ T8960] RSP: 002b:00000000f53ed50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  211.936351][ T8960] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000f40
[  211.936360][ T8960] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  211.936368][ T8960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  211.936376][ T8960] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  211.936384][ T8960] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.936401][ T8960]  </TASK>
[  212.043455][ T5894] snd-usb-audio 7-1:1.0: probe with driver snd-usb-audio failed with error -2
[  212.080949][ T7835] udevd[7835]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  212.214055][ T8971] input: syz1 as /devices/virtual/input/input15
[  212.257123][ T8971] JFS: charset not found
[  212.422280][ T8979] fuse: Unknown parameter ''
[  213.010617][ T8992] netlink: 12 bytes leftover after parsing attributes in process `syz.2.827'.
[  213.290086][ T9001] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  213.304179][ T9001] overlayfs: missing 'lowerdir'
[  213.630191][ T9008] netlink: 12 bytes leftover after parsing attributes in process `syz.3.833'.
[  213.718611][ T9009] x_tables: duplicate underflow at hook 1
[  213.731691][ T9008] hub 8-0:1.0: USB hub found
[  213.735790][ T9008] hub 8-0:1.0: 1 port detected
[  213.907882][ T9014] autofs4:pid:9014:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  214.068448][ T9025] netlink: 'syz.0.839': attribute type 3 has an invalid length.
[  214.070895][ T9025] netlink: 'syz.0.839': attribute type 1 has an invalid length.
[  214.073363][ T9025] netlink: 224 bytes leftover after parsing attributes in process `syz.0.839'.
[  214.539773][ T9036] overlayfs: upper fs does not support file handles, falling back to index=off.
[  214.803869][   T40] kauditd_printk_skb: 885 callbacks suppressed
[  214.803887][   T40] audit: type=1326 audit(1780832603.944:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9033 comm="syz.0.842" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x0
[  214.824132][ T9039] netlink: 'syz.3.844': attribute type 1 has an invalid length.
[  214.846120][ T5860] usb 7-1: USB disconnect, device number 13
[  214.889638][ T9039] bond2: entered promiscuous mode
[  214.893447][ T9039] 8021q: adding VLAN 0 to HW filter on device bond2
[  214.912169][ T9041] 8021q: adding VLAN 0 to HW filter on device bond2
[  214.915429][ T9041] bond2: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  214.919433][ T9041] bond2: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  214.928956][ T9041] bond2: (slave ip6gre1): making interface the new active one
[  214.931941][ T9041] ip6gre1: entered promiscuous mode
[  214.935878][ T9041] bond2: (slave ip6gre1): Enslaving as an active interface with an up link
[  215.011786][ T9039] bond2 (unregistering): (slave ip6gre1): Releasing backup interface
[  215.024482][ T9039] ip6gre1: left promiscuous mode
[  215.029453][ T9039] bond2 (unregistering): Released all slaves
[  215.076874][ T9048] FAULT_INJECTION: forcing a failure.
[  215.076874][ T9048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.081701][ T9048] CPU: 0 UID: 0 PID: 9048 Comm: syz.1.846 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  215.081718][ T9048] Tainted: [L]=SOFTLOCKUP
[  215.081722][ T9048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  215.081728][ T9048] Call Trace:
[  215.081733][ T9048]  <TASK>
[  215.081737][ T9048]  dump_stack_lvl+0x100/0x190
[  215.081782][ T9048]  should_fail_ex.cold+0x5/0xa
[  215.081797][ T9048]  _copy_from_user+0x2e/0xd0
[  215.081812][ T9048]  memdup_user+0x6b/0xe0
[  215.081824][ T9048]  strndup_user+0x78/0xe0
[  215.081835][ T9048]  __do_sys_fsconfig+0x7ec/0xcb0
[  215.081853][ T9048]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  215.081870][ T9048]  ? ksys_write+0x1ac/0x250
[  215.081883][ T9048]  ? rcu_is_watching+0x12/0xc0
[  215.081897][ T9048]  __do_fast_syscall_32+0xe7/0x970
[  215.081913][ T9048]  ? lockdep_hardirqs_on+0x78/0x100
[  215.081928][ T9048]  do_fast_syscall_32+0x32/0x70
[  215.081943][ T9048]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.081956][ T9048] RIP: 0023:0xf702ef7c
[  215.081965][ T9048] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  215.081976][ T9048] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 00000000000001af
[  215.081986][ T9048] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000001
[  215.081993][ T9048] RDX: 0000000080000280 RSI: 00000000800008c0 RDI: 0000000000000000
[  215.081999][ T9048] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.082005][ T9048] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  215.082011][ T9048] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.082024][ T9048]  </TASK>
[  215.386345][ T9054] FAULT_INJECTION: forcing a failure.
[  215.386345][ T9054] name failslab, interval 1, probability 0, space 0, times 0
[  215.391585][ T9054] CPU: 2 UID: 0 PID: 9054 Comm: syz.3.849 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  215.391609][ T9054] Tainted: [L]=SOFTLOCKUP
[  215.391617][ T9054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  215.391626][ T9054] Call Trace:
[  215.391632][ T9054]  <TASK>
[  215.391639][ T9054]  dump_stack_lvl+0x100/0x190
[  215.391671][ T9054]  should_fail_ex.cold+0x5/0xa
[  215.391694][ T9054]  should_failslab+0xc2/0x120
[  215.391716][ T9054]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  215.391743][ T9054]  ? skb_clone+0x190/0x400
[  215.391765][ T9054]  skb_clone+0x190/0x400
[  215.391783][ T9054]  netlink_deliver_tap+0xaed/0xcc0
[  215.391811][ T9054]  netlink_unicast+0x62b/0x850
[  215.391836][ T9054]  ? __pfx_netlink_unicast+0x10/0x10
[  215.391863][ T9054]  netlink_sendmsg+0x8b0/0xda0
[  215.391891][ T9054]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.391916][ T9054]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  215.391938][ T9054]  ____sys_sendmsg+0x9e1/0xb70
[  215.391960][ T9054]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.391985][ T9054]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.392018][ T9054]  ___sys_sendmsg+0x190/0x1e0
[  215.392042][ T9054]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.392076][ T9054]  ? find_held_lock+0x2b/0x80
[  215.392111][ T9054]  __sys_sendmsg+0x170/0x220
[  215.392130][ T9054]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.392146][ T9054]  ? __fget_files+0x21f/0x3d0
[  215.392173][ T9054]  ? ksys_write+0x1ac/0x250
[  215.392196][ T9054]  ? rcu_is_watching+0x12/0xc0
[  215.392217][ T9054]  __do_fast_syscall_32+0xe7/0x970
[  215.392243][ T9054]  ? lockdep_hardirqs_on+0x78/0x100
[  215.392268][ T9054]  do_fast_syscall_32+0x32/0x70
[  215.392294][ T9054]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.392316][ T9054] RIP: 0023:0xf707ef7c
[  215.392329][ T9054] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  215.392346][ T9054] RSP: 002b:00000000f546d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  215.392369][ T9054] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  215.392380][ T9054] RDX: 000000000000c0c4 RSI: 0000000000000000 RDI: 0000000000000000
[  215.392388][ T9054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.392397][ T9054] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  215.392407][ T9054] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.392430][ T9054]  </TASK>
[  215.689619][ T9063] FAULT_INJECTION: forcing a failure.
[  215.689619][ T9063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.695129][ T9063] CPU: 3 UID: 0 PID: 9063 Comm: syz.3.853 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  215.695158][ T9063] Tainted: [L]=SOFTLOCKUP
[  215.695164][ T9063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  215.695175][ T9063] Call Trace:
[  215.695182][ T9063]  <TASK>
[  215.695189][ T9063]  dump_stack_lvl+0x100/0x190
[  215.695224][ T9063]  should_fail_ex.cold+0x5/0xa
[  215.695268][ T9063]  _copy_from_user+0x2e/0xd0
[  215.695293][ T9063]  copy_mount_options+0x76/0x190
[  215.695324][ T9063]  __ia32_sys_mount+0x1ab/0x310
[  215.695351][ T9063]  ? __pfx___ia32_sys_mount+0x10/0x10
[  215.695374][ T9063]  ? ksys_write+0x1ac/0x250
[  215.695397][ T9063]  ? rcu_is_watching+0x12/0xc0
[  215.695423][ T9063]  __do_fast_syscall_32+0xe7/0x970
[  215.695450][ T9063]  ? lockdep_hardirqs_on+0x78/0x100
[  215.695478][ T9063]  do_fast_syscall_32+0x32/0x70
[  215.695505][ T9063]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.695529][ T9063] RIP: 0023:0xf707ef7c
[  215.695544][ T9063] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  215.695562][ T9063] RSP: 002b:00000000f546d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  215.695581][ T9063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000280
[  215.695591][ T9063] RDX: 00000000800002c0 RSI: 0000000001000000 RDI: 0000000080000480
[  215.695603][ T9063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.695613][ T9063] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  215.695624][ T9063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.695647][ T9063]  </TASK>
[  217.527051][ T9093] FAULT_INJECTION: forcing a failure.
[  217.527051][ T9093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.531080][ T9093] CPU: 2 UID: 0 PID: 9093 Comm: syz.1.863 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  217.531096][ T9093] Tainted: [L]=SOFTLOCKUP
[  217.531100][ T9093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  217.531106][ T9093] Call Trace:
[  217.531110][ T9093]  <TASK>
[  217.531114][ T9093]  dump_stack_lvl+0x100/0x190
[  217.531135][ T9093]  should_fail_ex.cold+0x5/0xa
[  217.531148][ T9093]  _copy_from_iter+0x1f4/0x1690
[  217.531165][ T9093]  ? __asan_memset+0x23/0x50
[  217.531182][ T9093]  ? __pfx__copy_from_iter+0x10/0x10
[  217.531196][ T9093]  ? __pfx___alloc_skb+0x10/0x10
[  217.531232][ T9093]  netlink_sendmsg+0x808/0xda0
[  217.531249][ T9093]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.531265][ T9093]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  217.531278][ T9093]  ____sys_sendmsg+0x9e1/0xb70
[  217.531291][ T9093]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.531306][ T9093]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.531325][ T9093]  ___sys_sendmsg+0x190/0x1e0
[  217.531353][ T9093]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.531374][ T9093]  ? find_held_lock+0x2b/0x80
[  217.531395][ T9093]  __sys_sendmsg+0x170/0x220
[  217.531406][ T9093]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.531416][ T9093]  ? __fget_files+0x21f/0x3d0
[  217.531432][ T9093]  ? ksys_write+0x1ac/0x250
[  217.531444][ T9093]  ? rcu_is_watching+0x12/0xc0
[  217.531457][ T9093]  __do_fast_syscall_32+0xe7/0x970
[  217.531473][ T9093]  ? lockdep_hardirqs_on+0x78/0x100
[  217.531489][ T9093]  do_fast_syscall_32+0x32/0x70
[  217.531504][ T9093]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.531518][ T9093] RIP: 0023:0xf702ef7c
[  217.531526][ T9093] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  217.531536][ T9093] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  217.531547][ T9093] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  217.531553][ T9093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  217.531559][ T9093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  217.531565][ T9093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  217.531571][ T9093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.531584][ T9093]  </TASK>
[  217.706950][ T9096] netlink: 208240 bytes leftover after parsing attributes in process `syz.1.864'.
[  217.723187][ T9098] FAULT_INJECTION: forcing a failure.
[  217.723187][ T9098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.730699][ T9098] CPU: 2 UID: 0 PID: 9098 Comm: syz.2.865 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  217.730717][ T9098] Tainted: [L]=SOFTLOCKUP
[  217.730721][ T9098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  217.730727][ T9098] Call Trace:
[  217.730731][ T9098]  <TASK>
[  217.730735][ T9098]  dump_stack_lvl+0x100/0x190
[  217.730757][ T9098]  should_fail_ex.cold+0x5/0xa
[  217.730771][ T9098]  _copy_from_iter+0x1f4/0x1690
[  217.730792][ T9098]  ? __asan_memset+0x23/0x50
[  217.730808][ T9098]  ? __pfx__copy_from_iter+0x10/0x10
[  217.730823][ T9098]  ? __pfx___alloc_skb+0x10/0x10
[  217.730833][ T9098]  ? __pfx___might_resched+0x10/0x10
[  217.730848][ T9098]  netlink_sendmsg+0x808/0xda0
[  217.730865][ T9098]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.730880][ T9098]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  217.730893][ T9098]  ____sys_sendmsg+0x9e1/0xb70
[  217.730906][ T9098]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.730920][ T9098]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.730939][ T9098]  ___sys_sendmsg+0x190/0x1e0
[  217.730954][ T9098]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.730974][ T9098]  ? find_held_lock+0x2b/0x80
[  217.730994][ T9098]  __sys_sendmsg+0x170/0x220
[  217.731005][ T9098]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.731015][ T9098]  ? __fget_files+0x21f/0x3d0
[  217.731030][ T9098]  ? ksys_write+0x1ac/0x250
[  217.731043][ T9098]  ? rcu_is_watching+0x12/0xc0
[  217.731056][ T9098]  __do_fast_syscall_32+0xe7/0x970
[  217.731072][ T9098]  ? lockdep_hardirqs_on+0x78/0x100
[  217.731088][ T9098]  do_fast_syscall_32+0x32/0x70
[  217.731103][ T9098]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.731116][ T9098] RIP: 0023:0xf7fb4f7c
[  217.731126][ T9098] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  217.731136][ T9098] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  217.731146][ T9098] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001a40
[  217.731153][ T9098] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  217.731159][ T9098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  217.731165][ T9098] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  217.731170][ T9098] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.731183][ T9098]  </TASK>
[  218.909172][ T9113] syzkaller0: entered promiscuous mode
[  218.911488][ T9113] syzkaller0: entered allmulticast mode
[  218.996823][ T9117] netlink: 72 bytes leftover after parsing attributes in process `syz.0.869'.
[  219.497403][ T9134] could not allocate digest TFM handle md4-generic
[  219.724411][ T2318] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  219.874375][ T2318] usb 6-1: Using ep0 maxpacket: 32
[  219.877319][ T2318] usb 6-1: config 1 interface 0 altsetting 3 bulk endpoint 0x82 has invalid maxpacket 16
[  219.880405][ T2318] usb 6-1: config 1 interface 0 has no altsetting 0
[  219.883925][ T2318] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  219.888026][ T2318] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.891235][ T2318] usb 6-1: Product: 㢈肋女硙࡯᮰飆቎맆ⴅ뻈摡뺻펃睗趏鿪ﰠ퀷쮪㞼탗摽ᤍ엃攀聠狯뒖⣒ޓ豚羧鍄ꓤ瘋莉曾珟䉺ﰀ殷齸
[  219.898022][ T2318] usb 6-1: Manufacturer: 㡇览䊏鸽꩘㝆ⳮ潞릺ꞷ鞆뽍﬉简㺚껎둢爁᠑쿗㟶낥ഹহ┌䗘罇鏷⸁攞饭ဆ婺竴쑯礝糤⚰玀􎘶⦌턷櫙浊砛抷矧풥ഌ喼Ꮨ㠻៌ᵸ䴿霊嘰䚊㈬塚댳렌捠䷚ൔ䘭᲻ｫභ晜滏볫쵐앃ㅟ唺痦ꮘ䝒麞
[  219.915266][ T2318] usb 6-1: SerialNumber: syz
[  219.919700][ T9143] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  220.407203][ T9143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  220.430757][ T9134] could not allocate digest TFM handle sha256-asm
[  220.451474][ T9143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  220.464476][ T9134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  220.472247][ T9134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  220.498095][ T2318] usblp 6-1:1.0: usblp0: USB Bidirectional printer dev 19 if 0 alt 3 proto 3 vid 0x0525 pid 0xA4A8
[  220.513453][ T2318] usb 6-1: USB disconnect, device number 19
[  220.520022][ T2318] usblp0: removed
[  221.411625][ T9169] FAULT_INJECTION: forcing a failure.
[  221.411625][ T9169] name failslab, interval 1, probability 0, space 0, times 0
[  221.416054][ T9169] CPU: 2 UID: 0 PID: 9169 Comm: syz.1.883 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  221.416072][ T9169] Tainted: [L]=SOFTLOCKUP
[  221.416075][ T9169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  221.416082][ T9169] Call Trace:
[  221.416088][ T9169]  <TASK>
[  221.416093][ T9169]  dump_stack_lvl+0x100/0x190
[  221.416114][ T9169]  should_fail_ex.cold+0x5/0xa
[  221.416128][ T9169]  should_failslab+0xc2/0x120
[  221.416142][ T9169]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  221.416158][ T9169]  ? dst_alloc+0x99/0x1a0
[  221.416176][ T9169]  dst_alloc+0x99/0x1a0
[  221.416192][ T9169]  rt_dst_alloc+0x35/0x3a0
[  221.416208][ T9169]  ip_route_output_key_hash_rcu+0x87a/0x2870
[  221.416223][ T9169]  ip_route_output_key_hash+0x118/0x2b0
[  221.416235][ T9169]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  221.416250][ T9169]  ? find_held_lock+0x2b/0x80
[  221.416265][ T9169]  ip_route_output_flow+0x27/0x150
[  221.416277][ T9169]  udp_sendmsg+0x198a/0x2720
[  221.416293][ T9169]  ? __mutex_add_waiter+0x30/0x370
[  221.416319][ T9169]  ? __pfx_udp_sendmsg+0x10/0x10
[  221.416332][ T9169]  ? __lock_acquire+0x4a5/0x2630
[  221.416357][ T9169]  ? aa_sk_perm+0x309/0xaa0
[  221.416377][ T9169]  ? __pfx_udp_sendmsg+0x10/0x10
[  221.416391][ T9169]  inet_sendmsg+0x105/0x140
[  221.416408][ T9169]  ____sys_sendmsg+0x98d/0xb70
[  221.416421][ T9169]  ? __pfx_inet_sendmsg+0x10/0x10
[  221.416438][ T9169]  ? __pfx_____sys_sendmsg+0x10/0x10
[  221.416454][ T9169]  ? _kstrtoull+0x13c/0x1f0
[  221.416464][ T9169]  ? __pfx__kstrtoull+0x10/0x10
[  221.416476][ T9169]  ___sys_sendmsg+0x190/0x1e0
[  221.416491][ T9169]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.416505][ T9169]  ? __lock_acquire+0x4a5/0x2630
[  221.416535][ T9169]  __sys_sendmmsg+0x2ff/0x430
[  221.416547][ T9169]  ? __pfx___sys_sendmmsg+0x10/0x10
[  221.416562][ T9169]  ? __fget_files+0x215/0x3d0
[  221.416580][ T9169]  ? fput+0x79/0x100
[  221.416599][ T9169]  ? ksys_write+0x1ac/0x250
[  221.416612][ T9169]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  221.416625][ T9169]  ? lockdep_hardirqs_on+0x78/0x100
[  221.416641][ T9169]  __do_fast_syscall_32+0xe7/0x970
[  221.416656][ T9169]  ? lockdep_hardirqs_on+0x78/0x100
[  221.416671][ T9169]  do_fast_syscall_32+0x32/0x70
[  221.416686][ T9169]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.416700][ T9169] RIP: 0023:0xf702ef7c
[  221.416709][ T9169] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  221.416719][ T9169] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  221.416730][ T9169] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800005c0
[  221.416736][ T9169] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000000
[  221.416742][ T9169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.416749][ T9169] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  221.416754][ T9169] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.416767][ T9169]  </TASK>
[  221.572971][ T9171] af_packet: tpacket_rcv: packet too big, clamped from 65007 to 3952. macoff=96
[  223.250695][ T9202] lo: entered promiscuous mode
[  223.253520][ T9202] lo: entered allmulticast mode
[  223.257836][ T9202] tunl0: entered promiscuous mode
[  223.259916][ T9202] tunl0: entered allmulticast mode
[  223.263370][ T9202] gre0: entered promiscuous mode
[  223.265792][ T9202] gre0: entered allmulticast mode
[  223.270924][ T9202] gretap0: entered promiscuous mode
[  223.272816][ T9202] gretap0: entered allmulticast mode
[  223.275916][ T9202] erspan0: entered promiscuous mode
[  223.277521][ T9202] erspan0: entered allmulticast mode
[  223.280961][ T9202] ip_vti0: entered promiscuous mode
[  223.282612][ T9202] ip_vti0: entered allmulticast mode
[  223.286704][ T9202] ip6_vti0: entered promiscuous mode
[  223.289301][ T9202] ip6_vti0: entered allmulticast mode
[  223.292931][ T9202] sit0: entered promiscuous mode
[  223.298008][ T9202] sit0: entered allmulticast mode
[  223.317585][ T9202] ip6tnl0: entered promiscuous mode
[  223.320150][ T9202] ip6tnl0: entered allmulticast mode
[  223.325101][ T9202] ip6gre0: entered promiscuous mode
[  223.335405][ T9202] ip6gre0: entered allmulticast mode
[  223.339491][ T9202] syz_tun: entered promiscuous mode
[  223.341385][ T9202] syz_tun: entered allmulticast mode
[  223.348210][ T9202] ip6gretap0: entered promiscuous mode
[  223.359334][ T9202] ip6gretap0: entered allmulticast mode
[  223.372586][ T9202] bridge0: port 1(dummy0) entered blocking state
[  223.375364][ T9202] bridge0: port 1(dummy0) entered forwarding state
[  223.379869][ T9208] usb usb8: usbfs: process 9208 (syz.1.895) did not claim interface 0 before use
[  223.385961][ T9202] bridge0: entered promiscuous mode
[  223.386621][ T9208] FAULT_INJECTION: forcing a failure.
[  223.386621][ T9208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.391223][ T9202] bridge0: entered allmulticast mode
[  223.405470][ T9208] CPU: 0 UID: 0 PID: 9208 Comm: syz.1.895 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  223.405489][ T9208] Tainted: [L]=SOFTLOCKUP
[  223.405493][ T9208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  223.405499][ T9208] Call Trace:
[  223.405503][ T9208]  <TASK>
[  223.405508][ T9208]  dump_stack_lvl+0x100/0x190
[  223.405531][ T9208]  should_fail_ex.cold+0x5/0xa
[  223.405545][ T9208]  _copy_from_user+0x2e/0xd0
[  223.405560][ T9208]  kstrtouint_from_user+0xd6/0x1d0
[  223.405571][ T9208]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  223.405582][ T9208]  ? __lock_acquire+0x4a5/0x2630
[  223.405604][ T9208]  proc_fail_nth_write+0x83/0x220
[  223.405621][ T9208]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  223.405641][ T9208]  vfs_write+0x2aa/0x1070
[  223.405654][ T9208]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  223.405671][ T9208]  ? __pfx_vfs_write+0x10/0x10
[  223.405682][ T9208]  ? find_held_lock+0x2b/0x80
[  223.405695][ T9208]  ? __fget_files+0x215/0x3d0
[  223.405710][ T9208]  ? __fget_files+0x21f/0x3d0
[  223.405726][ T9208]  ksys_write+0x12a/0x250
[  223.405737][ T9208]  ? __pfx_ksys_write+0x10/0x10
[  223.405750][ T9208]  ? rcu_is_watching+0x12/0xc0
[  223.405771][ T9208]  do_int80_emulation+0x14b/0x720
[  223.405789][ T9208]  asm_int80_emulation+0x1a/0x20
[  223.405799][ T9208] RIP: 0023:0xf71661ab
[  223.405809][ T9208] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  223.405819][ T9208] RSP: 002b:00000000f541d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  223.405830][ T9208] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f541d5d0
[  223.405837][ T9208] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  223.405843][ T9208] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  223.405849][ T9208] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  223.405855][ T9208] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.405867][ T9208]  </TASK>
[  223.482668][ T9202] vcan0: entered promiscuous mode
[  223.486755][ T9202] vcan0: entered allmulticast mode
[  223.494750][ T9202] team0: entered promiscuous mode
[  223.496923][ T9202] team0: entered allmulticast mode
[  223.501071][ T9202] 8021q: adding VLAN 0 to HW filter on device team0
[  223.511035][ T9202] nlmon0: entered promiscuous mode
[  223.513297][ T9202] nlmon0: entered allmulticast mode
[  223.521760][ T9202] batadv0: entered promiscuous mode
[  223.524054][ T9202] batadv0: entered allmulticast mode
[  223.529840][ T9202] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.535530][ T9202] vxcan0: entered promiscuous mode
[  223.538000][ T9202] vxcan0: entered allmulticast mode
[  223.543271][ T9202] vxcan1: entered promiscuous mode
[  223.546072][ T9202] vxcan1: entered allmulticast mode
[  223.551262][ T9202] veth0: entered promiscuous mode
[  223.553377][ T9202] veth0: entered allmulticast mode
[  223.560704][ T9202] veth1: entered promiscuous mode
[  223.562898][ T9202] veth1: entered allmulticast mode
[  223.575601][ T9202] wg0: entered promiscuous mode
[  223.577601][ T9202] wg0: entered allmulticast mode
[  223.606439][ T9202] wg1: entered promiscuous mode
[  223.608669][ T9202] wg1: entered allmulticast mode
[  223.614735][ T9202] wg2: entered promiscuous mode
[  223.620715][ T9202] wg2: entered allmulticast mode
[  223.625586][ T9202] veth0_to_bridge: entered promiscuous mode
[  223.628357][ T9202] veth0_to_bridge: entered allmulticast mode
[  223.632696][ T9202] bridge_slave_0: entered promiscuous mode
[  223.635855][ T9202] bridge_slave_0: entered allmulticast mode
[  223.639447][ T9202] veth1_to_bridge: entered promiscuous mode
[  223.642040][ T9202] veth1_to_bridge: entered allmulticast mode
[  223.646319][ T9202] bridge_slave_1: entered promiscuous mode
[  223.649036][ T9202] bridge_slave_1: entered allmulticast mode
[  223.653017][ T9202] veth0_to_bond: entered promiscuous mode
[  223.655761][ T9202] veth0_to_bond: entered allmulticast mode
[  223.660155][ T9202] bond_slave_0: entered promiscuous mode
[  223.662906][ T9202] bond_slave_0: entered allmulticast mode
[  223.667169][ T9202] veth1_to_bond: entered promiscuous mode
[  223.669943][ T9202] veth1_to_bond: entered allmulticast mode
[  223.674034][ T9202] bond_slave_1: entered promiscuous mode
[  223.676513][ T9214] program syz.1.896 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  223.679542][ T9202] bond_slave_1: entered allmulticast mode
[  223.682223][ T9202] veth0_to_team: entered promiscuous mode
[  223.684014][ T9202] veth0_to_team: entered allmulticast mode
[  223.688737][ T9202] team_slave_0: entered promiscuous mode
[  223.691425][ T9202] team_slave_0: entered allmulticast mode
[  223.693705][ T9202] veth1_to_team: entered promiscuous mode
[  223.695760][ T9202] veth1_to_team: entered allmulticast mode
[  223.698840][ T9202] team_slave_1: entered promiscuous mode
[  223.701979][ T9202] team_slave_1: entered allmulticast mode
[  223.705682][ T9202] veth0_to_batadv: entered promiscuous mode
[  223.707411][ T9202] veth0_to_batadv: entered allmulticast mode
[  223.710702][ T9202] batadv_slave_0: entered promiscuous mode
[  223.712597][ T9202] batadv_slave_0: entered allmulticast mode
[  223.715092][ T9202] veth1_to_batadv: entered promiscuous mode
[  223.716923][ T9202] veth1_to_batadv: entered allmulticast mode
[  223.719696][ T9202] batadv_slave_1: entered promiscuous mode
[  223.721522][ T9202] batadv_slave_1: entered allmulticast mode
[  223.723929][ T9202] xfrm0: entered promiscuous mode
[  223.725580][ T9202] xfrm0: entered allmulticast mode
[  223.728806][ T9202] veth0_to_hsr: entered promiscuous mode
[  223.730583][ T9202] veth0_to_hsr: entered allmulticast mode
[  223.733153][ T9202] hsr_slave_0: entered allmulticast mode
[  223.736128][ T9202] veth1_to_hsr: entered promiscuous mode
[  223.738407][ T9202] veth1_to_hsr: entered allmulticast mode
[  223.743377][ T9202] hsr_slave_1: entered allmulticast mode
[  224.048251][ T9225] 9pnet_virtio: no channels available for device syz
[  224.159915][ T9232] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  224.162163][ T9232] IPv6: NLM_F_CREATE should be set when creating new route
[  224.164465][ T9232] IPv6: NLM_F_CREATE should be set when creating new route
[  224.166705][ T9232] IPv6: NLM_F_CREATE should be set when creating new route
[  224.277357][ T9235] 9pnet_fd: Insufficient options for proto=fd
[  224.501670][ T9241] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  224.612541][ T9246] FAULT_INJECTION: forcing a failure.
[  224.612541][ T9246] name failslab, interval 1, probability 0, space 0, times 0
[  224.616479][ T9246] CPU: 2 UID: 0 PID: 9246 Comm: syz.3.904 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  224.616496][ T9246] Tainted: [L]=SOFTLOCKUP
[  224.616499][ T9246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  224.616506][ T9246] Call Trace:
[  224.616510][ T9246]  <TASK>
[  224.616514][ T9246]  dump_stack_lvl+0x100/0x190
[  224.616536][ T9246]  should_fail_ex.cold+0x5/0xa
[  224.616549][ T9246]  should_failslab+0xc2/0x120
[  224.616563][ T9246]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  224.616579][ T9246]  ? skb_clone+0x190/0x400
[  224.616597][ T9246]  skb_clone+0x190/0x400
[  224.616608][ T9246]  netlink_deliver_tap+0xaed/0xcc0
[  224.616624][ T9246]  netlink_unicast+0x62b/0x850
[  224.616640][ T9246]  ? __pfx_netlink_unicast+0x10/0x10
[  224.616657][ T9246]  netlink_sendmsg+0x8b0/0xda0
[  224.616673][ T9246]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.616688][ T9246]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  224.616702][ T9246]  ____sys_sendmsg+0x9e1/0xb70
[  224.616715][ T9246]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.616730][ T9246]  ? __pfx_____sys_sendmsg+0x10/0x10
[  224.616749][ T9246]  ___sys_sendmsg+0x190/0x1e0
[  224.616764][ T9246]  ? __pfx____sys_sendmsg+0x10/0x10
[  224.616784][ T9246]  ? find_held_lock+0x2b/0x80
[  224.616806][ T9246]  __sys_sendmsg+0x170/0x220
[  224.616817][ T9246]  ? __pfx___sys_sendmsg+0x10/0x10
[  224.616826][ T9246]  ? __fget_files+0x21f/0x3d0
[  224.616842][ T9246]  ? ksys_write+0x1ac/0x250
[  224.616855][ T9246]  ? rcu_is_watching+0x12/0xc0
[  224.616869][ T9246]  __do_fast_syscall_32+0xe7/0x970
[  224.616885][ T9246]  ? lockdep_hardirqs_on+0x78/0x100
[  224.616901][ T9246]  do_fast_syscall_32+0x32/0x70
[  224.616916][ T9246]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  224.616930][ T9246] RIP: 0023:0xf707ef7c
[  224.616939][ T9246] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  224.616949][ T9246] RSP: 002b:00000000f546d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  224.616960][ T9246] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009b40
[  224.616966][ T9246] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  224.616972][ T9246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  224.616979][ T9246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  224.616984][ T9246] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  224.616997][ T9246]  </TASK>
[  224.617018][ T9246] netlink: 888 bytes leftover after parsing attributes in process `syz.3.904'.
[  225.369926][ T9268] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.910'.
[  226.102356][ T9277] netlink: 20 bytes leftover after parsing attributes in process `syz.2.913'.
[  226.105245][ T9277] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  226.202332][ T9284] netlink: 40 bytes leftover after parsing attributes in process `syz.1.915'.
[  226.647553][ T9290] 9pnet_fd: Insufficient options for proto=fd
[  226.873847][ T9298] x_tables: duplicate underflow at hook 1
[  228.275705][ T9333] IPv6: NLM_F_REPLACE set, but no existing node found!
[  228.285977][ T9333] input: syz0 as /devices/virtual/input/input16
[  228.790305][ T9347] 9pnet_virtio: no channels available for device syz
[  228.850244][ T9348] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.853249][ T9348] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.930389][ T9348] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.933317][ T9348] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.986518][ T9348] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.990530][ T9348] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.051166][ T9348] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  229.055179][ T9348] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.141949][ T1204] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  229.145774][ T1204] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.160527][ T1204] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  229.163865][ T1204] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.182512][ T1204] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  229.185816][ T1204] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.189006][ T1204] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  229.192308][ T1204] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.652927][ T9354] wg2 speed is unknown, defaulting to 1000
[  229.971517][ T9368] input: syz0 as /devices/virtual/input/input17
[  230.224558][ T5829] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  230.385708][ T5829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.389915][ T5829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.393583][ T5829] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  230.399138][ T5829] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  230.402567][ T5829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.407620][ T5829] usb 5-1: config 0 descriptor??
[  230.817717][ T5829] hid_parser_main: 5 callbacks suppressed
[  230.817736][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.840143][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.844967][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.854363][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.860036][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.865268][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.873025][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.877897][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.880687][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.882988][ T5829] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  230.896630][ T5829] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  231.371160][ T9403] netlink: 'syz.3.952': attribute type 1 has an invalid length.
[  231.445424][ T9403] 8021q: adding VLAN 0 to HW filter on device bond3
[  231.450915][ T9403] bond2: (slave bond3): making interface the new active one
[  231.455301][ T9403] bond2: (slave bond3): Enslaving as an active interface with an up link
[  231.784086][ T9419] netlink: 28 bytes leftover after parsing attributes in process `syz.1.957'.
[  232.074688][ T9432] netlink: 24 bytes leftover after parsing attributes in process `syz.1.962'.
[  232.202147][ T9368] usb 5-1: string descriptor 0 read error: -2
[  232.277142][ T9440] syzkaller0: entered promiscuous mode
[  232.278923][ T9440] syzkaller0: entered allmulticast mode
[  232.293673][ T9440] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  232.299371][ T9439] tipc: Resetting bearer <eth:syzkaller0>
[  232.309219][ T9439] tipc: Disabling bearer <eth:syzkaller0>
[  233.022171][ T5893] usb 5-1: USB disconnect, device number 14
[  233.360168][ T9457] netlink: 'syz.2.971': attribute type 21 has an invalid length.
[  233.362545][ T9457] IPv6: NLM_F_CREATE should be specified when creating new route
[  233.365560][ T9457] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  233.367919][ T9457] IPv6: NLM_F_CREATE should be set when creating new route
[  233.370064][ T9457] IPv6: NLM_F_CREATE should be set when creating new route
[  233.372199][ T9457] IPv6: NLM_F_CREATE should be set when creating new route
[  233.714365][ T5894] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  233.864386][ T5894] usb 7-1: Using ep0 maxpacket: 8
[  233.868699][ T5894] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  233.871823][ T5894] usb 7-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  233.876259][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  233.879934][ T5894] usb 7-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  233.883522][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  233.887268][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  233.890883][ T5894] usb 7-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  233.895050][ T5894] usb 7-1: config 168 interface 0 has no altsetting 0
[  233.898390][ T5894] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  233.900739][ T5894] usb 7-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  233.904237][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  233.907741][ T5894] usb 7-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  233.911266][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  233.914815][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  233.918249][ T5894] usb 7-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  233.922184][ T5894] usb 7-1: config 168 interface 0 has no altsetting 0
[  233.925094][ T5894] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  233.927414][ T5894] usb 7-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  233.930737][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  233.934134][ T5894] usb 7-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  233.938049][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  233.941556][ T5894] usb 7-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  233.945132][ T5894] usb 7-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  233.949375][ T5894] usb 7-1: config 168 interface 0 has no altsetting 0
[  233.953623][ T5894] usb 7-1: string descriptor 0 read error: -22
[  233.955854][ T5894] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  233.958618][ T5894] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.968312][ T5894] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  234.258106][ T5830] usb 7-1: USB disconnect, device number 14
[  235.292947][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[  235.316145][ T9492] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  235.836943][ T9498] tmpfs: Bad value for 'mpol'
[  236.207031][ T9505] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  236.209556][ T9505] overlayfs: failed to set xattr on upper
[  236.211515][ T9505] overlayfs: ...falling back to redirect_dir=nofollow.
[  236.213689][ T9505] overlayfs: ...falling back to index=off.
[  236.216228][ T9505] overlayfs: ...falling back to uuid=null.
[  236.219040][ T9505] overlayfs: conflicting lowerdir path
[  236.265178][ T9507] Illegal XDP return value 4294967274 on prog  (id 94) dev N/A, expect packet loss!
[  236.296130][ T9507] input: syz1 as /devices/virtual/input/input18
[  236.420322][ T9509] netlink: 512 bytes leftover after parsing attributes in process `syz.0.990'.
[  237.334395][ T5761] Bluetooth: hci4: command 0x1003 tx timeout
[  237.334468][ T5758] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  237.438538][ T9527] netlink: 40 bytes leftover after parsing attributes in process `syz.3.994'.
[  237.502884][   T40] audit: type=1326 audit(1780832626.644:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.513635][   T40] audit: type=1326 audit(1780832626.644:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.528344][   T40] audit: type=1326 audit(1780832626.644:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.536165][   T40] audit: type=1326 audit(1780832626.644:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.553375][   T40] audit: type=1326 audit(1780832626.644:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.568533][   T40] audit: type=1326 audit(1780832626.654:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.585146][   T40] audit: type=1326 audit(1780832626.654:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.602265][   T40] audit: type=1326 audit(1780832626.654:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.609865][ T5894] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  237.612247][   T40] audit: type=1326 audit(1780832626.654:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.619185][   T40] audit: type=1326 audit(1780832626.654:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9525 comm="syz.2.996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4f7c code=0x7ffc0000
[  237.790098][ T9524] FAULT_INJECTION: forcing a failure.
[  237.790098][ T9524] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  237.795632][ T9524] CPU: 1 UID: 0 PID: 9524 Comm: syz.1.995 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  237.795675][ T9524] Tainted: [L]=SOFTLOCKUP
[  237.795682][ T9524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  237.795692][ T9524] Call Trace:
[  237.795699][ T9524]  <TASK>
[  237.795705][ T9524]  dump_stack_lvl+0x100/0x190
[  237.795740][ T9524]  should_fail_ex.cold+0x5/0xa
[  237.795758][ T9524]  ? prepare_alloc_pages+0x16d/0x5f0
[  237.795785][ T9524]  should_fail_alloc_page+0xeb/0x140
[  237.795810][ T9524]  prepare_alloc_pages+0x1f0/0x5f0
[  237.795838][ T9524]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  237.795871][ T9524]  ? __page_table_check_zero+0x338/0x410
[  237.795897][ T9524]  ? post_alloc_hook+0xed/0x120
[  237.795925][ T9524]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  237.795958][ T9524]  ? __pfx___might_resched+0x10/0x10
[  237.795988][ T9524]  ? __lock_acquire+0x4a5/0x2630
[  237.796016][ T9524]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  237.796043][ T9524]  ? policy_nodemask+0xed/0x4f0
[  237.796083][ T9524]  alloc_pages_mpol+0x1fb/0x540
[  237.796105][ T9524]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  237.796128][ T9524]  ? filemap_get_entry+0x22d/0x450
[  237.796146][ T9524]  ? filemap_get_entry+0x22d/0x450
[  237.796167][ T9524]  folio_alloc_noprof+0x22/0x250
[  237.796192][ T9524]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[  237.796220][ T9524]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  237.796251][ T9524]  __filemap_get_folio_mpol+0x6a4/0xe70
[  237.796277][ T9524]  filemap_fault+0x888/0x2e90
[  237.796302][ T9524]  ? __pfx_filemap_fault+0x10/0x10
[  237.796324][ T9524]  ? blk_cgroup_congested+0x136/0x270
[  237.796351][ T9524]  ? blk_cgroup_congested+0x136/0x270
[  237.796384][ T9524]  ? __pfx_filemap_map_pages+0x10/0x10
[  237.796409][ T9524]  __do_fault+0x10b/0x440
[  237.796430][ T9524]  do_fault+0xeb2/0x1750
[  237.796462][ T9524]  __handle_mm_fault+0x187d/0x2a00
[  237.796492][ T9524]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  237.796514][ T9524]  ? __pfx___handle_mm_fault+0x10/0x10
[  237.796542][ T9524]  ? pte_offset_map_lock+0x174/0x320
[  237.796562][ T9524]  ? find_held_lock+0x2b/0x80
[  237.796592][ T9524]  ? follow_page_pte+0x4d0/0x13f0
[  237.796635][ T9524]  handle_mm_fault+0x37b/0xa30
[  237.796667][ T9524]  __get_user_pages+0x1178/0x32a0
[  237.796699][ T9524]  ? __pfx___get_user_pages+0x10/0x10
[  237.796728][ T9524]  populate_vma_page_range+0x267/0x3f0
[  237.796752][ T9524]  ? __pfx_populate_vma_page_range+0x10/0x10
[  237.796775][ T9524]  ? __pfx_find_vma_intersection+0x10/0x10
[  237.796797][ T9524]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  237.796828][ T9524]  __mm_populate+0x107/0x3a0
[  237.796853][ T9524]  ? __pfx___mm_populate+0x10/0x10
[  237.796877][ T9524]  ? up_write+0x28c/0x4f0
[  237.796897][ T9524]  do_mlock+0x3f0/0x7f0
[  237.796928][ T9524]  ? __pfx_do_mlock+0x10/0x10
[  237.796958][ T9524]  ? fput+0x79/0x100
[  237.796983][ T9524]  ? ksys_write+0x1ac/0x250
[  237.797009][ T9524]  __ia32_sys_mlock+0x57/0x80
[  237.797026][ T9524]  __do_fast_syscall_32+0xe7/0x970
[  237.797051][ T9524]  ? lockdep_hardirqs_on+0x78/0x100
[  237.797078][ T9524]  do_fast_syscall_32+0x32/0x70
[  237.797104][ T9524]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  237.797125][ T9524] RIP: 0023:0xf702ef7c
[  237.797140][ T9524] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  237.797157][ T9524] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000096
[  237.797173][ T9524] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000800000
[  237.797184][ T9524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  237.797194][ T9524] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  237.797203][ T9524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  237.797214][ T9524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  237.797238][ T9524]  </TASK>
[  238.099012][ T5894] usb 6-1: unable to get BOS descriptor or descriptor too short
[  238.102074][ T5894] usb 6-1: unable to read config index 0 descriptor/start: -71
[  238.104908][ T5894] usb 6-1: can't read configurations, error -71
[  238.370981][ T9542] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1000'.
[  238.630238][ T9546] bond0: left promiscuous mode
[  238.632015][ T9546] bond3: left promiscuous mode
[  238.814237][ T9550] overlayfs: upper fs does not support tmpfile.
[  239.234212][   T46] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  239.240485][   T46] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.514188][   T46] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  239.517474][   T46] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.566207][ T9553] wg2 speed is unknown, defaulting to 1000
[  239.637015][   T46] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  239.645396][   T46] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.679099][ T5761] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  239.686609][ T5761] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  239.690224][ T5761] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  239.693867][ T5761] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  239.696568][ T5761] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  239.708920][ T5758] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  239.713902][ T5758] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  239.724488][ T5758] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  239.735929][   T46] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  239.741702][ T5758] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  239.745632][ T5758] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  239.748767][   T46] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.037167][   T46] team0: left allmulticast mode
[  240.040070][   T46] team_slave_0: left allmulticast mode
[  240.042489][   T46] team_slave_1: left allmulticast mode
[  240.049104][   T46] bridge0: port 4(team0) entered disabled state
[  240.057264][   T46] dummy0: left allmulticast mode
[  240.060823][   T46] bridge0: port 3(dummy0) entered disabled state
[  240.068945][   T46] bridge_slave_1: left allmulticast mode
[  240.071407][   T46] bridge_slave_1: left promiscuous mode
[  240.073852][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.087194][   T46] bridge_slave_0: left allmulticast mode
[  240.089633][   T46] bridge_slave_0: left promiscuous mode
[  240.092110][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.457853][   T46] bond1 (unregistering): (slave bridge2): Releasing backup interface
[  240.460647][   T46] bridge2 (unregistering): left promiscuous mode
[  240.462746][   T46] bridge2 (unregistering): left allmulticast mode
[  240.531202][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  240.562590][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  240.571254][   T46] bond0 (unregistering): Released all slaves
[  240.593533][   T46] bond1 (unregistering): Released all slaves
[  240.610125][   T46] bond2 (unregistering): Released all slaves
[  240.629521][ T5456] 8021q: adding VLAN 0 to HW filter on device eth2
[  240.650205][ T5860] wg2 speed is unknown, defaulting to 1000
[  240.656920][ T5860] syz2: Port: 1 Link DOWN
[  240.666062][ T5860] wg2 speed is unknown, defaulting to 1000
[  240.832505][   T46] tipc: Left network mode
[  240.880272][   T46] IPVS: stopping backup sync thread 8888 ...
[  241.083135][ T5456] 8021q: adding VLAN 0 to HW filter on device eth3
[  241.451531][ T5456] 8021q: adding VLAN 0 to HW filter on device eth4
[  241.586448][ T5456] 8021q: adding VLAN 0 to HW filter on device eth5
[  241.729387][ T9557] wg2 speed is unknown, defaulting to 1000
[  241.823327][ T5761] Bluetooth: hci0: command tx timeout
[  242.362039][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  242.642574][ T9650] fuse: Bad value for 'user_id'
[  242.644160][ T9650] fuse: Bad value for 'user_id'
[  242.736271][   T46] hsr_slave_0: left promiscuous mode
[  242.739510][   T46] hsr_slave_1: left promiscuous mode
[  242.742360][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.745928][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.750694][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.753029][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.766633][   T46] veth1_macvtap: left promiscuous mode
[  242.769698][   T46] veth0_macvtap: left promiscuous mode
[  242.805693][   T46] veth1_vlan: left promiscuous mode
[  242.807723][   T46] veth0_vlan: left promiscuous mode
[  243.102424][   T46] team_slave_1 (unregistering): left promiscuous mode
[  243.111901][   T46] team0 (unregistering): Port device team_slave_1 removed
[  243.119733][   T46] team_slave_0 (unregistering): left promiscuous mode
[  243.124409][   T46] team0 (unregistering): Port device team_slave_0 removed
[  243.162060][ T1164] smc: removing ib device syz2
[  243.227100][ T1164] smbdirect: ib_dev[syz2] removed
[  243.466049][ T9557] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.470546][ T9557] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.479979][ T9557] bridge_slave_0: entered allmulticast mode
[  243.485978][ T9557] bridge_slave_0: entered promiscuous mode
[  243.502624][ T9557] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.505484][ T9557] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.508179][ T9557] bridge_slave_1: entered allmulticast mode
[  243.811290][ T9557] bridge_slave_1: entered promiscuous mode
[  243.819551][ T9673] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.894389][ T5761] Bluetooth: hci0: command tx timeout
[  243.918026][ T9677] No control pipe specified
[  243.931140][ T9677] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  244.013150][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  244.013198][   T40] audit: type=1800 audit(1780832633.154:1519): pid=9681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1024" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  244.101001][ T9557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.174775][ T9557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.224374][ T9557] team0: Port device team_slave_0 added
[  244.233970][ T9557] team0: Port device team_slave_1 added
[  244.408310][ T9557] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.413142][ T9557] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  244.421258][ T9557] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.429462][ T9557] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.431757][ T9557] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  244.439648][ T9557] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.492488][ T9557] hsr_slave_0: entered promiscuous mode
[  244.495274][ T9557] hsr_slave_1: entered promiscuous mode
[  244.503758][ T9557] debugfs: 'hsr0' already exists in 'hsr'
[  244.505649][ T9557] Cannot create hsr debugfs directory
[  244.930443][ T9557] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  244.941197][ T9557] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  244.946242][ T9557] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  244.947277][ T9687] hub 8-0:1.0: USB hub found
[  244.955574][ T9557] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  244.959335][ T9687] hub 8-0:1.0: 1 port detected
[  244.963906][ T9557] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  244.968837][ T9557] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  244.971768][ T9557] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  244.985186][ T9557] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  245.038732][ T9557] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.052213][ T9557] 8021q: adding VLAN 0 to HW filter on device team0
[  245.057202][ T1164] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.059535][ T1164] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.064918][ T1204] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.067185][ T1204] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.246598][   T46] IPVS: stop unused estimator thread 0...
[  245.688967][ T9557] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.720637][ T9712] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1028'.
[  245.959605][ T9557] veth0_vlan: entered promiscuous mode
[  245.968029][ T9557] veth1_vlan: entered promiscuous mode
[  245.974679][ T5761] Bluetooth: hci0: command tx timeout
[  245.998478][ T9723] input: syz1 as /devices/virtual/input/input19
[  246.006743][ T9557] veth0_macvtap: entered promiscuous mode
[  246.012195][ T9557] veth1_macvtap: entered promiscuous mode
[  246.030498][ T9557] batman_adv: batadv0: Interface activated: batadv_slave_0
[  246.039191][ T9557] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.049810][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.057831][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.066714][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.073245][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.106305][ T9725] No control pipe specified
[  246.109049][   T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.111483][   T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.118612][ T9725] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  246.144719][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.149016][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.239331][ T9727] program syz.0.1032 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  247.119259][ T5644] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  247.285515][ T5644] usb 7-1: Using ep0 maxpacket: 16
[  247.318953][ T9750] No control pipe specified
[  247.327540][ T9750] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  247.415474][ T5644] usb 7-1: config 0 has an invalid interface number: 8 but max is 0
[  247.422196][ T5644] usb 7-1: config 0 has no interface number 0
[  247.424716][ T5644] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  247.430300][ T5644] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  247.444771][ T5644] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  247.448927][ T5644] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  247.454533][ T5644] usb 7-1: Product: syz
[  247.456357][ T5644] usb 7-1: SerialNumber: syz
[  247.470303][ T5644] usb 7-1: config 0 descriptor??
[  247.489053][ T5644] cm109 7-1:0.8: invalid payload size 0, expected 4
[  247.508867][ T5644] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input20
[  247.711011][ T9757] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  247.713605][ T9757] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  247.717204][ T9757] vhci_hcd vhci_hcd.0: Device attached
[  247.832039][    C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[  247.832533][ T2318] usb 7-1: USB disconnect, device number 15
[  247.834320][    C0] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  247.878465][ T2318] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  247.923551][   T62] block nbd1: Receive control failed (result -32)
[  247.950146][ T9741] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  248.054485][   T62] Bluetooth: hci0: command tx timeout
[  248.099837][ T9775] ./bus: Can't lookup blockdev
[  248.117316][   T29] usb 38-1: SetAddress Request (2) to port 0
[  248.124536][   T29] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  248.162194][ T9777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1045'.
[  248.203442][ T9759] vhci_hcd: connection reset by peer
[  248.207707][ T1164] vhci_hcd vhci_hcd.0: stop threads
[  248.209955][ T1164] vhci_hcd vhci_hcd.0: release socket
[  248.212179][ T1164] vhci_hcd vhci_hcd.0: disconnect device
[  248.518462][ T9784] siw: device registration error -23
[  248.523114][ T9784] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1047'.
[  248.530725][ T1204] smc: removing ib device syz1
[  248.538792][ T9784] bond0 (unregistering): (slave bond3): Releasing backup interface
[  248.543063][ T9784] bond0 (unregistering): Released all slaves
[  248.572334][ T1204] smbdirect: ib_dev[syz1] removed
[  249.053908][ T9788] overlayfs: upper fs does not support tmpfile.
[  249.645570][ T9809] bridge0: port 1(dummy0) entered disabled state
[  249.657631][ T9809] comedi comedi0: Minor 9 could not be opened
[  249.703440][ T9808] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  249.706083][ T9808] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  249.710640][ T9808] vhci_hcd vhci_hcd.0: Device attached
[  249.976571][ T5830] usb 44-1: SetAddress Request (6) to port 0
[  249.984413][ T5830] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  250.067608][ T9811] syz_tun (unregistering): left allmulticast mode
[  250.249737][ T5753] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  250.257499][ T5753] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  250.261690][ T5753] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  250.265695][ T5753] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  250.269622][ T5753] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  250.395780][   T62] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  250.407673][   T62] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  250.411374][   T62] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  250.416705][   T62] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  250.421795][   T62] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  250.482174][ T9812] vhci_hcd: connection reset by peer
[  250.487905][ T1204] vhci_hcd vhci_hcd.3: stop threads
[  250.489788][ T1204] vhci_hcd vhci_hcd.3: release socket
[  250.497526][ T1204] vhci_hcd vhci_hcd.3: disconnect device
[  250.943164][ T9817] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.946897][ T9817] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.949933][ T9817] bridge_slave_0: entered allmulticast mode
[  250.953904][ T9817] bridge_slave_0: entered promiscuous mode
[  250.961726][ T9817] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.965105][ T9817] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.968125][ T9817] bridge_slave_1: entered allmulticast mode
[  250.971938][ T9817] bridge_slave_1: entered promiscuous mode
[  251.000937][ T9817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  251.009018][ T9817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  251.032292][ T9817] team0: Port device team_slave_0 added
[  251.044416][ T9817] team0: Port device team_slave_1 added
[  251.076187][ T9817] batman_adv: batadv0: Adding interface: batadv_slave_0
[  251.078549][ T9817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  251.086921][ T9817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  251.095370][ T9817] batman_adv: batadv0: Adding interface: batadv_slave_1
[  251.097845][ T9817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  251.108036][ T9817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  251.175931][ T9825] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.179745][ T9825] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.183022][ T9825] bridge_slave_0: entered allmulticast mode
[  251.189927][ T9825] bridge_slave_0: entered promiscuous mode
[  251.197273][ T9817] hsr_slave_0: entered promiscuous mode
[  251.200152][ T9817] hsr_slave_1: entered promiscuous mode
[  251.202247][ T9817] debugfs: 'hsr0' already exists in 'hsr'
[  251.204641][ T9817] Cannot create hsr debugfs directory
[  251.207300][ T9825] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.210473][ T9825] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.213292][ T9825] bridge_slave_1: entered allmulticast mode
[  251.217016][ T9825] bridge_slave_1: entered promiscuous mode
[  251.274576][ T9825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  251.281162][ T9825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  251.323839][ T9825] team0: Port device team_slave_0 added
[  251.335827][ T9825] team0: Port device team_slave_1 added
[  251.383805][ T9825] batman_adv: batadv0: Adding interface: batadv_slave_0
[  251.387052][ T9825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  251.397056][ T9825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  251.412804][ T9825] batman_adv: batadv0: Adding interface: batadv_slave_1
[  251.419976][ T9825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  251.429534][ T9825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  251.479115][ T9825] hsr_slave_0: entered promiscuous mode
[  251.482524][ T9825] hsr_slave_1: entered promiscuous mode
[  251.513981][ T9825] debugfs: 'hsr0' already exists in 'hsr'
[  251.517133][ T9825] Cannot create hsr debugfs directory
[  251.618957][ T9817] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  251.627423][ T9817] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  251.645271][ T9817] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  251.658214][ T9817] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  251.696697][ T9817] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  251.715043][ T9817] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  251.723485][ T9817] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  251.737569][ T9817] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  251.950828][ T9825] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  251.958372][ T9825] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  251.965337][ T9817] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.968340][ T9825] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  251.976995][ T9825] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  251.983282][ T9825] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  251.991416][ T9825] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  251.998482][ T9825] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  252.005845][ T9825] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  252.012118][ T9817] 8021q: adding VLAN 0 to HW filter on device team0
[  252.054733][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.057354][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.062885][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.065793][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.264034][ T9825] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.288521][ T9825] 8021q: adding VLAN 0 to HW filter on device team0
[  252.298771][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.301163][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.305597][ T5753] Bluetooth: hci0: command tx timeout
[  252.313767][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.316246][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.454531][ T5753] Bluetooth: hci3: command tx timeout
[  252.475216][ T9817] 8021q: adding VLAN 0 to HW filter on device batadv0
[  252.697426][ T9825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  252.731332][ T9817] veth0_vlan: entered promiscuous mode
[  252.742062][ T9817] veth1_vlan: entered promiscuous mode
[  252.769153][ T9817] veth0_macvtap: entered promiscuous mode
[  252.777136][ T9817] veth1_macvtap: entered promiscuous mode
[  252.792103][ T9817] batman_adv: batadv0: Interface activated: batadv_slave_0
[  252.800761][ T9817] batman_adv: batadv0: Interface activated: batadv_slave_1
[  252.815048][ T6134] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.823190][ T6134] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.831637][ T6134] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.839054][ T6134] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.896110][ T1164] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.900828][ T1164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.917209][   T62] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  252.921236][   T62] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  252.929422][   T62] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  252.931311][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.935166][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.936958][   T62] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  252.942489][   T62] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  252.970302][ T9825] veth0_vlan: entered promiscuous mode
[  252.977842][ T9825] veth1_vlan: entered promiscuous mode
[  252.994580][ T9825] veth0_macvtap: entered promiscuous mode
[  253.002078][ T9825] veth1_macvtap: entered promiscuous mode
[  253.012420][ T9825] batman_adv: batadv0: Interface activated: batadv_slave_0
[  253.029387][ T9825] batman_adv: batadv0: Interface activated: batadv_slave_1
[  253.036662][   T46] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  253.039817][   T46] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  253.046929][   T46] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  253.050123][   T46] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  253.150303][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.152671][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.171842][   T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.179302][   T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.254582][   T29] usb 38-1: device descriptor read/8, error -110
[  253.579007][ T9930] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.581271][ T9930] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.583567][ T9930] bridge_slave_0: entered allmulticast mode
[  253.586352][ T9930] bridge_slave_0: entered promiscuous mode
[  253.592125][ T9930] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.594480][ T9930] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.596745][ T9930] bridge_slave_1: entered allmulticast mode
[  253.599307][ T9930] bridge_slave_1: entered promiscuous mode
[  253.631560][ T9930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.665989][   T29] usb usb38-port1: attempt power cycle
[  253.677419][ T9930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.706521][ T9930] team0: Port device team_slave_0 added
[  253.721640][ T9930] team0: Port device team_slave_1 added
[  253.737847][ T9930] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.740167][ T9930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  253.749199][ T9930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.765658][ T9930] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.768489][ T9930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  253.782443][ T9930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.853495][ T9930] hsr_slave_0: entered promiscuous mode
[  253.857067][ T9930] hsr_slave_1: entered promiscuous mode
[  253.859932][ T9930] debugfs: 'hsr0' already exists in 'hsr'
[  253.862355][ T9930] Cannot create hsr debugfs directory
[  253.971890][ T9991] No memory to map
[  254.147933][ T9930] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  254.157456][ T9930] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  254.162116][ T9930] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  254.196341][ T9930] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  254.200536][ T9930] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  254.208414][ T9930] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  254.212556][ T9930] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  254.220168][ T9930] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  254.235494][   T29] usb usb38-port1: unable to enumerate USB device
[  254.240503][ T9993] syz_tun: entered promiscuous mode
[  254.248919][ T9993] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  254.385245][   T62] Bluetooth: hci0: command tx timeout
[  254.545516][   T62] Bluetooth: hci3: command tx timeout
[  254.548680][ T9930] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.688386][ T9930] 8021q: adding VLAN 0 to HW filter on device team0
[  254.731194][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.733553][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.772962][ T1204] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.775305][ T1204] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.014436][   T62] Bluetooth: hci2: command tx timeout
[  255.069439][T10010] 8021q: adding VLAN 0 to HW filter on device bond4
[  255.094467][ T5830] usb 44-1: device descriptor read/8, error -110
[  255.272207][T10031] No control pipe specified
[  255.420534][ T9930] 8021q: adding VLAN 0 to HW filter on device batadv0
[  255.484882][ T5830] usb usb44-port1: attempt power cycle
[  256.067828][ T5830] usb usb44-port1: unable to enumerate USB device
[  256.426242][ T9930] veth0_vlan: entered promiscuous mode
[  256.435687][ T9930] veth1_vlan: entered promiscuous mode
[  256.463041][ T9930] veth0_macvtap: entered promiscuous mode
[  256.464609][   T62] Bluetooth: hci0: command tx timeout
[  256.472858][ T9930] veth1_macvtap: entered promiscuous mode
[  256.488621][ T9930] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.525532][ T9930] batman_adv: batadv0: Interface activated: batadv_slave_1
[  256.547128][ T1164] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.553843][ T1164] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.566748][ T1164] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.566785][ T1164] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.617576][   T62] Bluetooth: hci3: command tx timeout
[  256.684811][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.684831][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.749775][ T1204] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.749795][ T1204] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.884440][ T5533] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  257.039556][ T5533] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10
[  257.039594][ T5533] usb 10-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  257.039614][ T5533] usb 10-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 624
[  257.041700][ T5533] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  257.041727][ T5533] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.041744][ T5533] usb 10-1: Product: ꍮ浜ꫨ七ﺜቹ赟ҿⱹ䛊甁폧念ᷗḓ馱吭댮怍锞禙徸ꬹ鮂孬㿃駻䙲䲘䯨츪䍅얟￴㉨肗罝䞟ᶟ蹧ڰᩎ献侅㜭
[  257.041768][ T5533] usb 10-1: Manufacturer: ၑ昃燥⇥頓⽓꤬钓Ἰ詂䤦⒥⾏虝秒鷋Ꮗ㐂漒蘐良躄哗
[  257.041785][ T5533] usb 10-1: SerialNumber: ت╉㉭衪㦞ꄹꫬὴ㰒弟䕆ઢ￸뺚뾜库ↂ噀遲鬝
[  257.104574][   T62] Bluetooth: hci2: command tx timeout
[  257.521021][ T5533] cdc_ncm 10-1:1.0: bind() failure
[  257.532957][ T5533] cdc_ncm 10-1:1.1: CDC Union missing and no IAD found
[  257.541960][ T5533] cdc_ncm 10-1:1.1: bind() failure
[  257.564043][ T5533] usb 10-1: USB disconnect, device number 2
qemu-system-x86_64: hw/ide/core.c:934: ide_dma_cb: Assertion `prep_size >= 0 && prep_size <= n * 512' failed.
Read from remote host localhost: Connection reset by peer
client_loop: send disconnect: Broken pipe