last executing test programs:

18.270810249s ago: executing program 1 (id=2943):
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000000)={0xfffffeff, "065b12a9f074e7ebc958f479632ef6e92442e02f81cfd3e3dcac0202f0b9503e", <r0=>0xffffffffffffffff})
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000000, 0x40010, r0, 0xa59ce000)
timer_create(0x5, &(0x7f0000000040)={0x0, 0x31, 0x2}, &(0x7f0000000080)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f00000000c0)={{0x77359400}}, &(0x7f0000000100))
r2 = openat$procfs(0xffffff9c, &(0x7f0000000140)='/proc/partitions\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xdc, 0x3, 0x1, 0x3, 0x0, 0x0, {0x2, 0x0, 0x4}, [@CTA_PROTOINFO={0x10, 0x4, 0x0, 0x1, @CTA_PROTOINFO_TCP={0xc, 0x1, 0x0, 0x1, [@CTA_PROTOINFO_TCP_FLAGS_REPLY={0x6, 0x5, {0x5, 0xa3}}]}}, @CTA_NAT_DST={0xb0, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0x24, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}]}, @CTA_NAT_PROTO={0x2c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x800}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}]}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @multicast2}, @CTA_NAT_V4_MINIP={0x8, 0x1, @multicast1}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @empty}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @remote}, @CTA_NAT_V4_MINIP={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x1a}}, @CTA_NAT_V4_MINIP={0x8, 0x1, @loopback}]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x1}]}, 0xdc}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0xccf38)
futex_waitv(&(0x7f0000001240)=[{0x8000, &(0x7f0000000340)=0x100000001, 0x2}, {0x0, &(0x7f0000000380)=0x3, 0x82}, {0xf575, &(0x7f00000003c0)=0x4, 0x2}, {0x7, &(0x7f0000000400)=0x1, 0x82}, {0x40, &(0x7f0000000440)=0xff, 0x2}, {0xdf9, &(0x7f0000000480)=0xacae, 0x2}, {0xfc3, &(0x7f00000004c0)=0x7f, 0x82}, {0x1dd, &(0x7f0000000500)=0x7, 0x2}, {0xa, &(0x7f0000000540)=0x7f, 0x2}, {0x5, &(0x7f0000000580)=0x6, 0x82}, {0x7ff, &(0x7f00000005c0)=0x1ff, 0x2}, {0xe1, &(0x7f0000000600)=0x9, 0x80}, {0xa, &(0x7f0000000640)=0x41d7, 0x2}, {0x9, &(0x7f0000000680)=0x6, 0x82}, {0xfff, &(0x7f00000006c0)=0xc43, 0x2}, {0xdd3, &(0x7f0000000700)=0x7, 0x2}, {0x8, &(0x7f0000000740)=0x40b}, {0x4, &(0x7f0000000780)=0xd4, 0x82}, {0x0, &(0x7f00000007c0)=0x92, 0x82}, {0x5, &(0x7f0000000800)=0x9, 0x82}, {0x9, &(0x7f0000000840)=0x5, 0x82}, {0xffffffff, &(0x7f0000000880)=0xfffffffffffffff7, 0x2}, {0x400, &(0x7f00000008c0)=0x2b, 0x2}, {0x80000000, &(0x7f0000000900)=0x80, 0x2}, {0x9, &(0x7f0000000940)=0x1, 0x2}, {0x7fffffffffffffff, &(0x7f0000000980)=0x8, 0x2}, {0x5, &(0x7f00000009c0)=0x2, 0x2}, {0x1, &(0x7f0000000a00)=0x5, 0x2}, {0x4, &(0x7f0000000a40)=0x8, 0x82}, {0x1, &(0x7f0000000a80)=0xcfc, 0x82}, {0xfffffffffffffffd, &(0x7f0000000ac0)=0xf680, 0x2}, {0x15, &(0x7f0000000b00)=0x8, 0x82}, {0x4, &(0x7f0000000b40)=0x6, 0x82}, {0x6, &(0x7f0000000b80)=0x2, 0x82}, {0x9e, &(0x7f0000000bc0)=0x8, 0x82}, {0x3493, &(0x7f0000000c00)=0x8000000000000000, 0x2}, {0x100000001, &(0x7f0000000c40)=0x1, 0x2}, {0x94da, &(0x7f0000000c80)=0x3, 0x80}, {0x4, &(0x7f0000000cc0)=0x1}, {0x5, &(0x7f0000000d00)=0x4000000000000000}, {0x4, &(0x7f0000000d40)}, {0x5, &(0x7f0000000d80)=0xb3a, 0x2}, {0x1, &(0x7f0000000dc0)=0x8000000000000001, 0x82}, {0x4, &(0x7f0000000e00)=0x5, 0x82}, {0x80000001, &(0x7f0000000e40)=0x9, 0x82}, {0xddf, &(0x7f0000000e80)=0x9, 0x2}, {0x2, &(0x7f0000000ec0)=0x9780, 0x2}, {0x8, &(0x7f0000000f00)=0x6, 0x82}, {0x100, &(0x7f0000000f40)=0x4, 0x82}, {0x6, &(0x7f0000000f80)=0x7, 0x2}, {0x3, &(0x7f0000000fc0)=0xfffffffffffffff8, 0x82}, {0xd, &(0x7f0000001000)=0xd7d5, 0x2}, {0x9, &(0x7f0000001040)=0x2, 0x82}, {0x3, &(0x7f0000001080)=0xbee, 0x82}, {0x100, &(0x7f00000010c0)=0x8, 0x82}, {0x8000000000000001, &(0x7f0000001100)=0x3, 0x82}, {0xfffffffffffffff7, &(0x7f0000001140)=0xe, 0x2}, {0x9, &(0x7f0000001180)=0x7, 0x2}, {0x411e, &(0x7f00000011c0)=0x2, 0x2}, {0x5, &(0x7f0000001200)=0x8, 0x2}], 0x3c, 0x0, &(0x7f0000001800)={0x0, 0x3938700}, 0x0)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000001840), &(0x7f0000001880)=0x4) (async)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f00000018c0)={0x9, <r3=>r0}) (async)
unshare(0x28000400)
timer_getoverrun(r1) (async)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r3, 0x10f, 0x84, &(0x7f0000001900), &(0x7f0000001940)=0x4)
r4 = socket$rds(0x15, 0x5, 0x0)
timer_create(0x6, &(0x7f0000001b00)={0x0, 0x10, 0x2, @thr={&(0x7f0000001980)="103d56267cdbf65cbbabe9a7d5f55723a7697929891f4c1fa0f6446fc052777998c4992b21700f698ee6e0cc2cc1ab10e3b0e1be0ea9c95b384347a34d149d4853f4536cdd6cac6e719af8d384e939af48d1a62466797a418da256e892704d803961e0a69843bd462f220a083213260b0f91cb2661ab6bddfacf4fa5f22cbc9d124cb086b5ef8924fbf8be4bc8c80da503f51205cf4394b3b1c87e0f003030a2eab909cff3fd5e630e002aa7e74cfa6824a701e2628b48959e287ca39bc512b115064d58ea324a2e1adfc8fc79b5dad1d3e36cb48191652a2c82f4209e5e9505d792df5d4112133520b6086aa847381fa45dcf68b4f4110afa", &(0x7f0000001a80)="9699243aae5c84763828c5da1c81300cef8e58e963a2e2232fe6f755999dfb65faff01f2d7822ec1fa280ed448a4058406af7cf576e2d8e603bd2d088e2767591b5b78be4ee7641cba51b2942646d91a37b950b0f456ea798d3ecf11e3a343e4a43fed41a96addddd261c7143cf6"}}, &(0x7f0000001b40))
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, &(0x7f0000001b80)={<r5=>0x0, 0x9b, "644b9d2ade59ffe3c09d3152ca66d8e0292f3e35a890540ce60da28e6ec2f69908f156db1a80144d65404ecb3fd20cfc586de3e4f08e40769eab79b06f0d08bd8c3bdb80327fc31e696d721c82ea09ea3f0d7e196c6f1cb12bd0896f083c7e24a30d175177124c8efa747586fdc1461cead6b6c975123903a364227939b1c332b7b636a784f786c3dd761b71fd1d3a9f5e98be0eadb2864cae9e3c"}, &(0x7f0000001c40)=0xa3)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000001c80)={r5}, &(0x7f0000001cc0)=0x8) (async)
r6 = syz_clone3(&(0x7f0000001ec0)={0x2020c0500, &(0x7f0000001d00), &(0x7f0000001d40), &(0x7f0000001d80)=<r7=>0x0, {0x6}, &(0x7f0000001dc0)=""/31, 0x1f, &(0x7f0000001e00)=""/103, &(0x7f0000001e80)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x6, {r2}}, 0x58)
timer_create(0x1, &(0x7f0000001f40)={0x0, 0x3e, 0x1, @tid=r6}, &(0x7f0000001f80)) (async)
ioctl$SOUND_MIXER_READ_CAPS(r2, 0x80044dfc, &(0x7f0000001fc0))
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000002080)={0x60, 0x1, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x8, &(0x7f0000002000)=[{0x7, 0xffffffff00000000, 0x100}, {0xffffffffffffffff, 0xfff, 0x4}, {0xfffffffffffffffc, 0x0, 0x3}, {0x0, 0xc5, 0x2}], 0x4, 0xad35, 0x8af84a6acd6d6d6c, 0x0, 0x22, 0x6a})
ptrace$getenv(0x4201, r7, 0xffff, &(0x7f0000002100))
timer_settime(r1, 0x1, &(0x7f0000002140), 0x0) (async)
syz_open_dev$vivid(&(0x7f0000002180), 0x3, 0x2) (async)
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f00000021c0)={{0x2, 0x2}, 0x20}, 0x10)
r8 = openat$bsg(0xffffff9c, &(0x7f0000002200)='/dev/bsg/1:0:0:0\x00', 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r8, 0x2286, &(0x7f0000002240))
read$FUSE(0xffffffffffffffff, &(0x7f0000002380)={0x2020, 0x0, <r9=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f00000043c0)={0x50, 0x0, r9, {0x7, 0x2d, 0x4, 0x23100000, 0xd, 0x674f, 0x7, 0x3, 0x0, 0x0, 0x4, 0x81}}, 0x50) (async)
write$P9_RXATTRCREATE(r3, &(0x7f0000004440)={0x7, 0x21, 0x1}, 0x7)

18.270454999s ago: executing program 1 (id=2944):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00ecfffbff94020000200000004000000000000000e503000000000000000000"], 0x78)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
shmget$private(0x0, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
setsockopt$CAIFSO_REQ_PARAM(0xffffffffffffffff, 0x116, 0x80, 0xffffffffffffffff, 0xe6368f3)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r1, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b6", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xa}}}, 0x24}}, 0x0)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="5a4d03ac"], 0x4)

16.521744698s ago: executing program 1 (id=2949):
r0 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x40002)
writev(r0, &(0x7f0000000c40)=[{0x0}, {&(0x7f00000005c0)="c21cfb", 0x3}, {&(0x7f00000007c0), 0x300}, {&(0x7f0000000900), 0x4000}], 0xe)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f00000002c0)='./file0\x00', &(0x7f00000004c0), 0x8017, &(0x7f0000000200)={'trans=virtio,', {[{@cache_mmap}, {@version_u}]}})
lstat(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000100))
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='oom_adj\x00')
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000280)='0', 0x1}, {&(0x7f0000000080)="d2", 0x1}], 0x2)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x20000020)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
writev(r2, &(0x7f0000000000), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000001c0)={[0x5, 0x7, 0x5, 0x1, 0x0, 0x80000000, 0x60a2, 0x6, 0xba2, 0x7, 0xdd8a, 0xb04b, 0x84, 0x8, 0x2, 0xea], 0x41000, 0x1a080})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0x100000000, 0x0, 0x20, 0x6, 0x0, 0x2004c9, 0x7000, 0x0, 0x0, 0xfffffffffffffffb, 0x8, 0x0, 0x0, 0x4000000000000004, 0x5], 0xffff1000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000440)={0x5, {{0x2, 0x4e21, @broadcast}}, {{0x2, 0x4e21, @rand_addr=0x64010102}}}, 0x104)
ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f00000002c0))

16.451697401s ago: executing program 1 (id=2950):
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/card0/oss_mixer\x00', 0x2, 0x0)
write$proc_mixer(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xffffffffffffff9f, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20820}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80040, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)='devpts\x00', 0x101c040, 0x0)
close(r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000007112250000000000a455000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

16.181995071s ago: executing program 1 (id=2951):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140))
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
r4 = dup(r3)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f00000003c0)={0x0, @reserved})
ioctl$vim2m_VIDIOC_QUERYBUF(r5, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bsg/0:0:0:0\x00', 0x40000, 0x0)
r6 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r7 = socket(0x1e, 0x805, 0x0)
connect$tipc(r7, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1}, 0x2}}, 0x10)
connect$tipc(r7, &(0x7f0000000600)=@id={0x1e, 0x3, 0x3}, 0x10)
close(r7)
ioctl$VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x20323159, 0x425, 0x10001, 0x6, 0x2, 0xfeedcafe, 0x3, 0x0, 0x6}})
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)

14.402806379s ago: executing program 1 (id=2960):
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(0xffffffffffffffff, 0x40046210, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000300), 0x100, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
ioctl$SYNC_IOC_FILE_INFO(0xffffffffffffffff, 0xc0383e04, &(0x7f00000001c0)={""/32, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001580)})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x6c, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r6, {0xf2ff, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x38, 0x2, [@TCA_FW_ACT={0x34, 0x4, [@m_vlan={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0x8}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x24000880)
socket$nl_route(0x10, 0x3, 0x0)

14.373884678s ago: executing program 32 (id=2960):
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(0xffffffffffffffff, 0x40046210, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000300), 0x100, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
ioctl$SYNC_IOC_FILE_INFO(0xffffffffffffffff, 0xc0383e04, &(0x7f00000001c0)={""/32, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001580)})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x6c, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r6, {0xf2ff, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x38, 0x2, [@TCA_FW_ACT={0x34, 0x4, [@m_vlan={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0x8}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x24000880)
socket$nl_route(0x10, 0x3, 0x0)

4.137291622s ago: executing program 0 (id=3029):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
io_setup(0x1, &(0x7f0000000b80))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4)
r0 = socket$netlink(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x1258c1, 0x60)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000240)={0x43, 0x4, 0x2, 0x3}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01030003000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010001ffffcfffffffdffffff00000000", @ANYRES32=0x0, @ANYBLOB="0002010000000000240012800b00010065727370616e000014000280050016000000000008000700ac1414bb08000a00", @ANYRES32=r3], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/reserved_size', 0x149a82, 0x1a1)
writev(r5, &(0x7f00000001c0)=[{&(0x7f0000000380)='\f', 0x1}], 0x1)
r6 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r7 = memfd_create(&(0x7f0000000700)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc3Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x06.3(QF?\f\x05\xa4uY\xee\xab\x8a\xeb~\xed\xcb0\xb7\xe7\xe6?8g\x8aN\xda\x8f\x9d\xde\x1eNaS\x8fLk\xf1\x965N\x18\x8c\xb9=5\x991\xae\x89N\x13\xd1\xf7\xf0\x13\xb2\xaeS\xa1\x97\x18j\xea\x9f\xde\xb6\xd4\xdc\xe6*\x9c\xfdV\x82\x05', 0x2)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r8, 0x13)
r9 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x20, 0x20}, [@RTA_DST={0x8, 0x1, @remote}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
ptrace(0x4206, r8)
ptrace$peekuser(0x3, r8, 0x7)
ftruncate(r7, 0xffff)
fcntl$addseals(r7, 0x409, 0x3)
close(0x3)
ioctl$UDMABUF_CREATE(r6, 0x40187542, &(0x7f0000000000)={r7, 0x1, 0x0, 0x2000})

3.857196803s ago: executing program 0 (id=3032):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @random="b6c1c02b5fbb"}, 0x14)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x4, 0x6, @remote}, 0x14)
sendmsg$GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="50001700", @ANYRES16=r1, @ANYBLOB="000026bd7000ffdbdb1a0300000014000c00ff0200000000000000030000000000010800090004000000080001005ece1d20e9216d683eb109d258006e9853510d6f4b002a75c336f4daef6df2fc6bbdebae46a56eb443df3b4993c75529ee3f18a23e54f3e624f123858a2698a0b528af1d4f32f38088c458b9", @ANYRES32=r3, @ANYBLOB="080002000000000008000100", @ANYRES32=0x0, @ANYBLOB="0800090003000000"], 0x50}, 0x1, 0x0, 0x0, 0x801}, 0x4)
r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x35c, 0x0)
preadv(r4, &(0x7f0000000300)=[{&(0x7f00000013c0)=""/4096, 0x102a}], 0x1, 0x0, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x41c, 0x248, 0x5c, 0x160, 0x248, 0x3e0, 0x354, 0x228, 0x25a, 0x354, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0xfe}, [], [], 'veth0_to_batadv\x00', 'ip6gre0\x00', {0xff}, {}, 0x3a}, 0x5002, 0x200, 0x248, 0x52020000, {0x0, 0x6802000000000000}, [@common=@icmp6={{0x24}, {0x12, "d176", 0x1}}, @common=@rt={{0x138}, {0x5, [0x7fffffff, 0x3], 0x742e, 0x4, 0x6, [@private1={0xfc, 0x1, '\x00', 0x1}, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, @local, @loopback, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @dev={0xfe, 0x80, '\x00', 0x11}, @local, @private0, @local, @private2, @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @broadcast}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2], 0xc}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x1}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, [0xffffffff], [], 'veth1_to_hsr\x00', 'dummy0\x00'}, 0x0, 0xa4, 0x10c}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00', {0x2}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x478)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = syz_open_dev$hiddev(&(0x7f0000000800), 0xe00, 0xf3c25786c7b1188e)
ioctl$HIDIOCAPPLICATION(r6, 0x4802, 0x120a)
socket$l2tp6(0xa, 0x2, 0x73)
unshare(0x16000280)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
io_setup(0x222, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001740)=ANY=[@ANYRES16=0x0, @ANYRES64=0x0, @ANYBLOB, @ANYRESDEC=r7, @ANYRES16, @ANYRES8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xb9, &(0x7f0000000140)=""/185, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}}}, 0x9)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)

3.527375137s ago: executing program 3 (id=3035):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x14, r1, 0x80485dc1c126afb3, 0x0, 0xa1ff, {0x33}}, 0x14}}, 0x0)

3.524650715s ago: executing program 0 (id=3036):
socket$kcm(0x10, 0x2, 0x0)
r0 = syz_open_dev$dvb_frontend(&(0x7f00000002c0), 0x0, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x395, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xffffffff, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x2002c810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0b080510"], 0xe)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2000000000002)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x7)
bind$netlink(0xffffffffffffffff, &(0x7f0000000500)={0x10, 0x0, 0x25dfdbfc, 0x2000000}, 0xc)
r4 = syz_io_uring_setup(0x18d7, &(0x7f0000000540)={0x0, 0x0, 0x2, 0x0, 0xc}, &(0x7f0000ffe000), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x2, &(0x7f0000000180), 0xfe)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x30, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x18, 0x0, 0x0, @u32=0x20000}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000280)=0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x43}, 0x28)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r7, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000300)='GPL\x00', 0xb, 0x20, 0x0, 0x0, 0x0, '\x00', r8}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$FE_SET_PROPERTY(r0, 0x40086f52, &(0x7f00000000c0)={0x20, &(0x7f0000000380)=[{0x43, '\x00', @data=0xff, 0x1}]})

3.387795528s ago: executing program 3 (id=3037):
r0 = accept4$unix(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x6e, 0x80800)
recvmmsg$unix(r0, &(0x7f0000005e80)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000003300)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/194, 0xc2}, {&(0x7f0000001240)=""/75, 0x4b}, {&(0x7f00000012c0)=""/4096, 0x1000}, {&(0x7f00000022c0)=""/4096, 0x1000}, {&(0x7f00000032c0)=""/50, 0x32}], 0x6, &(0x7f0000003340)=[@cred={{0x18}}], 0x18}}, {{&(0x7f0000003380), 0x6e, &(0x7f0000004a00)=[{&(0x7f0000003400)=""/220, 0xdc}, {&(0x7f0000003500)=""/177, 0xb1}, {&(0x7f00000035c0)=""/34, 0x22}, {&(0x7f0000003600)=""/195, 0xc3}, {&(0x7f0000003700)=""/244, 0xf4}, {&(0x7f0000003800)=""/4096, 0x1000}, {&(0x7f0000004800)=""/203, 0xcb}, {&(0x7f0000004900)=""/173, 0xad}, {&(0x7f00000049c0)=""/1, 0x1}], 0x9, &(0x7f0000004a80)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, <r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x34, 0x1, 0x1, [<r3=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x6c}}, {{&(0x7f0000004b00), 0x6e, &(0x7f0000005dc0)=[{&(0x7f0000004b80)=""/18, 0x12}, {&(0x7f0000004bc0)=""/74, 0x4a}, {&(0x7f0000004c40)=""/4096, 0x1000}, {&(0x7f0000005c40)=""/100, 0x64}, {&(0x7f0000005cc0)=""/233, 0xe9}], 0x5, &(0x7f0000005e00)=[@rights={{0x34, 0x1, 0x1, [<r7=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, <r12=>0xffffffffffffffff]}}], 0x74}}], 0x3, 0x2000, &(0x7f0000005f00))
mknod$loop(&(0x7f0000005f40)='./file0\x00', 0x6000, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000006000)={<r13=>0x0, 0x48, &(0x7f0000005f80)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e22, 0x400, @remote}, @in6={0xa, 0x4e23, 0xa, @private0, 0x10001}]}, &(0x7f0000006040)=0xc)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000006080)={r13, 0x15e7cc3}, 0x8)
dup(r2)
fsync(r9)
ioctl$DRM_IOCTL_PANTHOR_GROUP_CREATE(r3, 0xc0386447, &(0x7f0000006100)={{0x8, 0x1, &(0x7f00000060c0)=[{0x4, 0x0, 0xf}]}, 0x3, 0x52, 0x5, 0x0, 0x0, 0x5, 0x5e, 0x5, 0x0, <r14=>0x0})
ioctl$DRM_IOCTL_PANTHOR_GROUP_DESTROY(0xffffffffffffffff, 0xc0086448, &(0x7f0000006140)={r14})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000006180)={0x6})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000006200)={0x1, 0x0, &(0x7f00000061c0)=[0x0]})
r15 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000006240)={0xffffffffffffffff, 0x6}, 0xc)
getsockopt$PNPIPE_IFINDEX(r11, 0x113, 0x2, &(0x7f0000006280)=<r16=>0x0, &(0x7f00000062c0)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000006300)=@bloom_filter={0x1e, 0xd, 0x2, 0x8, 0x810, r15, 0x7, '\x00', r16, r6, 0x0, 0x2, 0x0, 0x2}, 0x50)
r17 = openat$binfmt(0xffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r17, &(0x7f0000006380)={'#! ', './file0', [{0x20, '$&'}, {0x20, '\x00'}], 0xa, "12e91851767b972cb7802f9796cb8b670fe4a0a64c68bd85f6cb62b81322f37406e0e052629727d9df"}, 0x39)
r18 = syz_open_dev$hiddev(&(0x7f00000063c0), 0x0, 0x40000)
ioctl$HIDIOCGCOLLECTIONINFO(r18, 0xc0104811, &(0x7f0000006400)={0x1, 0xa, 0x1f, 0x1})
ioctl$DRM_IOCTL_PANTHOR_BO_SET_LABEL(r1, 0xc010644d, &(0x7f0000006480)={0x0, 0x0, &(0x7f0000006440)='\x00'})
r19 = openat$hwrng(0xffffff9c, &(0x7f00000064c0), 0x10001, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r19, 0x40089413, &(0x7f0000006500)=0x80000000)
r20 = syz_open_dev$dri(&(0x7f0000006540), 0x6a5, 0x100)
ioctl$FIBMAP(r20, 0x1, &(0x7f0000006580)=0x4)
ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f00000065c0))
write$binfmt_script(r12, &(0x7f0000006600)={'#! ', './file0/file0', [{0x20, '/dev/usb/hiddev#\x00'}, {0x20, '$&'}, {0x20, '^'}, {0x20, '/dev/usb/hiddev#\x00'}, {}, {0x20, '/dev/dri/card#\x00'}], 0xa, "1fa8e4f4153b36839dcd229ade5e0a30367cf77b07c30d55b10b8e9ef1514c857cfc69098a875c354e38709cf1ee139d8e843c1becf8c4c48c03ccfcb86cbb25f37cafede7e3b8a8232ef54a517df8a39594c446609b1fe0732742b396420fdbb552c672924e3801d284905ec62b0e8d82736af7fc552c1af9de8154361346655348b9a106b857c6f1d2c7d30464861410f6c1d49ab0be59d6780f1d38dcb24bc85995086ed59a3d1584c166502976c9289620ad951164fbd5785a0e44f601632fd3a9b544d1ccb42ba5267ee3ff1614636ec19caf51312122597c975a97d4d860495a78db38551e43fb411e0e999ee92ef4b09aa28ddbc754f137a0233e54e12309e93188609afcce81369c75a6f67ec66ced2163f3d3d78a7091f45667ccf130fc59cf1f38744eaf31c05ccd8ec04520396c8938e5d86f552c00f1c10d0170dd189aa493fb2d7ab623cf4ed0b05092339fdd449653d7ddcf368829837083a34be649417c6a26831f269e565b5e6b22c5cea33ced297bef81021b262a52921d722319b65fb9da22e55b9695762a874d46339b1c382d9236c9044cf96e6945698250911cc67be461dbc35d08560d7a2611671f182ff071576bd110204eacbdd6d66ae822712fa668ca69343522c2affbb47d0a38d7ceb864ebf919c215d7003a789208e7ec4e667518a5eff53fdb0f3c031754567397de9d36b7091ab2fb50159c58440a78d181974edf91509700d00d6ed833622997e9c0b7398bdbe6f07af6c6a9882b8b2ddb8463673de5697700353d0a30fe23c252ce2a4a17d1e912bf4fc03075198fc2e2b55c832545a6cdc5ff1da69d18f3d4f308c9da74a62e4c0b703a1893f380ccd674aaf1d167878ea1b920436250058ac0d78eaec590a8a8e3e81f2ed72dc44a5fca28f19f0d143def20a1ae3e06ae247e6725b2584f0132507bcaf52183fff1d5b564bf4e9e76670ddbfd4796f1b8e55b58891d77f34b66e93078d8d9b26668f244dbfb2fd64b5c39404a4061e4779d49a0464cbe6b48692802446e1e11f02f95aa36b2cc1e269ceb10303966a298aaa73dee27c227d2f126d7969820c22c0ed4f422f71d5a4328c478abbc06da1bdccd570fa8edd6469964ffe1178d7833f54c1466deb86fdafc05dd658746387dbc4ffedddfff987c3d4f607e98820b3679e096c96b68266a87fced4471cb17a76b8a37a693244883faafe80906d826798dd1c28aff76e94c24cad1dc273af7e653a461e53ce527ce5480d1b57a12818979d96f084f0a921e69ed04218cb70f139db9b5f628e3611a15adcc393c52d201db9e358af40029ff52c4841aa83ab7d6d7cea5ecede9d20ff90b59c24788135cde687b7e2774d352b689aefe1c15c7dce2577347f7225a29dd79ab6464f7c19e52c02efbdce23495d0b76e36df8a573f82665eae83ac3b886c056e61c2562c1e7d0c82014b3019354d18383eb6b14fb39e6640c533176b0601ff9ae294de7809c24497c144de0f98f595187deb4f6446eb59370e80a0ce46db377d706e6f3286e33267a3cdd53e738c7a5277d3eff6a21416174dd2851b22ba9d9846897b44e92902d91638e3bc4954081ec03d6901bd634e88fb15db5cd9c71b917b6453c525c2d807c923214f9fce8abddce6783644dc4703b92020f3a5deb9ae3597a547d2f65215381b6e892fe015cb73d65446a6f5e4670ffe9a2e750bc2fe9cae9bba84ad4b7997be547161b0b32b9c24978d9d1cb6f72944b71d7c359ea8dcd649da113cac7f65e605379718fe1b59a26aa6e51cb9e5e1542ce367e64b816458638a481538cb1efd2122a2964802b6f8b40e1179d595a0783f7b7f1e7d9010186818b7a5e2413bf50a63c83f4149db4478561652628be47faf2779c1f8d9879bfd4094dc9690eada9ec76a32eb68b7d61108dc2e21208f66f5a7309a6410eb97951b057709390e6b2cc943e73249544c639721b6801182040e2a56ad54e9364eb59df70a78b466b485b659dea58119c19dd18274c0b6e7c8bc9e8cee2e09565ef1aeaf2472116e22478a7ba1ccfd1f00af4db25c2df9a95d64f184dec81fd14bfdced477b76e6786e8e75340dc9e26d7a6810e280e31b57de522c6e18268a5afa62107768cbf4633d6d6876939c03594e55d77caf1a3a848481f4d44e43757ac746c82845244d9e17e2b362b6a66299f0f396116ba25b807d0311caeef0a493e0b10ed7af554bd144c913208cc7cac26df45fa0f182a395e4f334141eba6add30517a8d6815e68c6b445f730302eb911f23cc3fa3b4413961626346fa14c2a0d032f85e8b1226cbf7f2af548d2a2c69ce748b96bb7ce6c26d633ca438215dd33c46c5a664e41556013a71febc6d1d585b3fc88504286350782cc91905c15ef89f324b5b5db6483bc07302a0741a5dc455594c3c63cbfe4f43e6944183913869b459876b43544318d1aad468cfd895c3b4dbb312200b28442e3c2af6fd258037a9ccb44e630d854d6cc84f0509f5e4e1de5eafd4f7945df67277cb540186e57dadcb853cae02abf16d277ff630f580eacf21b6166eb62437410f336f8290715c45994e7ad8f51e30d7932e2d0d98b2ee1cca82ca3711f987531c8c7d0b1a952f600f081a78e7e113e95e64b405d45481879eb3361bb62b394aa1b2b43b194871c9b3b52fcc5594235b9b9bd7c725745df1c15a95a7e519aab3bfe4972d9e3bb2fb59eee9cadf3c477899f730c8c5d5a5689dbbebcf132c005878c6818c54d6dd3c647d81ee12c61d3ceecfe7cf813eb0191cf52d6d66acb786437ca8e172c3d72605a0cccff4a2a10bd815077628e5fe932664ff6c5b84840b7705b9a7633d711d844c5a9d766660af83ca054f1eb19a14b1f3f059c17a0107559731e59f5bd40cc940f7060e86826f1a21d813d376f06288e1481c3898723085656c882e1a40b7ac69318d553e82b5c6434139750debb4667bcf6de45cec9303f1465387f3ad503d41eb862b8536f4bb8320091e63e385478bb724a37c7595ee32b3077b4f1bd84fb6f86a6954431bfe04696a9da339755fd520c227e611366d667ac86bc9550ef098f9eae3b66e73d6d0715ef860a9a74afae07c6e65213aacae15eb23a30606d31b1401b59f9744a7fbd99477e5f60108a421363f4c377fa035c9fc92321ef3016b803f8422a4aa359809d31dec924ba1ac5c49b6c70014488c5d28d40c124558ccc9d381b185ce7d75c226b4cb98a0d619507300c6ee9d68acdfd69e0750cc500d41a6920d3a7419f60b4c4353b12d5905b4b2f45dca69036bb5794c4d2b49f9e424ac5f417a2d14ee35352de1df1c6ace993cb5996cbed0bd4076b9bca7b868b4eedce331c9b4e2190b3c3879d20bf012398fe421f7aeb01f84a6fe9c11af0a7429c9d0a4e99d15e463b888661e4d8e5615be8e9095525f6d9709dbe9f8d2b3daae15e058cda4549a64038b59e62f91cac01be46b098af043eb8bf417c0b8bf5573d85d825e8faf60a3ea3fb52aa4ba1926ca2ceeda39076c26e2dce9afb9b6286086ca62a7d30b77fcff60e023d04d971375593ee6549eccc5980ec0d7ec3a9b672b860e3f9a0b7955130e7964aff1449bed0f921a0e950ef2170d91f7fd2e580763491e03cd5d406c61155e106dc17d6aa84349838df0b2e78e002a79b6de25c5a955a559a28e1ae1de5f4ad051bee9508020e35ce122de85a8729f0f5358c56c1fa32638f088e5fc5f3843c159ac590eb046e4491f4c13fe9a981c869b5cf7184806769111d08823682dfefe9a805280625252d56ef2726c81d2d91dbab6cfe36afd11466b95a0970c17b7ae6f5e83388272dcfbc1a59aedfc0738aa23617d50fba11b6fc50e105d09ffe7ad0834668a1744c3183cb252682f295b9d7a5bb273801e600ad84d70c6c496165f0f8ed6fa886cdba90539764068c8c5ff24793781f72bc7a2bd35002bbe08a87822e71b07d580a738dc48115488c6147047bb1546417c96d6b1fa6e9369fcf392f0a14f8e46af808da3f3274d0e93244121d951bcfedae7f3b925fa85f56aa2762b632a6f8c7065b9a22edb43b5ea7190392e88ccd241b6a1da66e4f54a640b4fd56ca9386ce681b3919d58bc9a6689101156fdffa0bd81685305475041fe4949ef9101aa1c95c0ef948d86017fa54948f87eb4feefb3dc7ffa5d37b79a73a1e588894ffc990459c02718d61740b8bf6007143d501bc43c81dddaa0d72675d934aa35ab0d451da8ba1fd492b75b960186a78c6e206acc3e502e21161af08537a91bd071610220b3b25a35d47a92be9ef912da2cfcdae13a8ffdafad89cbc2aef580ff3953666235429301108c1fd5c95127885ae35557ef26d84cec0b944de0b93a50e1df733056dfee2e215170439cad591901c658a94753992bf016adfec7049ec8ecc7162db14c8285eb9294c6429ea0b6da45f59aafffc51b83fe523f4f21918dca65dc645bb536e9590bf2ec6c087e3d640c817aea5f10e209b9d1e886f6d18ec1a642fa310f5905ecc5607c7800180566ab0fb1ff636daf7f6460ba85ab07e1df352fc300cd92c8e2d02a2972f53e4de55fafbf3d5a491d15354f947a091c6022fda7000d4bcdf1d94b6f32fc7491a15df303bbaeca9aa8080ad54a849c16fa1cc082bd91ad52a09da7edc9a2f25fdbb3dc6e13771f57faccd0825a5cfe479602bf7fa7dcfc25988d9981047cd2670e4024f471c20a50b35e2a7c0782d1959e12723828701be93aa51b34ffdb6b14ecd471fdd33b3f1d5ef4e5e796a29c3c30039a3334425c9d1f7c58df73fdfb7dc64ae3e2ddd07e7182a1a99b3d3e7575cbceafd69cc38c37e6701cb466af86eca6d41be2634b0dbfa57cb2f8f68f6ca9cdcbaabc12089e52382f185cf639a8c0234bb0713aedfa35539be23012e2a3633274f31b657b919248e3354ee25abec980aeb176d674db2487be3d4425795861d78652362172def7a1d9af9bc8a48b600a6fc3ab2868505115522b49b88cdc05935b6a88d49b334810a987a02e938d1adbf90c745f2d9bfa9a58281b9faf3b7b9fd84cd0b7d39e283e121d9941ba540284f62e73ac39bad6d67fa40f6a491708020b95329d3bd1eee37aa9b08d8e2a6df3be7d3e6688ae3cff55a5906c98f73b864dd692a1959564e1d99794768fb566693cee8b6db44ffc3a99481b8e697eeab729a1462810737f921ec18f649e55fdd0bf1407b5c3abc923e2045aa52fd9e7ce76474c3933293bd0f6fd068593d885bb841453f375a1ca425edd17240ac861bcea51ee3287708010e620a882a1836a3d886a8dcb6530ad264735649e03ec4c83e67b15c29bbbb47d83b119a03df785c5e407dd207083c1015bab9812bf861a31a0a2cdec37b1663deab297c1b894e17c4e5b1c884808e2c7851a3225d99b6efa0118cf851cc054dd6a82518e84ed7960ff780c1e122cab4d6351a2035ac6c425729d2e80e7f7aca011eee70bdedac855f51f40d157c689f6fe5ff43529a5247ac4412ad003db4eca97336f436ee8d2ef62bbfa19b0fd9031b25be1e164c75b7928ac966869e9e889d42a4c8850c07d3adc1e2318326126cdbc9ac9024633f41042f74c77d1ace67e3f1704261044c6bc40742a8768408830b6de83a921d0188955c758965002b136ab3e41051f789ebc90dd3fbea0f90321ca816dd6f8275f28ed6f075147ad272d330bac1424e083109fc8ee60d05b5131308ca7991cd7b551709029d5bec2cbe019a8a1c1cb8fb965e221edbbd66d04f2201ac57a752bd7567f69c08829ea51c5fcd3fc9ce"}, 0x104b)
ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f0000007680))
r21 = openat$autofs(0xffffff9c, &(0x7f00000076c0), 0x40000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r21, 0xc0189374, &(0x7f0000007700)={{0x1, 0x1, 0x18, r10, {0x9}}, './file0/file0\x00'})
ioctl$USBDEVFS_GET_SPEED(r6, 0x551f)

3.227874479s ago: executing program 3 (id=3040):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000100)=[{0x1, 0x0, [0x8, 0x0, 0x7f, 0x0, 0x5, 0x2, 0x5, 0x3, 0xfffffffc, 0x6, 0x5, 0x6, 0x800, 0xddb, 0x9, 0x3]}, {0x3d, 0x0, [0x5, 0x6, 0x7, 0x6, 0x8b09, 0x6, 0x0, 0x3, 0x5, 0x101, 0x2, 0x7, 0xffff, 0xfffffff9, 0xd, 0x5]}, {0x29, 0x0, [0x8, 0x378, 0x7fff, 0x717f, 0xd9a9, 0x5, 0xfffffffb, 0x0, 0x200, 0x6, 0x0, 0x6, 0x9, 0xfffffffe, 0x3, 0x6]}], r1, 0x1, 0x1, 0xd8}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0x2, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f00000000c0), 0x0, 0x440200)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b", @ANYRES8=r1], 0x50)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0})
r4 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002)
ioctl$FE_SET_PROPERTY(r4, 0x40106f52, &(0x7f0000000300)={0x1e, 0x0})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000040000000500000084080000", @ANYRES32, @ANYBLOB='\x00\x00\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES64=r2], 0x50)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
r6 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x9ac81)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r6, 0xc0a45352, &(0x7f0000000480)={{0x81}, 'port1\x00', 0xc1, 0x10, 0x1, 0xffffe801, 0x3efc, 0x15, 0xff, 0x0, 0x0, 0xf})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r7, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000026000000080007000000000018000180140002007465616d5f736c6176655f30", @ANYRES64, @ANYRES32=r6], 0x34}}, 0x4004080)

2.688332212s ago: executing program 2 (id=3043):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x149001, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x200000000000001)
r1 = open(&(0x7f0000000400)='./file0\x00', 0x3e1643, 0x8)
syz_open_pts(r1, 0x8040)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)

2.568589034s ago: executing program 2 (id=3044):
io_setup(0x4, &(0x7f00000014c0)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
io_submit(r0, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mount$fuse(0xf9fdffff, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

2.188190899s ago: executing program 2 (id=3045):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x28081)
syz_open_procfs$namespace(0x0, &(0x7f00000003c0)='ns/net\x00')
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$inet(0x2, 0x1, 0x100)
ioctl$TIOCGPTLCK(r2, 0x80045439, &(0x7f0000000180))
listen(r4, 0x9)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x5, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./bus\x00', 0x0, 0x94, &(0x7f0000000300)='trans=rdma,')
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x4c032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000cd000000c8"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x11, &(0x7f0000001180)=ANY=[@ANYBLOB="18050000080000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7040000080000008500000095000000850000000500000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r6, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="882f1242a03c3f98722780b605a7", 0x0, 0x990d, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020}, 0x2020)

2.04727858s ago: executing program 0 (id=3046):
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e24, 0x9, @mcast2, 0xcf27}}, 0x10001, 0x2, 0x7, 0x9, 0x80, 0x1, 0x6}, 0x9c)
r0 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x6a040000)
readahead(0xffffffffffffffff, 0x2a91, 0x7ff)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0xf, 0x6, 0x0, 0x5, 0x3, 0x3, 0x9, 0x3cf, 0x40, 0x29c, 0x6d4, 0xffff, 0x38, 0x1, 0x8001, 0x5, 0x34cd}, [{0x4, 0x1, 0xf3, 0x4, 0x0, 0x0, 0x4, 0x9}], "aa3c17b8cb6a348136e5d2fc2c6d238bd44024467ee5b5e6b094c26be516d0fa8cc3b82a8883f1a278fe6b3633f20288e6ad50a53f67981f44180401970eeb5fa7a6e9b04e810fbee9de31becf4f771fa97ae07be85f60cb97b6984a3928de4ce51e0f2f8320c28a14a94e20eb8db5b27695"}, 0xea)
sendmsg$nl_route_sched(r0, 0x0, 0x20040844)
getpgid(0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010103}]}, &(0x7f0000000380)=0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r3=>0x0]}, &(0x7f0000000080)=0x8)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
fchdir(r4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x1, &(0x7f0000000300)=[{0x6, 0xb5, 0x1, 0x5}]})
io_uring_setup(0xf69, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xfffffdff})
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x42, 0xa5)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000140)={r3, 0xfffffffd}, &(0x7f00000000c0)=0x8)

1.666478294s ago: executing program 4 (id=3048):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x28081)
syz_open_procfs$namespace(0x0, &(0x7f00000003c0)='ns/net\x00')
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet(0x2, 0x1, 0x100)
listen(r3, 0x9)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x5, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
mount(0x0, &(0x7f0000000280)='./bus\x00', 0x0, 0x94, &(0x7f0000000300)='trans=rdma,')
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x4c032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000cd000000c8"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x11, &(0x7f0000001180)=ANY=[@ANYBLOB="18050000080000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7040000080000008500000095000000850000000500000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r5, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="882f1242a03c3f98722780b605a7", 0x0, 0x990d, 0x7000000, 0xf0, 0x0, 0x0, 0x0}, 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020}, 0x2020)

1.438179931s ago: executing program 4 (id=3049):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_virt_wifi\x00'})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000040)={0x0, 0x1, [@multicast]})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000080)={'syzkaller0\x00', 0x400})
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'rose0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r5], 0x20}}, 0x0)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)

1.296247073s ago: executing program 2 (id=3050):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00ecfffbff94020000200000004000000000000000e503000000000000000000002c9f380000"], 0x78)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
shmget$private(0x0, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
setsockopt$CAIFSO_REQ_PARAM(0xffffffffffffffff, 0x116, 0x80, 0xffffffffffffffff, 0xe6368f3)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r1, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c1bece1fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8952ea61655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b6", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xa}}}, 0x24}}, 0x0)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="5a4d03ac"], 0x4)

1.218614749s ago: executing program 4 (id=3051):
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
lseek(r1, 0x6, 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv2(r2, &(0x7f0000000100), 0x0, 0x0, 0x80, 0x1)
ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
write$nbd(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000000000000008a0559f338be09000000000000000000007400a391793ba70d0000000000000500000000198f5880452cbac6e405b3e645000000000000000000000002000000"], 0x40)

997.802438ms ago: executing program 3 (id=3052):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="2800000009000000000000000000000001"], 0x28)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000080)={0x4, 0xffffffffffffffff, 0x1})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mincore(&(0x7f000083f000/0x4000)=nil, 0x4000, &(0x7f0000000080))
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0xfffffc16, 0x8, 0x100, 0x100, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x4, 0x7}, 0x50)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x32b, @tick=0x440, 0xff, {}, 0x0, 0x0, 0xfb})
r4 = fsopen(&(0x7f00000003c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x1, 0x4)
fchdir(r5)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r7, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000200)=ANY=[@ANYBLOB="e36142dcd617870dc617b6361d45fc07", @ANYRES16=r8, @ANYBLOB="010028bd7000ffdbdf250c00000018000380080002000000000008000500d165c85104000400180001801400020076657468305f766972745f7769666900"], 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x80)
lseek(r6, 0x1, 0x1)
getdents64(r6, 0x0, 0x22)
r9 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_names\x00')
preadv(r9, &(0x7f0000001640)=[{&(0x7f0000000280)=""/191, 0xbf}], 0x1, 0x86, 0x451)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$UFFDIO_REGISTER(r9, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ff5000/0xb000)=nil, 0xb000}, 0xd})
sendmsg$nl_generic(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x26, 0x1, 0x7fffd, 0x1000, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x404c801}, 0x4008090)

997.557741ms ago: executing program 0 (id=3053):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 32)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async, rerun: 32)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) (rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) (async)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) (async, rerun: 32)
r5 = socket$kcm(0x10, 0x3, 0x10) (rerun: 32)
sendmsg$kcm(r5, 0x0, 0x0) (async)
bind$bt_l2cap(r1, 0x0, 0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r6, 0x114, 0x8, &(0x7f0000000380), 0x4)
setsockopt$RDS_FREE_MR(r6, 0x114, 0x3, &(0x7f00000007c0)={{0x2000}, 0x12}, 0x6c) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, 0x0, 0xc000) (async)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockname(r8, 0x0, 0x0) (async)
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0) (async)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

997.318587ms ago: executing program 4 (id=3054):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x4c, 0x10, 0x503, 0x70bd2a, 0x700, {0x0, 0x0, 0x0, 0x0, 0x7000000, 0x3806}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x4c}}, 0x440b0)

697.239739ms ago: executing program 0 (id=3055):
timer_create(0x0, &(0x7f0000000140)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f00000002c0)='\x00', 0x40)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x1000, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x100000000000000, &(0x7f0000000140)="d2ff"})
r4 = syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')
pread64(r4, &(0x7f0000000340)=""/264, 0x104, 0xad4)
timer_create(0x0, 0x0, &(0x7f0000000300)=<r5=>0x0)
timer_getoverrun(r5)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000100))
timer_settime(r5, 0x0, &(0x7f0000000040)={{0x0, 0x989680}}, &(0x7f0000000080))

585.053672ms ago: executing program 3 (id=3056):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x182000, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x800, 0xa0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, {0x10, 0x8}, {0x8, 0x8, 0x1f}, {0x0, 0x8}, {0x0, 0xa, 0xfffffffd}, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffc, 0x400009, 0x6, 0x0, 0x17, 0x200, 0x1, 0x6})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r4, 0xc25c4110, &(0x7f0000000100)={0x6, [[0x1, 0x1797, 0x15e, 0x9fc, 0x0, 0x1], [0x1ffffffe, 0x3, 0x2, 0x10, 0x0, 0xfffbffff, 0xfffffffd], [0x3, 0x3, 0x40000000, 0x4, 0x0, 0x3bc9, 0x2, 0x1]], '\x00', [{0xffffffff, 0x0, 0x0, 0x1, 0x1}, {0x1fb, 0x0, 0x0, 0x1}, {0x4000000, 0x4000b}, {0x5, 0x6}, {0x2000000, 0x6}, {}, {}, {}, {0x8, 0x7}, {0x0, 0x400}, {0xfffffffc}], '\x00', 0x1})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x5c}}, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
socket$netlink(0x10, 0x3, 0x15)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
fanotify_init(0x20, 0x400)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="5800000002060300000034e40000000000000008050005000a000000050001000600000005000400000000000900020073797a310000000011000300686173683a69702c706f7274000000000c00078008000640"], 0x58}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="54000000090601170000000000000000020000000900020073797a310000000005000100070000402c0007801800018014000240fe80000000000000000000007649ec6106000440000400000500070006"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

584.776157ms ago: executing program 4 (id=3057):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00')
preadv(r0, &(0x7f0000001200)=[{&(0x7f0000000000)=""/91, 0x5b}], 0x1, 0x801, 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f000000c3c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000080)={0x50, 0x0, r2, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}, 0x50)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x2)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setresgid(0xee00, 0x0, 0xffffffffffffffff)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, 0x0)

309.26831ms ago: executing program 2 (id=3058):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r2}, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
close(0x3)
ptrace$ARCH_SHSTK_ENABLE(0x1e, 0x0, 0x3, 0x5001)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000019400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xf8, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x32}, 0xa, @in6=@private1, 0x0, 0x4}]}]}, 0xf8}}, 0x0)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
r5 = creat(&(0x7f0000000080)='./file0\x00', 0xc7)
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000f40)={0x101, "7bb9595931028deda525e19bdeffafde2500f6d15c9e31df9454310ad7c18e65", <r7=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r7, 0xc0303e03, &(0x7f0000000040)={"7fb2df6bd031fdbf10a72e99a98b36457a6b7e3ced417ef90d6cf8df026cfec8", r5})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)={0x90, 0x2, 0x6, 0x0, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_DATA={0x3c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xffffff01}]}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_SIZE={0x8, 0x17, 0x1, 0x0, 0x401}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x90}, 0x1, 0x0, 0x0, 0x4000000}, 0x840)
sendmmsg$inet(r3, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf1c)

308.991735ms ago: executing program 4 (id=3059):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000540)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="03000000000000002000128008000100677265001400028008000600ac14142e08000700e000030a08000a00", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x24040000}, 0x2000800)
socket(0x10, 0x3, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r0=>0x0)
io_pgetevents(r0, 0x5, 0x5, &(0x7f0000000340)=[{}, {}, {}, {}, {}], &(0x7f0000000000), &(0x7f0000000100)={&(0x7f00000000c0), 0x8})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fbfff7ff00000000000000bc850000002300000085000080469aab22e624b66841001100"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
socket$igmp(0x2, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x140)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r3 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
write$FUSE_IOCTL(r3, &(0x7f0000000100)={0x20}, 0xfdef)
read$FUSE(r3, &(0x7f0000000240)={0x2020}, 0xffa6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeec, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000001280)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000380)=""/226}, {&(0x7f0000000300)=""/33}, {&(0x7f0000000480)=""/185}, {&(0x7f00000005c0)=""/83}], 0x0, &(0x7f0000000640)=""/79}, 0x7fb7}, {{&(0x7f0000000700)=@l2={0x1f, 0x0, @fixed}, 0x0, &(0x7f0000000800)=[{&(0x7f0000000780)=""/87}, {&(0x7f0000000900)=""/194}, {&(0x7f0000000a00)=""/76}, {&(0x7f0000000b00)=""/245}, {&(0x7f0000000c00)=""/67}, {&(0x7f0000000c80)=""/87}], 0x0, &(0x7f0000000d00)=""/152}, 0x3}, {{&(0x7f0000000dc0)=@in={0x2, 0x0, @private}, 0x0, &(0x7f0000001180)=[{&(0x7f0000000e40)=""/135}, {&(0x7f0000000a80)=""/60}, {&(0x7f0000000f80)=""/221}, {&(0x7f0000000f00)=""/34}, {&(0x7f0000001080)=""/236}]}, 0xeaff}, {{&(0x7f00000011c0)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x0, &(0x7f0000001240)}, 0xfd32}], 0x80000f7, 0x122, 0x0)
mount(&(0x7f0000002280)=@sg0, 0x0, &(0x7f00000000c0)='affs\x00', 0xa48410, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r6, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)

229.655081ms ago: executing program 3 (id=3060):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000009c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040844)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x4000050, 0x0, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000004c0), 0x208e24b)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r5 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r6, 0x110, 0x3)
mount(&(0x7f0000000200)=@sr0, &(0x7f0000000280)='./bus\x00', &(0x7f0000000040)='ecryptfs\x00', 0x0, 0x0)
cachestat(r4, &(0x7f0000000040), &(0x7f000009de80), 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000040)={{@my=0x1, 0x10005}, @hyper, 0x0, 0x1, 0xa, 0xfffffffffffffffd, 0x0, 0x8, 0x1})

0s ago: executing program 2 (id=3061):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe", 0x2c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722", 0x44}], 0x3, 0x0, 0x0, 0x40}], 0x1, 0x40800)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = creat(&(0x7f0000000200)='./file0\x00', 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="01000000080000000200000004"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000080000850000002d00000018110000", @ANYRES32=r0, @ANYRES64=r3], &(0x7f0000000100)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
splice(r2, 0x0, r4, 0x0, 0x8000, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40046f41, &(0x7f0000000440)=0x1f)
ioctl$SNDRV_PCM_IOCTL_PREPARE(r4, 0x4140, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], 0x0, 0x400092, &(0x7f00000001c0)=[{}], 0x8, 0x10, &(0x7f0000000200), &(0x7f0000000240), 0x8, 0xf3, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x88040, 0x0)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r9, &(0x7f0000002100)={0x2020, 0x0, <r10=>0x0}, 0x2020)
syz_fuse_handle_req(r9, &(0x7f00000062c0)="23db5037805f177d136115e6a1a5903469af39c1fb9cb38215fe64cff9f2f0444a57e22b0cc5cb4f74c9792365400d9e1c68539ea5eff0a5ed0864814d39251bee8dfea69aa052d900bc0c792e1c9752b7d3a3222f6a1ad3e44c1f65617b128aea51911861ca36ba7c96b96b2fba0fdaa49ffb2612f3e81fe565327dd9965a60046442c9dcd0d552c6a00388be3b438a08883c7349761531880294ad9887db97d8c2f74921c57910cf1f5cc528e17bd5c3746b6202f26d621535aac5f7872c2cb3295e42524b5acb249b2d1ac1b53a4e31271decfca3fad2e2f740768adf00875c18cb7d115150f83ceb73f77a1f61f1666c2bb9f6bd9f0fb55b3a619446e32bae2a1d99aa49e5f3822e048f8be44b707f2db10d7916ec9a10a695d573d871cf24959c3d15e61344a68309d186956537c6ea8532fc2e1c7649f8409d8dcde4c8ee1530470ac9c870f9f1837574e444ba6addf5ddb2dec67c0e76df79f265b403818dddb4efc27c90985ed69a48b12056e548f9c99edf80d2b195d26acb1127661727a0600257f4b2546513d03930a0638a71bd3223e51fbb75c832ef737907f2f4d3f0505f431ea02783c798b5c4579c99961fb73dc623a0d99c1b306435464d413b537d42c6444851b36482597140b22fbc0ebc7e795b2f96739bf139f5823bc869ede547da4f394fa1b1787836095e1013264042e53d5006ea059d0488cb2f5ccd44b30d25ea53c2dda71d112d7d441dbfc9f8462c99c098b1958c80b237d83c32f2759c9a9c081d7d7666a477cfda59354309b09f2a8b9f6c3077b0df1e8d0c71ac07232de4f437107cb0eb9b47b2267efe31938a337cf11cadad72ced56895bb14763cca5bdadd245d801e829a1eb3bb4ed851a345918efd2dcf8d38f66badc773068e6a2ef59b2bb838abd8b043cf6ac54550f3fde1bbb9e761095e4b8ef1891757d376be1f778142610c0acbbfc697f51fbb7a1602ed46e82813c74f41ee2bae818174809f3692084bea7310ebec3d6166702ae62aad84313e19b4d145167185ea8d53cb21d099fb592d7d7f8bc305dd375b5c0cd73be44f49ff53cee220085d4706bbf50c6f63b02e7e805e8fa4c73046a57a8700886da29ea53e5a316e7b011c44a0f7be5cc5cb5641ba0069ff591eee18966c7f005ef40046a5fe2bf325b2545b009867761264aa9611d184fa372ba3c5c33d9a50717210f7cec7f6dc4418a87a797eb6aaf6ab3892bd3f559547c88d8c29646c8173fad1588f52beb34ff863be65e7ec1598cfb465f270bd5532fa7035aae077eedbc846058fa19f58ffb1cf0f1863f6d33f2e5c454d18b66be766ca369af2cc9656fa34c6c10e4d4da44ce5e2370aaf60c4e130da331d3489e8f44c600246323409fdd35d11da27128c9d64be65dd3a90c1546a6eb9185cb6d3a4a9cfad0e41ea03896fd2346f745eb3563d7a79fd345b037c040e56f0677840bf9b0d295bcfa98b931464c5ce9fcaf745720deac2d8b4edeffc0fe6f089ed7c3880959fcf8e31f7b7054bc4f5c9d3ed3f66c968d0bc20b2d66c374f030f3f1965f43a98519e527caf693362412d523eeb38c8b016ff77f78f833d7513e4b5a53d5ed5143916673f822ceac9967b8788bc6428283181eaf8d99e48286aacf4f658a903e9f08659450f7f9483807c2e013a1d9d199f18886a8cb4e14d41c71e5731455a4394551281eca12a1bb6ae717f5da2949175d0f1f3d718b761dfc1099c7d9d8928c899ac8e936e69d19fcbfcfdee83b68ef8e15eed41a8ac0d54aa92d7d2ee58bb4799f378225ec9ba4709e5ce2b77208ecc85c22c64967a9ef3360c54d311b8917ceb7b432c90cc5e98de9327c1400f8ec89261b1d77d8874b0bbdd2c5eb59df415705de52b08b0e12c07fb7367c6d461c19f282d51e482cb4fb9ceb0249ac2d6400ca170fbd6c0063224179c616bb030a5c10102aa2eea92f1e6f5828590b250b09e6d1a9535c298a68160b7c281fecdd295dc3396c4e6eb3395d5a677d5fa95a732dfdef81f4346545dd1a74bb3aa9b516699bdf0a59165077ab459a5ffe0dbb3ef8afa7a8382a8441e0c36ffabbed8f93f4bbeb97e5f6a704bf63a0de9ccf8fef643ebc530a80920931002003b027014de317c42f861d98ef4fef66d232d9706e6bd263347384dadadaa43a7e106bbb21bd822d468ace171b3f04b996112135b63dcbd612b5888ec40da583ab549c340ddaf5d7406c3e99322c68874214356c1fd9b5f84348e629cc3487a901d1b7a2fa531b1509ac1c93de3da9f1c3773e3a2aba2b29d2419f240ae6d24ed9f14bf0b9b0f1e740a2db06dab64d6386f950bff4e4c94160ef4b832bbde3af4937b7528658b5c16a51cb22193fe99385721ce5b048d9338e289dcb40683140c413eca52c8e4b64b306f47569477379c864cfb3aa3e349262407d3935ab9a0916eb0f6db2be71a7eb8f9968dfac44995d5bff8ef617fceeaa448f5e5f8d4b39e3512fe7ae9ee1d8a0d5912b6148969ab0325f3f76e2340fbd67ce156bdf638140b3ccdb08e5049db15957915cb05db8901249b10c59cc5c3ff836290e3334eee2df387e44c57b4d6198c3749f5dc57f6c3de115ced6b43cbddd762b58f1fb40b2baf3b381febdc073142e30d2e9a1a69e8d86314221e540f195509d223b206173dc5406865d8064817c30c284c034035a63190ab86df3bae4168c58e01d2251748fd5d9d610024129e83a5730fe83cf0918790e6854ab765c78649b91c06655f0cb9e26d8432df78bbadd99583b6a8afcf177ed6f339e08c0b36a16c6d31d8a24cb6f2bc3ba58d7711b6f8b988dc3e3144be619548457d4f40509f17eeb186cb93a2928ecb951593d1907c8bbb9f4c8999caba3059c8e73dce54ad6f87bcd51d559f7759902b14e68d3b845c0b179b38f4e6f0bd3a89cbcd5ebed9972102048647da1eda5c8456442369f4ae871d4037ba26f27d27371ce57e23adca5af8dc93f934f2ef8d69ad3b2db66657b3868dd839c2b522f5461f24407ef091b77242fc70a48b7eec45f3bcbcfbc6bdc36e4b67295020a345233a32a0a0af4d03a53ef67e69716d5ae35342722afbe7558946475a9ebf5b39c18558a0011f68bc8a78590b0cb63618379a512790c42d94bb239dd3ef5b8d1036cf0391aded8802a7a447c38f231ae611aeeab9bba44cd14369473758b64108d0bc9b6bc9e9b497c2d1d2acbae7c620a55c226cf371331688eaddec61fe961c5fcef71dad45820ed0ac8dc7641d82150f1318ac15aa41e7be585b6a50da1b3cd95239ee61cfde15aba80ae8ebc21ba4540883c6f44cd35b6b97da4640c97f5a2b6efa8d184fec823abc754ab8a0db6c45c2293e90d9c154c4a3e0b9ec2b6113ce6583b80f0d234dec9a9815067244733e2134b9ba93bb9692fb44200bb5501bb109f2401e8baaf0115d795bb0346dfafaf953bed8e9a52a5b9b02d490c55fd89daf311ad5e08b070a9571f696d6df4715c8b69b840e4e03d6f361326e20d9546c47b3a63163e7df9bd260621358c166177ee7c69ed63a8c43dd4a78543aa9f922c0ef527f4aa61ff65bb14595f518412ce25a1e103df89cd4b363593da16c11d80a23a9b5ad8e3a7be8f697cecf82c8fbd889a4f743c839b67f7ba5453b10bbf59b1e4f4e821872c061a4125c0c15c1ca5164efe61a58bb54dcedc849800a6021a448d4660c3b85e2362b7cd8ce95156fbf408a09a30a8ccfc3554004e9f9a35382907eec00617e2ae1f8803146bc8c28b4f3bf3c6b183ae9248e7f05c4adce3e0b7ff29252b5be9b19431e3fe612d471f52c5c34cc12c83049189f4d2e5ca516df78766ba3449d07ef9436c68052c986d9dde8802c931194e2ce34acb8cc26663a09348b15c6c145d26306bded0d1f482803ae6dee26562b03fcb183b69ee4a0491e8776ecdadfca395cb4eac2948d4d64321a4e669f2f663eb54f05f12ed9c685835c3e79f982152dbe701073b9a4ab2932b46ee2424a5e18bbe5f25ce0b898ff6937927f4670defe430ac86021226ae055daf39b535cdc0899fcc99d15e67d66bd2dd89bb21b8d2689a8af10a1b0bd44103c469922c36fc0228d7b6febf5e366dceecf8bb1db385c8ab95d86ff09b76c2fa6282de81fd6864c495a4c8295df61a2548e1b81c3e3f30d7a41216801d6c2d1743f66ae2055756083e8bf403d436b8244ac214f4d84a693d13f299ba267401d094f2df70840e8a980622794212f0992ecf5a47980ab2cf7d5a6f12b0a489af3c3c847ac59bc89f36fbb0e08bf283b68213a17de38b3a45eade6f0b198def408f7711c16367bcc0ded794a9a323c7e7f07fad96ea9c4d7344c26e43844a27c21076b8d7cd07677602d91eac825eb5fd0631755c2dd1dbf7bce3eb3c3f7377fc6080ecd0b894e29769845725943e25932d4249abb4ab78d4e2ff2e2df42c8d884cd6bd13886cef080c6491c217abae0eec6e9d4d49eab6657f15cfd38e6cd6d0bd33198c4685ab302d0f46e42f4a5d5bb7d2840a0a8817b98a856700d4de74351896fe7d7d5a0d1bc57fb4c828aa51f9637807aeb905780f239527ed4affd83f68be8b7ad1e10d9e797ba39cdee24f7be0a0ab0ac22ea3968dac61eb4bdd522c9ce570edf63a439abfd9954bf6a16c88d86157d05477200a83255cde279b454979cee4de00e81cb44acdc4295c877566a749ab5b91d250f03d46ecc14210c196700338eea028c930ce104f20a9e7fabb0ad1d314ec1a2d97d1d1b9e09114dee0e3e513eacede01971ff85dc98634156073df4e8acd6c3aadd615adaffa7a81573813bc4ca21886ddd532021bba5c84b34c34665534db48d61903a03c1cca4ed955ca92c1e33b7664b494e3db6d1e637a49e537808a2669ebeca301691acd4fab0af197b9c7db01b7862466b568ab3a4712a25210264fb297a6b679dfc3fceb65bddd1a23d5b507a0d6da83d73b716d971c5179a92e57b9b93451eb943845a549de737f2d082a83682c32649b4941e787758ead9d2c256b2b4ed1e0255952ce83cccecc39e5bbdd38490f1960b26e5379943be3d9a64b5149c84d577e5fd099560baa292befa06ce9065fb03ed432a9e055ca4ad0e952f8368b3d230fd5239726f79f4c98a0b4a9648382b245d324cb61049562f765f923fc657ef36747658494d78590a1e27a2d09856acf50c3b26271c6d5aa96e8ff9bdb9043859665e21ea53a050c335cac414bbf27b0328ac2c7450acb26b093bf232358afd1135ee50ac3fb26b5f0256ccdd37033c8a59740607cfd549d4c6540afe4a6b4425ae1f633872dcfb5da8d0547cf0c4888817b71fbc7c45b2a641e9c1a76b6a6be124402422ada35edc02ed997d6b87b361aee95a16d2c528d89a52fe40dfd83434969bd86f02e63fc1ae72941209af39a08cfbb4c320bc47d853f5dbaf0cd60ec54608aadbc382fa6b5cab3e9cac57bea26609f4c79f6a6b4eb4a9336fa95783b0c0c366f36d5d6b8310b3cfdb800207919a131bc7f984f7fa11fd0bf2c89e060e9d1286e453fe97363ef72bd6eba29a85ffeccdc3bee72e12284333a5a40622c01619558d2750fc45abfa22059ebdf743f8e50ad29770d19f84d8a34232d6918514769b3bb2a1ea5e59e9556332ba669675764458e9349a1835c501a93e91dd3b31018979880a9913f54ec1e8526b8cffcb776b97fbb9424faa5c5eb60d2ac74955bba4b5182571d0d9f84f0df1baa722b20a78c9c0011c667f688b58489c9e450d83e40ac5eb41c5564b6d76a226448abe4a3f499927074125aa9c0e7e704c36df5bb110a0f15f8433a470e81db414827d5ce21ca1da1c8d51d746d1e1ca110127c15e92afd75d3cd05ce0b632cfa03745de3cdd4b57373d46676583c89f045c26c6fc5793e5489555ced08f83ba351135834a2028113c319af30cc85bc01a7f8208822d7d607aed0d2e12c80aa009100441b75beaccfe0adbda7e8bb870edf4963158794c8c3a5baacf6eec7b5efaefb7602dab8409d161beeb281cba21f1da0ccdc092d0433fb940d79699ffeb87ea775829a6e7e3b308a2ee0b7aec8ac5f35eed61be374c7c77196f7119a8882deff68230f461cb917b0ccb2b8597efcbdd1003b7b77b2c601ebd4b45c35b8426f7b9138ab3df0ec00819604ab8e1e64cf2aa2282b1269585af127a268cd207f964edff172e555398a16df44bdc52889538c3a27f8fbfffb61f7aeb55b259952bbfea81d73058d8b0f78ece9dc08e660437d21d4e3ec38b19e5afda7a6e33023f9158db8a1c14dabd9b8b307ddc66927f7b19df5e0da2237d98ddd890b81f1963808977d02198e8ae2e97419dbb1f8e51cad36a3424b955500fbdaab6ff8dbf028708b1f951fe43864b59b6c2368b816c98023d4480a91b3f1059e9c214bf55a7f8c7da907f79ff5568fd787d3aa022ab9d03cde551f7e3295f02c4f3aa37e4cebdd968c0f82f09eb004fbdb1a4ef3a0d426691bde3964c29ea65622f5d3ffd854053545ba1ec164495e4bef4845439c058f9438d13be7922b656db499c246ee6176a15b97e6a68e42f0c703033b699504e1f92b43054c7237199bd013d96faab47433b6b3f91dc66368706439d4ef7da3942ce8b9c1c9a9d0643fc4540e7d3f1c3821267e866cacd3e904be9f9df80381eec09eb2b0d745ff03ffb199b917a14fdd8fbfbffe8bfb0cf7023aa7183301a8a41e7097ff9f5247f8b78f7d08bbfc596a81047807cf0929677222e7e9e921b294e04088c3746d8dc19294645f1c093a21b4c5e6d92e54dd90465b11dd5d9d42af849070edff4ec63970f4088daaa33afdebb28d01df5ee043a8150ab1b25d864ef31e20c84696596cfbea92d02ea29c4a3933c41ec68aee7d68d7eea7f30d8920e14e62be42bcf856d7a58f46fdb2438b023e974f77281c5a462553627e9614504cbd3f1cae6e0fd9f7e89d9bce48946d0508616fbe542303dc542982c61d7bb4afbf3e76bf1fb2381cdc99f2175ef944dcd826aabdca2b7678db5262733c69ce504c38e7deb7adfb9b6d8bb00d8e4251e0438417ea615cde58bd76c2427b3d7a0578bbbff9fde2abbc5d60307aff0050b18176158aaedb34e283886378ff798b4f74e0a0c95d64271f1916280dd247304d9201c67f5e2640d9706add8703cac81795a0190107e2bb2941ed13738595da1c86ba0f68e2283a435cb5f162c74071a13dfe2266d05abaef080dd6b1dade115e883e04f0bb4be4d91f535ae6f822b02e814e65d2b7807d199a23d3f26209f6c9f93602a3a93ccfdebb5f8161b7928059674e15820d1848a980c8d1af5a73aadc5c402fbb6e730ba51227913ca27f0d78d331d6325d0a7926c238296b2a22b10a69cdffeb087dfe175511ed8e2cde8d7dae140e4ce92f892b129d9940e4a30b19f822ef7611b8750eaea8e55502604b7d2358c09a217af8be6c86d67cf6ff6130c971c9765d56631fe6224fbe1e833d497b534fbf6b030af93691f59295279aa1bdfb5d5d9d4668d5aea70e2b8fc117df0042e91c7e6225f27329727ed6e14a87c7943c040dfee4e5c06a20251c39a45ab4865951b0daefb9c05571fdcc21d1761945bd2b8047ccedd6f1e708646fbe61e75bb2728e8cee893d7e6f642119e786155a6cbab057d6d83b77716145119e974ad7355179d2adc3d748fa249cb58e32e6791d646240c05da4427b2f359976c8fd1486c604cb7ee647e24633d8fca8314cf1f85110ca6351156a2b26e44b040f7d2810acd36f45a3969c1fafd1a7e0bc14fd9b26593375be8e750c3f6534ffb85904d15d75fba05dac4a673de97f7543ee931724cd35474cd7ff5cf3e8abaf206f3030e92895633fa9d8499ea763601560260109dad18bd64b990531fc5377e6eaa5da050b98e1c6515ea48c7de1a15b63283d4a694cbad379356bfdac50e6c343879e29f6b9ab425600d51f257ceb35d0ca00f83cf5bd734223de716747614666ba1f1a8fa756e5f3ff0fc94fa4bd4073bddb0098cf565ee40af5732ee9218d262e5b64ad6b8118c54eeaf7072f2e15514a401779b425fa89d8abb1750e56cc3108dffdcf2d3fd86b8af4560d56f7ff0702154211f9949e3992d93e66892b297fa2d4bfe18de3fd74e96c9d30eb14fd458fdbc9e9a34e00f3280dd732520147fa2a8fa83e91dd0687501466a300015bf888c03fc08190c2753d7719acf6f84885c4c5642f466c1984f15a7716a9b608ee5f1b395726bcc8519766667d24d11e396e62ea39640c9e73e4e9e9e5076d7019ca1bebbd7097807f46b3b6fcb96ed4b433b25ec551fb176a5fa252ed1d81b0350cfdfb8069c9916495bef3a262b6668910896c0b37eee40547c663a901e92f41b417ac50e88d058d021a8f9a5783bd936cca4962bec1c9886689cc547970f9215232596392515182e563f720bb79d29baaabf0e2697de6500bc677e346847011ee3450358c0b16ca528368b5cbb8df5ab974a3cef072d20c9906fa585e0f3083ec6d8507b8561f64e65aa1aecf825fc47ad1459c87771549fd5c9a9cc094e7b1179ee1e90eff7158f28f59f029d90e708f4ec50b4f67d8b4bb7140065528354a7e25d63e92977183a0284ec22aa923210f0bfea89cca53547137381e5de0f60bc484bc2daf129b0380244f1ed4bfb674eb2791e76dce33cae684ad36620d5d67cb587f840caed316b7439b0e8c3de0e065e62680f3997369be3466670278168c9a1a644d870e3a8d0a79b2b720e8c3c51bb9133532beee64319e98714bb2e6d5c0b723962d923b0ef454361d4b3cb470bf8c39031ed4a75267f499741be15aacac92d8e6afdcb01a2e7d2dbf549ceb2a2108c4079c620f05ca1bd31d631c2c8d35ca0d73155f56ed020c25e389db356edf510ae088d11b5e4fed51d0dce4d3aa04924b09c28200ede5bec1a8f38cc5f081055e0f28d75afc4d588ca0e828d00085d150beafdda17b8df9e7d9218ea7d81f2e076412901c5ae04d6929d717fea2fcc8e5a1e69dbd7b5258799a2fa5eb108b6cc35dfab599fb27e6d75f1030b83f452af8137830337141f031942eba83123d3f87b5f01623d4613e5a44b4952c300baf3d4d3dbbfb0ad024a19b3810a174ef8453d85a25822f66e45eba2490f29de1077683ccc32e3517f88b51e010672a982f7c8591450c9ab1573143aefb61c17ebb0c92dcb0494d116b970c2a827a6b3608ae10d583d1f7d092263fa873de9f31cd59bc9491ff012059b63a9120af89477f2ccc34eee7bd66de60af64730c879128b49d31da6400c2471e0d5abf707e560574b477b8e20ca45d92182d639eb434e14aea1a3f91ad8fb60e4859b77389753990513181ea3a82884235e8520294359435cfba220502b591fc28ac36ec697442657d290bd7aad7fce53a3f1766f2bf7d55c24d7c0e9c7a71d6f1282ea1478e0a36378b50e4fee281f686bc53f50138036e2a5d6199d40caff084fde7b63b3c0a47da0791107c3218330f7c2e2c7609aba202fae5290243b6033379eb15edc572eee452008e04c9b53efd5f3d88327317b38934745bc3de4c55bd818febc7a7953bf03c4029f77177c2a974310f0485aa46252f1000dc71934947287c38ea5854f29c7b82f630afb8caf1fd880670307b155a6e7feddc019cfbbbdc18f3bc03da3bd371d93ccbf56bcb39eea55c2d113efc148127c30089d21ce6a5088dbfbcf8f8d75c19456bc962c371548634a95382acb5a0886efc46a87bdc111dc0d1e54084cea0d58054f00762c91d7fe0f0fbcf4c280f29f9cd5999a5e8c6f507f8080d7c7ea9a8685be50722cf1a082f3728dec8d6152cdc72f8da6b1805643c042f4f6780ba79cc8a2165d9d7acec8ab2f421bc3e77b51c62c4bbb262b5674ea7d2dcf9acb894d050e91b052364322a5b08bd9667249571c004fb495da7e24fc5620adda3af6848ccf238911a52bdbff766e4e279ac274afa2c2302faba25b5fe98d972a04aa13f77c0c05d7dd82b0a19f1ded8cf5f99c80e392b0aab1264a29e9fbcf0b69f6b0a9f2332e09ab74dea7277106d0883bb264e279c67e5bc69009225bf4fd1a8532f9392a011b55a73a7cf8d16a59d695b2a65b57fad64a2041f8c28804ee1a48845c5dab757d04f1d95520aa9ddb69904d6529c0e14bd789dfe37067073b3e0e136ae2aebb1c34c55b94ce942f786be4b45f801f35f7c768d91a460b92ffa57ff675f0b4b00437a07f871a8650f21b2bf7c722c1d9e860e8955fef5699ee53a5f6fe46fb9e5e17a1c69fe2538af4718b7215ad2c00c3d420589a8653ee511b809945451fb8205b19ce377c8d0253b05493c557cf2bd8ef208e8fc01beceea1acca38d025f328f28d69bcfaa3adc6d9573a3832dc3f3c758fe08cf9cd0c32acfddae81b3682869e8aa9725b64336252aeb2ee8eb78f0721aa3158217a3009948adb297c5ea45ec26cb6d963c7be47ee1b93fa136ebe73a21936df0148fa311206f8bca2e80719aeca8745ff74ddaad5182644762c66333f942d9a93c467d5f9fd5d0dbbe57480362d4bb0f760294f4eba3e1b08047d256dbda157635d21a43aff3a71f6ad574b402bb36e5270d7ed082c6fbae07771721513ae9ddb22d23b00733046c898ee6ac05ef8a51ce41919e1f241cb98e0592ace68214620ba1a748ef81131661f58f1635713ca2873e150a3e848c8d2ebd039769fda112b73050efa4d1c35dbb46ca5a7b7ccbed1dcded36af272f6838b4c1e7e6778e7e9ca3d794f275d49c9e32e768097349118d2337e7c031ada38d0cc5c04c286ff93083f6d58d73a821118c93432fda9a8c76fa2cbcc093a7decac8e4f001ecc9f67faf1c2f102120f0618469cf653bbd5fcefd4ef2bae86dc4f5393b840f9f47140cf7f46a186c21878a43612a71d3b540b9994f010ab623f878264cf46c7366d0bec5d43d481b47846091fd3cda73a9a28ceb7f839eca695c9f084a16c812475f6575ef2368c88cc6655f47663ef69ce4779fe3ccc4dd85a07a9e4c6f39f42690d231f5727f45c247a53fd8df029fcefda4f328658435892519c17205a3c715ad6bb7387d09a5e387c83f008daf626f5977c66203af1143ef7b59ccd8e3c17bb156bca317861f0b9f222ea63c044075a3a74beaf05c23d0a75caa60397d831bbe507234fff154960faf0f02776d3f9038c955bf0c1ec9c92523cf0b855c18d6ac3b35d437796420ba3dfd581dc6adac64315c1cb1a2c3a45ec4655bb2bd6e0b4a3082281ed0697a213d1d93142e96b4fd57431d2f4547451d008ab58bcd9765ccf3ca3297becd5de9e2be0263cfca09935c9334b5e687bc7e7057dc2ed03873be22200c9fe32a9497dd00a336cf4c723ead302340b5cd1fef8cd88330a9089fc93af4ef739295b94407b291bf33f4f39c936736e1166106428f8796a4b92805f4dfcf46d8692b54e40a9e8584c0eaac4caada87bb33f553eafeef5051b889402176ab766936a38ddd7e5205d2c87e133a02e84ab24ba2d889a4c4db8cbe18b271455e84da716f4a32acdbc0a5aaba25a2ec757c73847dd1c4ccb2967c651e5257692a4553dde227846bfe2977021805f46a287c835ea8dc5", 0x2000, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x10, 0xffffffffffffffda, 0x3ff, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r9, &(0x7f0000000480)={0x50, 0x0, r10, {0x7, 0x2b, 0xffffffde, 0x404, 0x4, 0xfffe, 0x2, 0x9, 0x0, 0x0, 0x100, 0x8}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40242, 0x1)
close_range(r8, 0xffffffffffffffff, 0x0)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x20000, 0x96)
ioctl$FS_IOC_SETFLAGS(r11, 0x40086602, &(0x7f0000000200)=0x1)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000340)={'syztnl2\x00', r7, 0x7, 0x8000, 0x9, 0x1c2, {{0x10, 0x4, 0x0, 0x17, 0x40, 0x66, 0x0, 0x2, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0x20}, @local, {[@noop, @timestamp={0x44, 0x28, 0x57, 0x0, 0x8, [0xfffffffa, 0x1, 0x4, 0x7, 0x0, 0x3, 0x50d, 0x31f, 0x5]}]}}}}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, &(0x7f0000000540)={&(0x7f0000000480)=[0x0, 0x0, 0x0], 0x3, 0x80800, 0x0, <r12=>0xffffffffffffffff})
recvmmsg$unix(r12, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f0000000a40)}}], 0x1, 0x40012161, 0x0)

kernel console output (not intermixed with test programs):

0
[  493.799754][T13429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  493.799763][T13429] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  493.799774][T13429] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  493.799796][T13429]  </TASK>
[  494.510488][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  494.671895][T13362] vhci_hcd: connection reset by peer
[  494.673849][T13196] vhci_hcd vhci_hcd.0: stop threads
[  494.675636][T13196] vhci_hcd vhci_hcd.0: release socket
[  494.680530][T13196] vhci_hcd vhci_hcd.0: disconnect device
[  495.540001][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  495.683418][T13468] 9p: Bad value for 'wfdno'
[  495.717845][T13470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2081'.
[  495.874776][T13474] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2082'.
[  496.063585][T13487] netlink: 'syz.3.2085': attribute type 2 has an invalid length.
[  496.197906][T13496] netlink: 'syz.3.2086': attribute type 12 has an invalid length.
[  496.200773][T13496] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2086'.
[  496.579567][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  496.769002][T13498] netfs: Couldn't get user pages (rc=-14)
[  496.883936][T13521] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2092'.
[  497.210082][T11299] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  497.628983][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  498.010567][T13544] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  498.012671][T13544] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  498.015530][T13544] vhci_hcd vhci_hcd.0: Device attached
[  498.020718][T13544] ieee802154 phy1 wpan1: encryption failed: -22
[  498.279528][T11299] usb 40-1: SetAddress Request (18) to port 0
[  498.281592][T11299] usb 40-1: new SuperSpeed USB device number 18 using vhci_hcd
[  498.409831][T13555] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2101'.
[  498.668436][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  498.691074][T13545] vhci_hcd: connection reset by peer
[  498.696690][T13198] vhci_hcd vhci_hcd.1: stop threads
[  498.708415][T13198] vhci_hcd vhci_hcd.1: release socket
[  498.710626][T13198] vhci_hcd vhci_hcd.1: disconnect device
[  498.728830][T13563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2103'.
[  499.543689][T13584] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2108'.
[  499.697936][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  499.738907][T13589] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2110'.
[  500.737425][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  500.951499][T13617] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  500.954499][T13617] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  500.958679][T13617] vhci_hcd vhci_hcd.0: Device attached
[  501.149332][T13622] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2119'.
[  501.301253][ T1326] usb 42-1: SetAddress Request (38) to port 0
[  501.303507][ T1326] usb 42-1: new SuperSpeed USB device number 38 using vhci_hcd
[  501.353245][T13619] vhci_hcd: connection closed
[  501.353476][T13211] vhci_hcd vhci_hcd.2: stop threads
[  501.357836][T13211] vhci_hcd vhci_hcd.2: release socket
[  501.359849][T13211] vhci_hcd vhci_hcd.2: disconnect device
[  501.487016][ T1326] usb 42-1: enqueue for inactive port 0
[  501.777212][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  501.907465][ T1326] usb usb42-port1: attempt power cycle
[  501.945490][T13631] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2122'.
[  501.949799][T13631] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2122'.
[  502.507784][ T1326] usb usb42-port1: unable to enumerate USB device
[  502.816364][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  502.851251][T13657] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2129'.
[  503.377133][T11299] usb 40-1: device descriptor read/8, error -110
[  503.742344][T13675] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  503.744827][T13675] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  503.748666][T13675] vhci_hcd vhci_hcd.0: Device attached
[  503.770048][T11299] usb usb40-port1: attempt power cycle
[  503.919289][T13676] vhci_hcd: connection closed
[  503.919500][T13196] vhci_hcd vhci_hcd.3: stop threads
[  503.923088][T13196] vhci_hcd vhci_hcd.3: release socket
[  503.928512][T13196] vhci_hcd vhci_hcd.3: disconnect device
[  504.159965][T13699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2140'.
[  504.191013][T13699] vxlan0: entered promiscuous mode
[  504.197841][T13211] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  504.226608][T13211] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  504.229711][T13211] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  504.232664][T13211] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  504.294001][T13696] netfs: Couldn't get user pages (rc=-14)
[  504.337019][T11299] usb usb40-port1: unable to enumerate USB device
[  506.018154][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  507.044519][T13742] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  507.066009][T13745] netlink: 'syz.3.2153': attribute type 11 has an invalid length.
[  507.068619][T13745] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2153'.
[  507.085643][T13745] netlink: 'syz.3.2153': attribute type 11 has an invalid length.
[  507.088592][T13745] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2153'.
[  507.926137][T13757] FAULT_INJECTION: forcing a failure.
[  507.926137][T13757] name failslab, interval 1, probability 0, space 0, times 0
[  507.930072][T13757] CPU: 0 UID: 0 PID: 13757 Comm: syz.1.2156 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  507.930089][T13757] Tainted: [L]=SOFTLOCKUP
[  507.930092][T13757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  507.930099][T13757] Call Trace:
[  507.930103][T13757]  <TASK>
[  507.930107][T13757]  dump_stack_lvl+0x100/0x190
[  507.930124][T13757]  should_fail_ex.cold+0x5/0xa
[  507.930141][T13757]  should_failslab+0xc2/0x120
[  507.930157][T13757]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  507.930172][T13757]  ? __alloc_skb+0x156/0x410
[  507.930188][T13757]  ? __alloc_skb+0x156/0x410
[  507.930202][T13757]  __alloc_skb+0x156/0x410
[  507.930214][T13757]  ? __alloc_skb+0x35d/0x410
[  507.930228][T13757]  ? __pfx___alloc_skb+0x10/0x10
[  507.930241][T13757]  ? __pfx_netdev_run_todo+0x10/0x10
[  507.930256][T13757]  ? __pfx___nla_validate_parse+0x10/0x10
[  507.930270][T13757]  ? rcu_is_watching+0x12/0xc0
[  507.930283][T13757]  nl80211_get_reg_do+0x7e/0xa30
[  507.930295][T13757]  ? __nla_parse+0x40/0x60
[  507.930306][T13757]  ? __pfx_nl80211_get_reg_do+0x10/0x10
[  507.930318][T13757]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  507.930330][T13757]  ? nl80211_pre_doit+0x19a/0xae0
[  507.930344][T13757]  genl_family_rcv_msg_doit+0x214/0x300
[  507.930357][T13757]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  507.930368][T13757]  ? genl_get_cmd+0x3ef/0x720
[  507.930382][T13757]  ? __dev_queue_xmit+0x7fd/0x46f0
[  507.930395][T13757]  ? __radix_tree_lookup+0x217/0x2b0
[  507.930409][T13757]  genl_rcv_msg+0x560/0x800
[  507.930422][T13757]  ? __pfx_genl_rcv_msg+0x10/0x10
[  507.930433][T13757]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  507.930444][T13757]  ? __pfx_nl80211_get_reg_do+0x10/0x10
[  507.930454][T13757]  ? __pfx_nl80211_post_doit+0x10/0x10
[  507.930472][T13757]  netlink_rcv_skb+0x159/0x420
[  507.930481][T13757]  ? __pfx_genl_rcv_msg+0x10/0x10
[  507.930493][T13757]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  507.930508][T13757]  ? netlink_deliver_tap+0x1ae/0xcc0
[  507.930526][T13757]  genl_rcv+0x28/0x40
[  507.930535][T13757]  netlink_unicast+0x5aa/0x870
[  507.930553][T13757]  ? __pfx_netlink_unicast+0x10/0x10
[  507.930575][T13757]  netlink_sendmsg+0x8b0/0xda0
[  507.930593][T13757]  ? __pfx_netlink_sendmsg+0x10/0x10
[  507.930612][T13757]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  507.930628][T13757]  ____sys_sendmsg+0xa54/0xc30
[  507.930641][T13757]  ? __pfx_____sys_sendmsg+0x10/0x10
[  507.930659][T13757]  ___sys_sendmsg+0x190/0x1e0
[  507.930672][T13757]  ? __pfx____sys_sendmsg+0x10/0x10
[  507.930701][T13757]  __sys_sendmsg+0x170/0x220
[  507.930717][T13757]  ? __pfx___sys_sendmsg+0x10/0x10
[  507.930737][T13757]  ? __pfx_ksys_write+0x10/0x10
[  507.930753][T13757]  __do_fast_syscall_32+0xde/0x660
[  507.930768][T13757]  do_fast_syscall_32+0x32/0x70
[  507.930781][T13757]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  507.930795][T13757] RIP: 0023:0xf7f31579
[  507.930804][T13757] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  507.930814][T13757] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  507.930829][T13757] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  507.930835][T13757] RDX: 0000000020004880 RSI: 0000000000000000 RDI: 0000000000000000
[  507.930841][T13757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  507.930847][T13757] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  507.930853][T13757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  507.930867][T13757]  </TASK>
[  508.263425][T13767] tmpfs: Unknown parameter 'q��'
[  508.579014][T13774] bridge0: port 1(syz_tun) entered blocking state
[  508.587110][T13774] bridge0: port 1(syz_tun) entered disabled state
[  508.598629][T13774] syz_tun: entered allmulticast mode
[  508.616249][T13774] syz_tun: entered promiscuous mode
[  508.682071][T13772] lo speed is unknown, defaulting to 1000
[  508.688770][T13772] lo speed is unknown, defaulting to 1000
[  508.701777][T13779] tun0: tun_chr_ioctl cmd 1074025675
[  508.703626][T13779] tun0: persist disabled
[  508.878413][T13783] lo speed is unknown, defaulting to 1000
[  508.892711][T13783] lo speed is unknown, defaulting to 1000
[  509.217703][T13796] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2168'.
[  510.027319][T13813] lo speed is unknown, defaulting to 1000
[  510.029710][T13813] lo speed is unknown, defaulting to 1000
[  511.265127][T13858] FAULT_INJECTION: forcing a failure.
[  511.265127][T13858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  511.270237][T13858] CPU: 1 UID: 0 PID: 13858 Comm: syz.2.2180 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  511.270275][T13858] Tainted: [L]=SOFTLOCKUP
[  511.270280][T13858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  511.270289][T13858] Call Trace:
[  511.270296][T13858]  <TASK>
[  511.270303][T13858]  dump_stack_lvl+0x100/0x190
[  511.270326][T13858]  should_fail_ex.cold+0x5/0xa
[  511.270352][T13858]  _copy_to_user+0x32/0xd0
[  511.270377][T13858]  io_query+0x3c0/0x6e0
[  511.270402][T13858]  ? __pfx_io_query+0x10/0x10
[  511.270421][T13858]  ? find_held_lock+0x2b/0x80
[  511.270440][T13858]  ? rcu_is_watching+0x12/0xc0
[  511.270455][T13858]  ? finish_task_switch.isra.0+0x204/0xb70
[  511.270477][T13858]  ? rcu_is_watching+0x12/0xc0
[  511.270499][T13858]  __do_sys_io_uring_register+0x626/0x1650
[  511.270526][T13858]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  511.270549][T13858]  ? __pfx___do_sys_io_uring_register+0x10/0x10
[  511.270578][T13858]  ? __pfx___schedule+0x10/0x10
[  511.270596][T13858]  ? fput+0x79/0x100
[  511.270616][T13858]  ? ksys_write+0x1ac/0x250
[  511.270637][T13858]  __do_fast_syscall_32+0xde/0x660
[  511.270663][T13858]  do_fast_syscall_32+0x32/0x70
[  511.270685][T13858]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  511.270709][T13858] RIP: 0023:0xf7f36579
[  511.270720][T13858] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  511.270738][T13858] RSP: 002b:00000000f53b450c EFLAGS: 00000292 ORIG_RAX: 00000000000001ab
[  511.270754][T13858] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 0000000000000023
[  511.270765][T13858] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  511.270774][T13858] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  511.270782][T13858] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  511.270792][T13858] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  511.270814][T13858]  </TASK>
[  513.104444][T13916] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2195'.
[  513.158998][T13917] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2195'.
[  513.523693][T13196] smc: removing ib device syz1
[  513.537426][    T9] syz1: Port: 1 Link DOWN
[  513.675770][T13932] lo speed is unknown, defaulting to 1000
[  513.678358][T13932] lo speed is unknown, defaulting to 1000
[  513.704737][T13933] vcan0: tx drop: invalid da for name 0x0000000000000001
[  513.884285][T13936] syzkaller0: entered promiscuous mode
[  513.886174][T13936] syzkaller0: entered allmulticast mode
[  515.246792][T13962] tipc: Enabled bearer <eth:ip6gre0>, priority 10
[  515.977977][T13944] ubi31: detaching mtd0
[  516.028468][T13944] ubi31: mtd0 is detached
[  516.641188][T13981] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  516.699245][T13986] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  516.761113][T13990] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  516.762594][T13991] fuse: Bad value for 'user_id'
[  516.766595][T13991] fuse: Bad value for 'user_id'
[  518.383876][T14010] fuse: Bad value for 'fd'
[  518.441947][T14012] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2224'.
[  519.936277][T14021] netlink: 'syz.2.2227': attribute type 2 has an invalid length.
[  520.640908][T14025] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2228'.
[  520.993878][T14034] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2231'.
[  521.356054][T14046] netlink: 107460 bytes leftover after parsing attributes in process `syz.0.2234'.
[  521.373886][T14046] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2234'.
[  521.378718][T14046] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2234'.
[  521.381863][T14046] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2234'.
[  522.261173][T14064] fuse: Bad value for 'fd'
[  522.374669][T14068] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2242'.
[  522.915245][   T64] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  522.935264][   T64] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  522.939674][   T64] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  522.943395][   T64] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  522.957856][   T64] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  522.971327][ T5938] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  522.974608][ T5938] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  522.977586][ T5938] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  522.980233][ T5938] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  522.982983][ T5938] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  523.013781][T14087] lo speed is unknown, defaulting to 1000
[  523.035374][T14087] lo speed is unknown, defaulting to 1000
[  523.172546][T14087] chnl_net:caif_netlink_parms(): no params data found
[  523.191801][T14101] hub 8-0:1.0: USB hub found
[  523.194207][T14101] hub 8-0:1.0: 1 port detected
[  523.225806][T14087] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.228389][T14087] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.230723][T14087] bridge_slave_0: entered allmulticast mode
[  523.233457][T14087] bridge_slave_0: entered promiscuous mode
[  523.238634][T14087] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.241164][T14087] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.243572][T14087] bridge_slave_1: entered allmulticast mode
[  523.246357][T14087] bridge_slave_1: entered promiscuous mode
[  523.263588][T14087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  523.268160][T14087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  523.290414][T14087] team0: Port device team_slave_0 added
[  523.293875][T14087] team0: Port device team_slave_1 added
[  523.309007][T14087] batman_adv: batadv0: Adding interface: batadv_slave_0
[  523.311464][T14087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  523.320084][T14087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  523.324662][T14087] batman_adv: batadv0: Adding interface: batadv_slave_1
[  523.327362][T14087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  523.335905][T14087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  523.360002][T14087] hsr_slave_0: entered promiscuous mode
[  523.362563][T14087] hsr_slave_1: entered promiscuous mode
[  523.365031][T14087] debugfs: 'hsr0' already exists in 'hsr'
[  523.367397][T14087] Cannot create hsr debugfs directory
[  523.447962][T14087] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.463001][T14109] syzkaller0: entered promiscuous mode
[  523.464807][T14109] syzkaller0: entered allmulticast mode
[  523.521675][T14087] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.622478][T14087] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.742548][T14087] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.796970][T14117] lo speed is unknown, defaulting to 1000
[  523.799603][T14117] lo speed is unknown, defaulting to 1000
[  524.076502][T14087] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  524.141200][T14087] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  524.145817][T14087] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  524.150600][T14087] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  524.201270][T14087] 8021q: adding VLAN 0 to HW filter on device bond0
[  524.212194][T14087] 8021q: adding VLAN 0 to HW filter on device team0
[  524.220560][T13216] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.223468][T13216] bridge0: port 1(bridge_slave_0) entered forwarding state
[  524.241459][T13211] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.244184][T13211] bridge0: port 2(bridge_slave_1) entered forwarding state
[  524.490577][T14087] 8021q: adding VLAN 0 to HW filter on device batadv0
[  524.572613][T14087] veth0_vlan: entered promiscuous mode
[  524.578184][T14087] veth1_vlan: entered promiscuous mode
[  524.592884][T14087] veth0_macvtap: entered promiscuous mode
[  524.598069][T14087] veth1_macvtap: entered promiscuous mode
[  524.606639][T14087] batman_adv: batadv0: Interface activated: batadv_slave_0
[  524.613771][T14087] batman_adv: batadv0: Interface activated: batadv_slave_1
[  524.621280][T13211] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  524.625051][T13211] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  524.629523][T13211] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  524.632440][T13211] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  524.678043][T13211] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.682530][T13211] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  524.704229][T13216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.707559][T13216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.045340][ T5938] Bluetooth: hci4: command tx timeout
[  526.746488][T14156] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  526.762048][T14158] netlink: 'syz.0.2264': attribute type 3 has an invalid length.
[  527.134236][ T5938] Bluetooth: hci4: command tx timeout
[  527.790226][T14181] fuse: Invalid rootmode
[  527.980821][T14185] fuse: Bad value for 'fd'
[  528.013772][T14187] ata3.00: invalid multi_count 16 ignored
[  528.089138][T14188] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2273'.
[  529.213404][ T5938] Bluetooth: hci4: command tx timeout
[  529.480089][T14215] dvmrp9: entered allmulticast mode
[  529.690248][T14219] netlink: 'syz.1.2284': attribute type 3 has an invalid length.
[  529.819691][T14230] xt_CT: You must specify a L4 protocol and not use inversions on it
[  529.824395][T14230] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2286'.
[  530.273560][T14243] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2290'.
[  531.292413][ T5938] Bluetooth: hci4: command tx timeout
[  531.984103][T14272] fuse: Bad value for 'fd'
[  532.045625][T14273] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2297'.
[  532.420961][T14276] CIFS mount error: No usable UNC path provided in device string!
[  532.420961][T14276] 
[  532.425099][T14276] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  534.502983][T14285] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  534.739363][T14311] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2309'.
[  535.318396][T14317] fuse: Bad value for 'fd'
[  535.375413][T14319] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2311'.
[  536.969900][ T6107] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  537.129392][ T6107] usb 8-1: Using ep0 maxpacket: 8
[  537.133459][ T6107] usb 8-1: config 0 interface 0 has no altsetting 0
[  537.136284][ T6107] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  537.140840][ T6107] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.147016][ T6107] usb 8-1: config 0 descriptor??
[  537.306764][T14326] CIFS mount error: No usable UNC path provided in device string!
[  537.306764][T14326] 
[  537.310193][T14326] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  537.565021][ T6107] mcp2221 0003:04D8:00DD.000E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  537.760518][T11299] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  537.766521][T14324] i2c i2c-2: unsupported multi-msg i2c transaction
[  537.777574][ T6107] usb 8-1: USB disconnect, device number 21
[  538.435756][T14375] fuse: Bad value for 'fd'
[  539.027546][T14377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2323'.
[  547.310249][T14410] lo speed is unknown, defaulting to 1000
[  547.312871][T14410] lo speed is unknown, defaulting to 1000
[  547.560993][T14410] lo speed is unknown, defaulting to 1000
[  547.567947][T14410] lo speed is unknown, defaulting to 1000
[  547.632951][   T40] kauditd_printk_skb: 13 callbacks suppressed
[  547.632995][   T40] audit: type=1326 audit(1770674305.627:3945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14421 comm="syz.1.2332" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0
[  548.069899][T14442] fuse: Bad value for 'fd'
[  548.914029][T11299] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  549.066559][T11299] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  549.069529][T11299] usb 8-1: config 1 has an invalid descriptor of length 56, skipping remainder of the config
[  549.072804][T11299] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  549.076797][T11299] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  549.082420][T11299] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  549.086298][T11299] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  549.088945][T11299] usb 8-1: Product: syz
[  549.090279][T11299] usb 8-1: Manufacturer: syz
[  549.097871][T11299] cdc_wdm 8-1:1.0: skipping garbage
[  549.100157][T11299] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22
[  549.309677][T11299] usb 8-1: USB disconnect, device number 22
[  549.506743][T14451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2336'.
[  549.963194][T14456] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2339'.
[  550.535877][T14464] IPv6: NLM_F_REPLACE set, but no existing node found!
[  550.587326][T14466] netlink: 'syz.0.2342': attribute type 11 has an invalid length.
[  551.034190][T14483] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2349'.
[  551.721234][   T64] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  551.728917][   T64] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  551.733087][   T64] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  551.736164][   T64] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  551.738775][   T64] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  551.771443][T14485] lo speed is unknown, defaulting to 1000
[  551.782671][T14485] lo speed is unknown, defaulting to 1000
[  552.043028][T14491] fuse: Bad value for 'fd'
[  552.101760][T14493] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2351'.
[  552.200625][T14485] chnl_net:caif_netlink_parms(): no params data found
[  552.355758][T14485] bridge0: port 1(bridge_slave_0) entered blocking state
[  552.358277][T14485] bridge0: port 1(bridge_slave_0) entered disabled state
[  552.360784][T14485] bridge_slave_0: entered allmulticast mode
[  552.366073][T14485] bridge_slave_0: entered promiscuous mode
[  552.373617][T14485] bridge0: port 2(bridge_slave_1) entered blocking state
[  552.376291][T14485] bridge0: port 2(bridge_slave_1) entered disabled state
[  552.378916][T14485] bridge_slave_1: entered allmulticast mode
[  552.384181][T14485] bridge_slave_1: entered promiscuous mode
[  552.447998][T14485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  552.458926][T14485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  552.512599][T14485] team0: Port device team_slave_0 added
[  552.519429][T14485] team0: Port device team_slave_1 added
[  552.559060][T14485] batman_adv: batadv0: Adding interface: batadv_slave_0
[  552.561200][T14485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  552.571979][T14485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  552.625866][ T5933] syz_tun (unregistering): left allmulticast mode
[  552.634356][ T5933] syz_tun (unregistering): left promiscuous mode
[  552.640129][ T5933] bridge0: port 1(syz_tun) entered disabled state
[  552.671800][T14485] batman_adv: batadv0: Adding interface: batadv_slave_1
[  552.674123][T14485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  552.692561][T14485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  552.764802][T14485] hsr_slave_0: entered promiscuous mode
[  552.767278][T14485] hsr_slave_1: entered promiscuous mode
[  552.769520][T14485] debugfs: 'hsr0' already exists in 'hsr'
[  552.771495][T14485] Cannot create hsr debugfs directory
[  552.806079][   T61] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  552.810238][   T61] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.956394][   T61] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  552.959633][   T61] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.074974][   T61] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  553.078104][   T61] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.187265][   T61] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  553.190425][   T61] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.648604][   T61] bond1 (unregistering): (slave ip6erspan0): Releasing active interface
[  553.679772][   T61] bond2 (unregistering): (slave ip6gretap2): Releasing active interface
[  553.716683][T14511] block device autoloading is deprecated and will be removed.
[  553.842867][ T5938] Bluetooth: hci2: command tx timeout
[  553.969885][   T61] bond0 (unregistering): Released all slaves
[  554.072114][   T61] bond1 (unregistering): Released all slaves
[  554.085484][   T61] bond2 (unregistering): Released all slaves
[  554.187824][   T61] tipc: Disabling bearer <udp:syz2>
[  554.191084][   T61] tipc: Left network mode
[  554.429908][T14530] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  554.513924][T14541] fuse: Bad value for 'fd'
[  554.587572][T14547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2360'.
[  554.799337][T14485] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  554.827622][   T61] hsr_slave_0: left promiscuous mode
[  554.831373][   T61] hsr_slave_1: left promiscuous mode
[  554.848833][   T61] veth1_vlan: left promiscuous mode
[  554.851526][   T61] veth0_vlan: left promiscuous mode
[  555.684868][ T1326] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  555.744351][T14569] siw: device registration error -23
[  555.761933][T14485] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  555.779657][T14485] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  555.794138][T14485] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  555.849938][ T1326] usb 8-1: Using ep0 maxpacket: 8
[  555.856497][ T1326] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  555.869943][ T1326] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  555.874236][ T1326] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  555.878359][ T1326] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  555.902562][ T1326] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  555.910957][ T1326] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.913804][ T5938] Bluetooth: hci2: command tx timeout
[  555.962068][T14485] 8021q: adding VLAN 0 to HW filter on device bond0
[  555.987926][T14485] 8021q: adding VLAN 0 to HW filter on device team0
[  555.996286][T13211] bridge0: port 1(bridge_slave_0) entered blocking state
[  555.998639][T13211] bridge0: port 1(bridge_slave_0) entered forwarding state
[  556.013302][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state
[  556.015633][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  556.058875][T14577] ip6t_REJECT: ECHOREPLY is not supported
[  556.134069][ T1326] usb 8-1: GET_CAPABILITIES returned 0
[  556.135708][ T1326] usbtmc 8-1:16.0: can't read capabilities
[  556.143557][   T61] IPVS: stop unused estimator thread 0...
[  556.185951][T14485] 8021q: adding VLAN 0 to HW filter on device batadv0
[  556.212506][T14485] veth0_vlan: entered promiscuous mode
[  556.217314][T14485] veth1_vlan: entered promiscuous mode
[  556.231821][T14485] veth0_macvtap: entered promiscuous mode
[  556.236019][T14485] veth1_macvtap: entered promiscuous mode
[  556.244785][T14485] batman_adv: batadv0: Interface activated: batadv_slave_0
[  556.249512][T14485] batman_adv: batadv0: Interface activated: batadv_slave_1
[  556.350376][T13216] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  556.360949][T13216] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  556.363915][T13216] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  556.366838][T13216] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  556.407506][T13216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  556.414717][T13216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  556.472608][T13216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  556.475712][T13216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  557.210129][ T6020] usb 8-1: USB disconnect, device number 23
[  557.346808][T13211] tipc: Resetting bearer <eth:ip6gre0>
[  557.393795][T14590] 9p: Bad value for 'rfdno'
[  557.407202][T13211] tipc: Disabling bearer <eth:ip6gre0>
[  557.443991][T13211] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  557.448778][T13211] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  557.679454][ T6020] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  557.723705][T13211] bond0 (unregistering): Released all slaves
[  557.860685][ T6020] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  557.863476][ T6020] usb 5-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[  557.866679][ T6020] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  557.879528][ T6020] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  557.932432][ T6020] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  557.935337][ T6020] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  557.937905][ T6020] usb 5-1: Product: syz
[  557.948940][ T6020] usb 5-1: Manufacturer: syz
[  557.956142][ T6020] cdc_wdm 5-1:1.0: skipping garbage
[  557.957898][ T6020] cdc_wdm 5-1:1.0: skipping garbage
[  557.961076][ T6020] cdc_wdm 5-1:1.0: skipping garbage
[  557.967174][ T6020] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[  557.989553][ T5938] Bluetooth: hci2: command tx timeout
[  558.009973][T13211] bond1 (unregistering): Released all slaves
[  558.020417][T13211] bond2 (unregistering): Released all slaves
[  558.177196][ T6020] usb 5-1: USB disconnect, device number 21
[  558.254455][T14602] syzkaller0: entered promiscuous mode
[  558.256845][T14602] syzkaller0: entered allmulticast mode
[  558.345721][T13211] tipc: Disabling bearer <udp:s>
[  558.347400][T13211] tipc: Left network mode
[  559.110243][T14627] 9p: Bad value for 'rfdno'
[  560.068316][ T5938] Bluetooth: hci2: command tx timeout
[  560.828190][   T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  560.869288][   T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  560.877816][   T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  560.881551][   T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  560.884965][   T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  560.914209][T14638] lo speed is unknown, defaulting to 1000
[  560.916631][T14638] lo speed is unknown, defaulting to 1000
[  560.993361][T14638] chnl_net:caif_netlink_parms(): no params data found
[  561.102336][T14638] bridge0: port 1(bridge_slave_0) entered blocking state
[  561.105005][T14638] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.108082][T14638] bridge_slave_0: entered allmulticast mode
[  561.112659][T14638] bridge_slave_0: entered promiscuous mode
[  561.117732][T14638] bridge0: port 2(bridge_slave_1) entered blocking state
[  561.119903][T14638] bridge0: port 2(bridge_slave_1) entered disabled state
[  561.122124][T14638] bridge_slave_1: entered allmulticast mode
[  561.124732][T14638] bridge_slave_1: entered promiscuous mode
[  561.392722][T14655] netlink: 'syz.3.2382': attribute type 1 has an invalid length.
[  561.395281][T14655] netlink: 'syz.3.2382': attribute type 2 has an invalid length.
[  561.502610][T13211] IPVS: stopping backup sync thread 8384 ...
[  561.515259][T14638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  561.521707][T14638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  561.538182][T14638] team0: Port device team_slave_0 added
[  561.541789][T14638] team0: Port device team_slave_1 added
[  561.555142][T14638] batman_adv: batadv0: Adding interface: batadv_slave_0
[  561.557709][T14638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  561.567371][T14638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  561.572279][T14638] batman_adv: batadv0: Adding interface: batadv_slave_1
[  561.574763][T14638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  561.584922][T14638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  561.614715][T14638] hsr_slave_0: entered promiscuous mode
[  561.617476][T14638] hsr_slave_1: entered promiscuous mode
[  561.619701][T14638] debugfs: 'hsr0' already exists in 'hsr'
[  561.621814][T14638] Cannot create hsr debugfs directory
[  561.744547][T14638] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  561.749664][T14638] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.838732][T14638] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  561.843029][T14638] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.927341][T14638] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  561.931949][T14638] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  562.028903][T14638] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  562.032121][T14638] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  562.151857][T14638] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  562.156266][T14638] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  562.161236][T14638] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  562.168723][T14638] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  562.263554][T14638] 8021q: adding VLAN 0 to HW filter on device bond0
[  562.289487][T14638] 8021q: adding VLAN 0 to HW filter on device team0
[  562.301370][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[  562.303636][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  562.311237][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state
[  562.313587][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  562.484459][T13211] veth1_to_batadv: left promiscuous mode
[  562.493117][T13211] veth1_macvtap: left promiscuous mode
[  562.494890][T13211] veth0_macvtap: left promiscuous mode
[  562.506958][T13211] veth1_vlan: left promiscuous mode
[  562.508820][T13211] veth0_vlan: left promiscuous mode
[  562.951311][ T5938] Bluetooth: hci0: command tx timeout
[  564.922880][T14638] 8021q: adding VLAN 0 to HW filter on device batadv0
[  564.989743][T14638] veth0_vlan: entered promiscuous mode
[  564.995480][T14638] veth1_vlan: entered promiscuous mode
[  565.049093][T14638] veth0_macvtap: entered promiscuous mode
[  565.060094][ T5938] Bluetooth: hci0: command tx timeout
[  565.064025][T14638] veth1_macvtap: entered promiscuous mode
[  565.098482][T14638] batman_adv: batadv0: Interface activated: batadv_slave_0
[  565.116736][T14638] batman_adv: batadv0: Interface activated: batadv_slave_1
[  565.128809][   T61] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  565.138969][   T61] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  565.142594][   T61] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  565.147013][   T61] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  565.407858][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.420126][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  565.423811][T13211] IPVS: stop unused estimator thread 0...
[  565.441397][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.444643][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  566.356017][T14709] netlink: 'syz.1.2396': attribute type 4 has an invalid length.
[  567.105738][ T5938] Bluetooth: hci0: command tx timeout
[  567.426370][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  567.793341][T14726] /dev/nullb0: Can't open blockdev
[  567.826867][T14728] tmpfs: Unknown parameter 'grpquota_bloak_hardlimit'
[  568.270078][T14730] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2403'.
[  569.111648][T14747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  569.183167][ T5938] Bluetooth: hci0: command tx timeout
[  570.161735][T14751] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2410'.
[  570.164735][T14751] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2410'.
[  570.172315][T13211] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  570.177593][T13211] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  570.181301][T13211] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  570.185610][T13211] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  571.135769][T14766] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2414'.
[  572.227452][T14777] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2418'.
[  573.345923][T14793] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2423'.
[  573.741028][   T10] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  573.920757][   T10] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  573.923795][   T10] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  573.927026][   T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  573.929915][   T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  573.933997][   T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  573.938878][   T10] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  574.795967][T14818] fuse: Bad value for 'fd'
[  574.856061][T14819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2433'.
[  574.892625][   T10] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  574.897870][   T10] usb 6-1: Product: syz
[  574.899212][   T10] usb 6-1: Manufacturer: syz
[  574.930499][   T10] cdc_wdm 6-1:1.0: skipping garbage
[  574.932706][   T10] cdc_wdm 6-1:1.0: skipping garbage
[  574.940369][   T10] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  574.942340][   T10] cdc_wdm 6-1:1.0: Unknown control protocol
[  575.338409][ T6086] usb 6-1: USB disconnect, device number 25
[  576.079163][ T5938] Bluetooth: Wrong link type (-71)
[  577.197431][T14854] 9pnet_fd: Insufficient options for proto=fd
[  577.341166][ T5938] Bluetooth: hci4: unexpected cc 0x0c05 length: 0 < 1
[  577.698536][T14889] 9p: Bad value for 'rfdno'
[  577.707592][T14893] fuse: Bad value for 'fd'
[  577.763796][T14897] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2455'.
[  577.869221][T14901] Bluetooth: MGMT ver 1.23
[  578.600592][ T5938] Bluetooth: hci4: ISO packet for unknown connection handle 0
[  578.697277][T14929] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2467'.
[  578.863158][T14938] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2471'.
[  578.897935][T14944] kernel read not supported for file /eth0 (pid: 14944 comm: syz.2.2474)
[  578.900267][T14942] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2472'.
[  578.904485][   T40] audit: type=1800 audit(1770674336.923:3946): pid=14944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2474" name="eth0" dev="mqueue" ino=56473 res=0 errno=0
[  578.904935][T14942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2472'.
[  578.905277][T14944] 9pnet_fd: Insufficient options for proto=fd
[  579.808015][ T6086] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  579.978948][ T6086] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  579.979539][T14966] veth1_to_batadv: entered promiscuous mode
[  579.981709][ T6086] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  579.981723][ T6086] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  579.981746][ T6086] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  579.981759][ T6086] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  579.982884][ T6086] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  579.984604][T14966] macsec1: entered promiscuous mode
[  579.987347][ T6086] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  580.007203][ T6086] usb 5-1: Product: syz
[  580.009661][ T6086] usb 5-1: Manufacturer: syz
[  580.019522][ T6086] cdc_wdm 5-1:1.0: skipping garbage
[  580.021367][ T6086] cdc_wdm 5-1:1.0: skipping garbage
[  580.031212][ T6086] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  580.033186][ T6086] cdc_wdm 5-1:1.0: Unknown control protocol
[  580.232571][ T6086] usb 5-1: USB disconnect, device number 22
[  580.931211][T14970] binder: BINDER_SET_CONTEXT_MGR already set
[  580.937304][T14970] binder: 14968:14970 ioctl 4018620d 80000100 returned -16
[  581.509875][T14983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2486'.
[  581.788727][T15004] fuse: Bad value for 'fd'
[  581.845961][T15005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2489'.
[  582.338839][   T40] audit: type=1326 audit(1770674340.365:3947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.2.2490" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x0
[  583.086356][ T6107] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  583.257575][ T6107] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  583.337007][ T6107] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  583.340359][ T6107] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  583.347331][ T6107] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  583.350836][ T6107] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  583.359567][ T6107] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  583.362401][ T6107] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  583.364794][ T6107] usb 6-1: Product: syz
[  583.370192][ T6107] usb 6-1: Manufacturer: syz
[  583.376353][ T6107] cdc_wdm 6-1:1.0: skipping garbage
[  583.378007][ T6107] cdc_wdm 6-1:1.0: skipping garbage
[  583.380646][ T6107] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  583.382536][ T6107] cdc_wdm 6-1:1.0: Unknown control protocol
[  583.588506][ T6020] usb 6-1: USB disconnect, device number 26
[  583.862505][T15035] FAT-fs (sr0): bogus number of reserved sectors
[  583.864605][T15035] FAT-fs (sr0): Can't find a valid FAT filesystem
[  584.517854][T15039] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  584.519963][T15039] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  584.522603][T15039] vhci_hcd vhci_hcd.0: Device attached
[  584.561843][T15029] netlink: 'syz.2.2493': attribute type 10 has an invalid length.
[  584.569069][T15029] 8021q: adding VLAN 0 to HW filter on device batadv0
[  584.572581][T15029] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  584.629611][T15038] netlink: 7 bytes leftover after parsing attributes in process `syz.0.2496'.
[  584.635289][T15038] netlink: 7 bytes leftover after parsing attributes in process `syz.0.2496'.
[  584.724185][T15038] binder: 15037:15038 ioctl ae01 0 returned -22
[  584.727499][T15038] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2496'.
[  584.786771][   T53] usb 42-1: SetAddress Request (42) to port 0
[  584.789614][   T53] usb 42-1: new SuperSpeed USB device number 42 using vhci_hcd
[  584.860793][ T5938] Bluetooth: hci2: unexpected cc 0x0c05 length: 0 < 1
[  585.545607][ T6020] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  585.697312][ T6020] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  585.701607][ T6020] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  585.707049][ T6020] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  585.710940][ T6020] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  585.716581][ T6020] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  585.723245][ T6020] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  585.729015][ T6020] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  585.732667][ T6020] usb 8-1: Product: syz
[  585.734488][ T6020] usb 8-1: Manufacturer: syz
[  585.744326][ T6020] cdc_wdm 8-1:1.0: skipping garbage
[  585.748652][ T6020] cdc_wdm 8-1:1.0: skipping garbage
[  585.752615][ T6020] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  585.756271][ T6020] cdc_wdm 8-1:1.0: Unknown control protocol
[  585.957744][   T54] usb 8-1: USB disconnect, device number 24
[  586.632814][T15084] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  586.635183][T15084] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  586.638601][T15084] vhci_hcd vhci_hcd.0: Device attached
[  586.677815][T15040] vhci_hcd: connection reset by peer
[  586.696090][T13198] vhci_hcd vhci_hcd.2: stop threads
[  586.698299][T13198] vhci_hcd vhci_hcd.2: release socket
[  586.700577][T13198] vhci_hcd vhci_hcd.2: disconnect device
[  586.914367][ T6020] usb 38-1: SetAddress Request (18) to port 0
[  586.917255][ T6020] usb 38-1: new SuperSpeed USB device number 18 using vhci_hcd
[  586.977831][   T40] audit: type=1800 audit(1770674345.007:3948): pid=15084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2508" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  587.198974][T15085] vhci_hcd: connection reset by peer
[  587.204690][ T1145] vhci_hcd vhci_hcd.0: stop threads
[  587.206924][ T1145] vhci_hcd vhci_hcd.0: release socket
[  587.225094][ T1145] vhci_hcd vhci_hcd.0: disconnect device
[  587.884413][T15109] binder: 15108:15109 ioctl c0306201 80000040 returned -22
[  588.019040][T15113] netlink: 9 bytes leftover after parsing attributes in process `syz.2.2516'.
[  588.055756][T15115] netlink: 'syz.0.2517': attribute type 11 has an invalid length.
[  588.058324][T15115] netlink: 448 bytes leftover after parsing attributes in process `syz.0.2517'.
[  588.214992][T15124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2520'.
[  588.234216][ T1326] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[  588.383758][   T54] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  588.391874][T15127] netlink: 'syz.3.2521': attribute type 10 has an invalid length.
[  588.392962][ T1326] usb 6-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x24, changing to 0x4
[  588.397448][T15127] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  588.400280][ T1326] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x4 has an invalid bInterval 0, changing to 4
[  588.406429][ T1326] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x4 has invalid maxpacket 54297, setting to 1023
[  588.410236][ T1326] usb 6-1: config 0 interface 0 has no altsetting 0
[  588.418890][ T1326] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  588.421987][ T1326] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  588.424866][ T1326] usb 6-1: Product: syz
[  588.426360][ T1326] usb 6-1: Manufacturer: syz
[  588.427944][ T1326] usb 6-1: SerialNumber: syz
[  588.438155][ T1326] usb 6-1: config 0 descriptor??
[  588.458078][ T1326] usb 6-1: selecting invalid altsetting 0
[  588.523533][   T54] usb 5-1: device descriptor read/64, error -71
[  588.739783][ T1326] usb 6-1: USB disconnect, device number 27
[  588.773465][   T54] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  588.926005][   T54] usb 5-1: device descriptor read/64, error -71
[  589.033821][   T54] usb usb5-port1: attempt power cycle
[  589.111700][T15137] all (unregistering): Released all slaves
[  589.229955][T15142] netlink: 'syz.2.2525': attribute type 1 has an invalid length.
[  589.258209][T15142] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  589.261585][T15142] bond1: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  589.276715][T15142] bond1: (slave vxcan3): making interface the new active one
[  589.279736][T15142] bond1: (slave vxcan3): Enslaving as an active interface with an up link
[  589.300746][T15143] bond1: (slave vxcan5): The slave device specified does not support setting the MAC address
[  589.316628][T15143] bond1: (slave vxcan5): Enslaving as a backup interface with an up link
[  589.332165][T15143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2525'.
[  589.336595][T15143] bond1 (unregistering): (slave vxcan3): Releasing backup interface
[  589.341588][T15143] bond1 (unregistering): (slave vxcan5): Releasing backup interface
[  589.350285][T15143] bond1 (unregistering): Released all slaves
[  589.373062][   T54] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  589.377699][T15151] netlink: 'syz.1.2528': attribute type 11 has an invalid length.
[  589.381123][T15151] netlink: 448 bytes leftover after parsing attributes in process `syz.1.2528'.
[  589.393480][   T54] usb 5-1: device descriptor read/8, error -71
[  589.522844][   T40] audit: type=1326 audit(1770674347.538:3949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15153 comm="syz.3.2530" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf744d579 code=0x0
[  589.576637][T15154] orangefs_devreq_write_iter: failed to copy head.
[  589.633081][   T54] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  589.656650][   T54] usb 5-1: device descriptor read/8, error -71
[  589.763026][   T54] usb usb5-port1: unable to enumerate USB device
[  589.813460][   T53] usb 42-1: device descriptor read/8, error -110
[  590.203495][   T53] usb usb42-port1: attempt power cycle
[  590.763857][   T53] usb usb42-port1: unable to enumerate USB device
[  591.597406][T15178] comedi comedi0: comedi_config --init_data is deprecated
[  591.972470][ T6020] usb 38-1: device descriptor read/8, error -110
[  592.375153][ T6020] usb usb38-port1: attempt power cycle
[  592.949749][ T6020] usb usb38-port1: unable to enumerate USB device
[  593.316828][T15212] comedi comedi0: c6xdigio: I/O port conflict (0x3,3)
[  593.424194][T15217] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2547'.
[  593.428267][T15217] openvswitch: netlink: Flow actions attr not present in new flow.
[  593.908085][T15228] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2552'.
[  594.718956][T15247] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2557'.
[  594.754670][T15250] Cannot find del_set index 3 as target
[  594.758240][   T40] audit: type=1326 audit(1770674352.781:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.1.2558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  594.775623][   T40] audit: type=1326 audit(1770674352.791:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.1.2558" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  594.790344][   T40] audit: type=1326 audit(1770674352.791:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.1.2558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  594.808269][   T40] audit: type=1326 audit(1770674352.791:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.1.2558" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  594.818405][   T40] audit: type=1326 audit(1770674352.791:3954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.1.2558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  594.825555][   T40] audit: type=1326 audit(1770674352.791:3955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.1.2558" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  594.832823][   T40] audit: type=1326 audit(1770674352.791:3956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.1.2558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  594.909342][T15255] 9p: Could not find request transport: fd00000000000000000003
[  595.664179][T15264] netlink: 'syz.2.2561': attribute type 2 has an invalid length.
[  595.685449][T15264] �#{6c: entered promiscuous mode
[  595.696314][T15264] netlink: 'syz.2.2561': attribute type 2 has an invalid length.
[  595.699512][T15264] �#{6c: left promiscuous mode
[  595.702293][T15277] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2565'.
[  595.721614][T15277] geneve2: entered promiscuous mode
[  595.795630][T15281] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  595.797876][T15281] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  595.933981][T15281] vhci_hcd vhci_hcd.0: Device attached
[  596.219712][ T1326] usb 44-1: SetAddress Request (19) to port 0
[  596.221672][ T1326] usb 44-1: new SuperSpeed USB device number 19 using vhci_hcd
[  596.325997][T15289] PKCS8: Unsupported PKCS#8 version
[  596.641414][T15282] vhci_hcd: connection reset by peer
[  596.649783][T13198] vhci_hcd vhci_hcd.3: stop threads
[  596.651504][T13198] vhci_hcd vhci_hcd.3: release socket
[  596.653342][T13198] vhci_hcd vhci_hcd.3: disconnect device
[  596.704971][T15291] 9pnet_fd: Insufficient options for proto=fd
[  596.880825][T15297] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2571'.
[  596.946110][T15303] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  596.982267][T14720] hid-generic FFFF:0008:0003.000F: item fetching failed at offset 0/1
[  596.985314][T14720] hid-generic FFFF:0008:0003.000F: probe with driver hid-generic failed with error -22
[  597.058101][T15310] 9pnet_fd: Insufficient options for proto=fd
[  598.027148][T15322] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2588'.
[  598.179485][T15324] ptrace attach of "/syz-executor exec"[14087] was attempted by "                                                                ��\x0c��H;�'���Sde/Ȑ|�zP��иW��\x0b�P�<�I7�{���Wr�עӇam�L5��{�޶-ڨ���ظ�����E�f�YS�7�?�V�s��\x0b�M�������`���g��ر/◒��U�C�ΐ�OG�Dn��\x07��w��m}O��q�����p�]��K|I(����9�/�k��Y_�֤vqy����rƲ�.+/�n�y�]�6�B\x5c
*���Lo��� �\x0a��B�\x0d��An���\x0bptQU�olL��obB��M�����ȹ.��T3#(D�\x1b�����?-�M��M�\x0d�{�X���Lhl1G�J(��\x0a����\x07�b\x0cf��\x5c�L�e#�y�w�O%�0��,��zǂ�r�\x5cH�\x22�@)E�lĪo��=��0}�|�����m ��~�M��UK\x0b�QoDU1h$�t�Qf�\x0b�;\x0bvN�T/��rP��x0m�؇dG>�t5Q�I����0k��p��;����t�>?7~��՞��8�)>�\x0a.F�v\x5c0CP�{�\x07ԭ4OT)���%��DkfCkF 籥�;��m\x0c�v�\x0cTʪz5��m֢����v����ī'c���^ت�g_\x0bƍ��8�)c,�(q��e�B���㑻SPt4�o� 
�I�HwL#��@mU�p�E�^a��gh~d�_��9\x07r|��GJj+&ҽk(�\x07���rn�E�4�(����#ë�\x0b Y�βB��\x0aЦ&��R��`�?��L1t����իw��.M�=3�|G����s�m�g�4`|\x22{б�춋���1�[{��ȯw/B�_g�6-�qyk*�o��\x0d\x5cc8����\x5
[  598.943904][T15332] sctp: [Deprecated]: syz.0.2584 (pid 15332) Use of int in maxseg socket option.
[  598.943904][T15332] Use struct sctp_assoc_value instead
[  599.015735][T15334] comedi comedi0: Minor 3 specified more than once!
[  599.043128][T15336] 9pnet_fd: Insufficient options for proto=fd
[  599.067216][T15338] lo speed is unknown, defaulting to 1000
[  599.547428][T15363] syzkaller0: entered promiscuous mode
[  599.551378][T15363] syzkaller0: entered allmulticast mode
[  599.705791][T15367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2596'.
[  600.847148][T15374] 9pnet_fd: Insufficient options for proto=fd
[  601.247265][ T1326] usb 44-1: device descriptor read/8, error -110
[  601.647880][ T1326] usb usb44-port1: attempt power cycle
[  601.707626][  T829] usb 8-1: new full-speed USB device number 25 using dummy_hcd
[  601.755666][T15387] 9p: Bad value for 'wfdno'
[  601.858485][  T829] usb 8-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x24, changing to 0x4
[  601.863045][  T829] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x4 has an invalid bInterval 0, changing to 4
[  601.868638][  T829] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x4 has invalid maxpacket 54297, setting to 1023
[  601.873455][  T829] usb 8-1: config 0 interface 0 has no altsetting 0
[  601.877975][  T829] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  601.881668][  T829] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  601.884849][  T829] usb 8-1: Product: syz
[  601.886520][  T829] usb 8-1: Manufacturer: syz
[  601.892286][  T829] usb 8-1: SerialNumber: syz
[  601.895489][  T829] usb 8-1: config 0 descriptor??
[  601.901990][  T829] usb 8-1: selecting invalid altsetting 0
[  601.910625][T15394] 9pnet_fd: Insufficient options for proto=fd
[  602.221712][ T1326] usb usb44-port1: unable to enumerate USB device
[  603.899983][T15417] lo speed is unknown, defaulting to 1000
[  604.399418][T15435] ceph: No mds server is up or the cluster is laggy
[  604.498032][ T6086] usb 8-1: USB disconnect, device number 25
[  604.577209][T15432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2615'.
[  606.818073][T14132] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  606.828535][T15473] syz.1.2624: attempt to access beyond end of device
[  606.828535][T15473] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128
[  606.833028][T15473] gfs2: error -5 reading superblock
[  607.016125][T14132] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  607.019756][T14132] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  607.022989][T14132] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  607.027573][T14132] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  607.030608][T14132] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.042176][T14132] usb 5-1: config 0 descriptor??
[  607.284805][T15468] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2626'.
[  607.289861][T15468] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2626'.
[  607.738567][T15480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2628'.
[  608.336474][T15485] netlink: 88 bytes leftover after parsing attributes in process `syz.0.2630'.
[  608.981287][T15505] FAULT_INJECTION: forcing a failure.
[  608.981287][T15505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  608.986982][T15505] CPU: 0 UID: 0 PID: 15505 Comm: syz.0.2637 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  608.987000][T15505] Tainted: [L]=SOFTLOCKUP
[  608.987004][T15505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  608.987010][T15505] Call Trace:
[  608.987014][T15505]  <TASK>
[  608.987018][T15505]  dump_stack_lvl+0x100/0x190
[  608.987036][T15505]  should_fail_ex.cold+0x5/0xa
[  608.987054][T15505]  _copy_from_user+0x2e/0xd0
[  608.987070][T15505]  get_compat_msghdr+0xb3/0x4b0
[  608.987086][T15505]  ? __pfx_get_compat_msghdr+0x10/0x10
[  608.987106][T15505]  ___sys_sendmsg+0x1b6/0x1e0
[  608.987119][T15505]  ? __pfx____sys_sendmsg+0x10/0x10
[  608.987147][T15505]  __sys_sendmsg+0x170/0x220
[  608.987163][T15505]  ? __pfx___sys_sendmsg+0x10/0x10
[  608.987183][T15505]  ? __pfx_ksys_write+0x10/0x10
[  608.987199][T15505]  __do_fast_syscall_32+0xde/0x660
[  608.987220][T15505]  do_fast_syscall_32+0x32/0x70
[  608.987234][T15505]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  608.987247][T15505] RIP: 0023:0xf73cd579
[  608.987255][T15505] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  608.987265][T15505] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  608.987276][T15505] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000740
[  608.987283][T15505] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000
[  608.987289][T15505] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  608.987294][T15505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  608.987300][T15505] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  608.987313][T15505]  </TASK>
[  609.203674][T15512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2640'.
[  609.209431][T15512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2640'.
[  609.799320][T15518] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2641'.
[  610.864005][T15521] /dev/nullb0: Can't open blockdev
[  611.139017][   T64] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  611.145134][   T64] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  611.148273][   T64] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  611.152516][   T64] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  611.155548][   T64] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  611.210785][T15531] lo speed is unknown, defaulting to 1000
[  611.399572][T15537] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2645'.
[  611.425656][T15531] chnl_net:caif_netlink_parms(): no params data found
[  611.488817][T13746] syz_tun (unregistering): left promiscuous mode
[  611.606641][T15531] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.609827][T15531] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.613945][T15531] bridge_slave_0: entered allmulticast mode
[  611.618232][T15531] bridge_slave_0: entered promiscuous mode
[  611.622529][T15531] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.624971][T15531] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.628047][T15531] bridge_slave_1: entered allmulticast mode
[  611.631556][T15531] bridge_slave_1: entered promiscuous mode
[  611.659225][T15531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  611.665903][T15531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  611.683648][T15531] team0: Port device team_slave_0 added
[  611.686792][T15531] team0: Port device team_slave_1 added
[  611.700806][T15531] batman_adv: batadv0: Adding interface: batadv_slave_0
[  611.703558][T15531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  611.711610][T15531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  611.716347][T15531] batman_adv: batadv0: Adding interface: batadv_slave_1
[  611.718538][T15531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  611.727146][T15531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  611.750374][T15531] hsr_slave_0: entered promiscuous mode
[  611.753139][T15531] hsr_slave_1: entered promiscuous mode
[  611.755338][T15531] debugfs: 'hsr0' already exists in 'hsr'
[  611.757172][T15531] Cannot create hsr debugfs directory
[  611.881902][ T1326] usb 6-1: new full-speed USB device number 28 using dummy_hcd
[  612.043573][ T1326] usb 6-1: config index 0 descriptor too short (expected 5924, got 36)
[  612.047111][ T1326] usb 6-1: config 250 has an invalid interface number: 228 but max is -1
[  612.050672][ T1326] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0
[  612.055186][ T1326] usb 6-1: config 250 has no interface number 0
[  612.057933][ T1326] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 64
[  612.063127][ T1326] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  612.069487][ T1326] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  612.080901][ T1326] usb 6-1: config 250 interface 228 has no altsetting 0
[  612.093881][ T1326] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  612.097812][ T1326] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  612.101186][ T1326] usb 6-1: Product: syz
[  612.104268][ T1326] usb 6-1: SerialNumber: syz
[  612.114853][ T1326] hub 6-1:250.228: bad descriptor, ignoring hub
[  612.117515][ T1326] hub 6-1:250.228: probe with driver hub failed with error -5
[  612.316274][ T1326] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 28 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  612.322839][T15531] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  612.340148][T15531] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  612.355369][T15531] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  612.376259][T14132] usbhid 5-1:0.0: can't add hid device: -32
[  612.391821][T14132] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[  612.398369][T15531] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  612.437955][T15531] 8021q: adding VLAN 0 to HW filter on device bond0
[  612.447293][T15531] 8021q: adding VLAN 0 to HW filter on device team0
[  612.452620][T13211] bridge0: port 1(bridge_slave_0) entered blocking state
[  612.454967][T13211] bridge0: port 1(bridge_slave_0) entered forwarding state
[  612.463220][T13198] bridge0: port 2(bridge_slave_1) entered blocking state
[  612.465480][T13198] bridge0: port 2(bridge_slave_1) entered forwarding state
[  612.582098][T15574] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2655'.
[  613.241175][ T5938] Bluetooth: hci1: command tx timeout
[  613.901245][T15531] 8021q: adding VLAN 0 to HW filter on device batadv0
[  614.088861][T15531] veth0_vlan: entered promiscuous mode
[  614.124919][T15531] veth1_vlan: entered promiscuous mode
[  614.155097][T15531] veth0_macvtap: entered promiscuous mode
[  614.159029][T15531] veth1_macvtap: entered promiscuous mode
[  614.167265][T15531] batman_adv: batadv0: Interface activated: batadv_slave_0
[  614.172587][T15531] batman_adv: batadv0: Interface activated: batadv_slave_1
[  614.326456][T13197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  614.326462][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  614.326482][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  614.336685][T13197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  614.343844][ T1141] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  614.347301][ T1141] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  614.354452][ T1141] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  614.358029][ T1141] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  614.409684][T15602] syzkaller0: entered promiscuous mode
[  614.413168][T15602] syzkaller0: entered allmulticast mode
[  614.418571][T15602] vxfs: unable to read disk superblock at 1
[  614.425181][T15602] vxfs: unable to read disk superblock at 8
[  614.427222][T15602] vxfs: can't find superblock.
[  615.311614][   T34] usb 6-1: USB disconnect, device number 28
[  615.317357][   T34] usblp0: removed
[  615.321419][ T5938] Bluetooth: hci1: command tx timeout
[  615.335313][   T40] audit: type=1326 audit(1770674373.371:3957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15617 comm="syz.1.2666" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x0
[  615.847606][T15642] 9p: Bad value for 'wfdno'
[  617.399118][ T5938] Bluetooth: hci1: command tx timeout
[  617.687392][T15665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2678'.
[  617.820156][T15666] lo speed is unknown, defaulting to 1000
[  618.651801][T15694] syzkaller0: entered promiscuous mode
[  618.654118][T15694] syzkaller0: entered allmulticast mode
[  618.741422][T15696] syzkaller0: entered promiscuous mode
[  618.743227][T15696] syzkaller0: entered allmulticast mode
[  618.975606][T15711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2693'.
[  619.488299][ T5938] Bluetooth: hci1: command tx timeout
[  619.518262][T15714] syzkaller0: entered promiscuous mode
[  619.525553][T15714] syzkaller0: entered allmulticast mode
[  619.544539][T15714] tipc: Started in network mode
[  619.546143][T15714] tipc: Node identity ae8b23ba670a, cluster identity 4711
[  619.549361][T15714] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  619.553891][T15713] tipc: Resetting bearer <eth:syzkaller0>
[  619.569957][T15713] tipc: Disabling bearer <eth:syzkaller0>
[  619.807305][T15716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2695'.
[  619.860675][T15718] Bluetooth: MGMT ver 1.23
[  619.903771][T15722] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  619.905977][T15722] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  619.909098][T15722] vhci_hcd vhci_hcd.0: Device attached
[  619.912093][T15722] random: crng reseeded on system resumption
[  619.921170][T15725] vhci_hcd: connection closed
[  619.921396][T13198] vhci_hcd vhci_hcd.3: stop threads
[  619.926281][T13198] vhci_hcd vhci_hcd.3: release socket
[  619.929338][T13198] vhci_hcd vhci_hcd.3: disconnect device
[  619.934477][T15724] syzkaller0: entered promiscuous mode
[  619.937089][T15724] syzkaller0: entered allmulticast mode
[  620.042518][T15729] fuse: Unknown parameter 'uskr_id'
[  620.492179][T15742] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2704'.
[  620.496533][T15742] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2704'.
[  620.648228][T15747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2705'.
[  621.522635][T15758] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2708'.
[  621.529437][T15758] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.2708'.
[  621.876989][ T5938] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  621.877027][   T64] Bluetooth: hci2: command 0x0401 tx timeout
[  622.969213][   T40] audit: type=1326 audit(1770674381.015:3958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  622.978941][   T40] audit: type=1326 audit(1770674381.015:3959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  622.989685][   T40] audit: type=1326 audit(1770674381.025:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  623.000328][   T40] audit: type=1326 audit(1770674381.025:3961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  623.010071][   T40] audit: type=1326 audit(1770674381.025:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  623.023496][   T40] audit: type=1326 audit(1770674381.035:3963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  623.032804][   T40] audit: type=1326 audit(1770674381.035:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  623.042074][   T40] audit: type=1326 audit(1770674381.035:3965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  623.051393][   T40] audit: type=1326 audit(1770674381.045:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  623.062234][   T40] audit: type=1326 audit(1770674381.045:3967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15782 comm="syz.0.2716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  624.159249][T15789] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  624.161495][T15789] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  624.181135][T15789] vhci_hcd vhci_hcd.0: Device attached
[  624.221148][T15790] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  624.223175][T15790] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  624.238637][T15790] vhci_hcd vhci_hcd.0: Device attached
[  624.331964][T15797] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2718'.
[  624.446338][ T6020] usb 38-1: SetAddress Request (22) to port 0
[  624.449332][ T6020] usb 38-1: new SuperSpeed USB device number 22 using vhci_hcd
[  624.457154][T15794] vhci_hcd: connection closed
[  624.458805][T13211] vhci_hcd vhci_hcd.2: stop threads
[  624.464627][T13211] vhci_hcd vhci_hcd.2: release socket
[  624.467697][T13211] vhci_hcd vhci_hcd.2: disconnect device
[  624.479256][T15791] vhci_hcd: connection reset by peer
[  624.481883][T13211] vhci_hcd vhci_hcd.0: stop threads
[  624.484451][T13211] vhci_hcd vhci_hcd.0: release socket
[  624.492116][T13211] vhci_hcd vhci_hcd.0: disconnect device
[  624.506444][  T829] usb 42-1: enqueue for inactive port 0
[  624.641944][T15799] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2719'.
[  625.003733][  T829] usb usb42-port1: attempt power cycle
[  625.277794][T15803] ubi31: attaching mtd0
[  625.289251][T15803] ubi31: scanning is finished
[  625.326976][T15806] FAULT_INJECTION: forcing a failure.
[  625.326976][T15806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  625.332432][T15806] CPU: 3 UID: 0 PID: 15806 Comm: syz.1.2721 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  625.332458][T15806] Tainted: [L]=SOFTLOCKUP
[  625.332464][T15806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  625.332472][T15806] Call Trace:
[  625.332481][T15806]  <TASK>
[  625.332490][T15806]  dump_stack_lvl+0x100/0x190
[  625.332516][T15806]  should_fail_ex.cold+0x5/0xa
[  625.332545][T15806]  _copy_from_iter+0x1f4/0x1690
[  625.332573][T15806]  ? __alloc_skb+0x220/0x410
[  625.332595][T15806]  ? __alloc_skb+0x35d/0x410
[  625.332617][T15806]  ? __pfx__copy_from_iter+0x10/0x10
[  625.332641][T15806]  ? netlink_autobind.isra.0+0x150/0x370
[  625.332677][T15806]  netlink_sendmsg+0x808/0xda0
[  625.332706][T15806]  ? __pfx_netlink_sendmsg+0x10/0x10
[  625.332736][T15806]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  625.332776][T15806]  sock_write_iter+0x566/0x610
[  625.332797][T15806]  ? __pfx_sock_write_iter+0x10/0x10
[  625.332830][T15806]  do_iter_readv_writev+0x6ee/0x920
[  625.332856][T15806]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  625.332871][T15806]  ? common_file_perm+0x1ab/0x4f0
[  625.332899][T15806]  ? bpf_lsm_file_permission+0x9/0x10
[  625.332922][T15806]  ? security_file_permission+0x76/0x210
[  625.332947][T15806]  ? rw_verify_area+0xce/0x6d0
[  625.332968][T15806]  vfs_writev+0x360/0xe10
[  625.332992][T15806]  ? __pfx_vfs_writev+0x10/0x10
[  625.333024][T15806]  ? __fget_files+0x21f/0x3d0
[  625.333050][T15806]  ? do_writev+0x28a/0x340
[  625.333072][T15806]  do_writev+0x28a/0x340
[  625.333092][T15806]  ? __pfx_do_writev+0x10/0x10
[  625.333107][T15806]  ? __pfx_ksys_write+0x10/0x10
[  625.333133][T15806]  __do_fast_syscall_32+0xde/0x660
[  625.333159][T15806]  do_fast_syscall_32+0x32/0x70
[  625.333179][T15806]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  625.333201][T15806] RIP: 0023:0xf7fe5579
[  625.333216][T15806] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  625.333231][T15806] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000092
[  625.333247][T15806] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  625.333259][T15806] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  625.333269][T15806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  625.333279][T15806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  625.333288][T15806] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  625.333309][T15806]  </TASK>
[  625.547939][T15810] overlayfs: missing 'workdir'
[  625.579329][  T829] usb usb42-port1: unable to enumerate USB device
[  625.603233][T15803] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  625.615281][T15803] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  625.617873][T15803] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  625.620247][T15803] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  625.638994][T15816] only policy match revision 0 supported
[  625.639012][T15816] unable to load match
[  625.639338][T15803] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  625.646127][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  625.765132][T15803] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  625.778699][T15803] ubi31: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2665176518
[  625.782663][T15803] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  625.815922][T15815] ubi31: background thread "ubi_bgt31d" started, PID 15815
[  626.722316][T15829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2729'.
[  627.639923][T15844] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  627.642081][T15844] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  627.645596][T15844] vhci_hcd vhci_hcd.0: Device attached
[  627.659081][ T5938] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  627.687171][T15835] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.2730'.
[  627.914519][  T829] usb 40-1: SetAddress Request (22) to port 0
[  627.917280][  T829] usb 40-1: new SuperSpeed USB device number 22 using vhci_hcd
[  628.259592][T15845] vhci_hcd: connection reset by peer
[  628.262071][T13211] vhci_hcd vhci_hcd.1: stop threads
[  628.264624][T13211] vhci_hcd vhci_hcd.1: release socket
[  628.266643][T13211] vhci_hcd vhci_hcd.1: disconnect device
[  628.845319][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  629.082437][T15872] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2739'.
[  629.475812][ T6020] usb 38-1: device descriptor read/8, error -110
[  630.243127][ T6020] usb usb38-port1: attempt power cycle
[  630.492940][   T53] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  630.664677][   T53] usb 8-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  630.668098][   T53] usb 8-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  630.673156][   T53] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  630.676276][   T53] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.686586][   T53] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  630.706197][   T53] snd-usb-audio 8-1:27.0: probe with driver snd-usb-audio failed with error -2
[  630.713174][T15396] udevd[15396]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  630.805258][ T6020] usb usb38-port1: unable to enumerate USB device
[  630.835131][ T5938] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  630.838918][ T5938] Bluetooth: hci4: Injecting HCI hardware error event
[  630.844847][ T5938] Bluetooth: hci4: hardware error 0x00
[  630.886672][ T6020] usb 8-1: USB disconnect, device number 26
[  631.214467][T15895] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2747'.
[  631.388419][T15900] vlan2: entered promiscuous mode
[  631.390092][T15900] bridge0: entered promiscuous mode
[  631.399074][T15900] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2748'.
[  631.402841][T15900] bridge_slave_1: left allmulticast mode
[  631.404782][T15900] bridge_slave_1: left promiscuous mode
[  631.406774][T15900] bridge0: port 2(bridge_slave_1) entered disabled state
[  631.465596][T15900] bridge_slave_0: left allmulticast mode
[  631.468004][T15900] bridge_slave_0: left promiscuous mode
[  631.470594][T15900] bridge0: port 1(bridge_slave_0) entered disabled state
[  631.572862][T15903] FAULT_INJECTION: forcing a failure.
[  631.572862][T15903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  631.577037][T15903] CPU: 2 UID: 0 PID: 15903 Comm: syz.2.2749 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  631.577054][T15903] Tainted: [L]=SOFTLOCKUP
[  631.577058][T15903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  631.577065][T15903] Call Trace:
[  631.577069][T15903]  <TASK>
[  631.577074][T15903]  dump_stack_lvl+0x100/0x190
[  631.577091][T15903]  should_fail_ex.cold+0x5/0xa
[  631.577108][T15903]  _copy_from_user+0x2e/0xd0
[  631.577125][T15903]  kstrtoull_from_user+0xc6/0x1c0
[  631.577138][T15903]  ? __pfx_kstrtoull_from_user+0x10/0x10
[  631.577154][T15903]  ? lock_acquire+0x17c/0x330
[  631.577173][T15903]  timerslack_ns_write+0xa3/0x6d0
[  631.577187][T15903]  ? __pfx_timerslack_ns_write+0x10/0x10
[  631.577204][T15903]  vfs_write+0x2aa/0x1070
[  631.577217][T15903]  ? __pfx_timerslack_ns_write+0x10/0x10
[  631.577232][T15903]  ? __pfx_vfs_write+0x10/0x10
[  631.577244][T15903]  ? __fget_files+0x215/0x3d0
[  631.577258][T15903]  ? __fget_files+0x21f/0x3d0
[  631.577273][T15903]  ksys_write+0x12a/0x250
[  631.577285][T15903]  ? __pfx_ksys_write+0x10/0x10
[  631.577297][T15903]  ? __pfx_ksys_write+0x10/0x10
[  631.577311][T15903]  __do_fast_syscall_32+0xde/0x660
[  631.577327][T15903]  do_fast_syscall_32+0x32/0x70
[  631.577340][T15903]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  631.577354][T15903] RIP: 0023:0xf742d579
[  631.577362][T15903] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  631.577373][T15903] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  631.577384][T15903] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000180
[  631.577390][T15903] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  631.577396][T15903] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  631.577402][T15903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  631.577408][T15903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  631.577422][T15903]  </TASK>
[  631.662532][ T6020] kernel read not supported for file /dsp1 (pid: 6020 comm: kworker/2:5)
[  631.737404][T15906] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2750'.
[  632.549078][T15919] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2755'.
[  632.552326][T15919] hsr_slave_0: left promiscuous mode
[  632.554747][T15919] hsr_slave_1: left promiscuous mode
[  632.912558][ T5938] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  632.991814][  T829] usb 40-1: device descriptor read/8, error -110
[  633.392210][  T829] usb usb40-port1: attempt power cycle
[  633.552575][T15935] netlink: 6 bytes leftover after parsing attributes in process `syz.3.2760'.
[  633.690247][T15941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2761'.
[  634.032206][  T829] usb usb40-port1: unable to enumerate USB device
[  634.264307][T15958] syzkaller0: entered promiscuous mode
[  634.266190][T15958] syzkaller0: entered allmulticast mode
[  634.670499][   T10] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  634.810352][   T10] usb 6-1: device descriptor read/64, error -71
[  635.060230][   T10] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  635.200152][   T10] usb 6-1: device descriptor read/64, error -71
[  635.311330][   T10] usb usb6-port1: attempt power cycle
[  635.426719][T15981] syzkaller0: entered promiscuous mode
[  635.428495][T15981] syzkaller0: entered allmulticast mode
[  635.650523][   T10] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  635.680340][   T10] usb 6-1: device descriptor read/8, error -71
[  635.939945][   T10] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  635.960160][   T10] usb 6-1: device descriptor read/8, error -71
[  636.059290][T15993] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2778'.
[  636.072991][   T10] usb usb6-port1: unable to enumerate USB device
[  636.304009][T16005] random: crng reseeded on system resumption
[  636.660807][T16015] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  636.662939][T16015] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  636.665980][T16015] vhci_hcd vhci_hcd.0: Device attached
[  637.478719][T16026] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2793'.
[  637.553467][   T40] kauditd_printk_skb: 23 callbacks suppressed
[  637.553479][   T40] audit: type=1326 audit(1770674395.602:3991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16025 comm="syz.1.2793" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x0
[  637.979400][   T55] usb 42-1: SetAddress Request (50) to port 0
[  637.982107][   T55] usb 42-1: new SuperSpeed USB device number 50 using vhci_hcd
[  637.984976][T16031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2794'.
[  638.021964][T16033] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2795'.
[  638.342225][T16017] vhci_hcd: connection reset by peer
[  638.344472][T13198] vhci_hcd vhci_hcd.2: stop threads
[  638.346282][T13198] vhci_hcd vhci_hcd.2: release socket
[  638.348286][T13198] vhci_hcd vhci_hcd.2: disconnect device
[  638.656930][T16052] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2800'.
[  638.687568][T16053] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  638.690170][T16053] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  638.693902][T16053] vhci_hcd vhci_hcd.0: Device attached
[  638.989476][   T34] usb 40-1: SetAddress Request (26) to port 0
[  638.991791][   T34] usb 40-1: new SuperSpeed USB device number 26 using vhci_hcd
[  639.426228][T16054] vhci_hcd: connection reset by peer
[  639.433188][ T1145] vhci_hcd vhci_hcd.1: stop threads
[  639.435328][ T1145] vhci_hcd vhci_hcd.1: release socket
[  639.437427][ T1145] vhci_hcd vhci_hcd.1: disconnect device
[  640.922898][T16078] program syz.0.2806 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  641.014016][T16082] fuse: Unknown parameter 'root
ode'
[  641.557766][T14720] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  641.728750][T14720] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  641.735836][T14720] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  641.739038][T14720] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  641.741814][T14720] usb 8-1: Product: syz
[  641.743471][T14720] usb 8-1: Manufacturer: syz
[  641.745785][T14720] usb 8-1: SerialNumber: syz
[  641.957651][T14720] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 27 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  642.037829][ T1121] sr 2:0:0:0: [sr0] tag#21 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  642.043187][ T1121] sr 2:0:0:0: [sr0] tag#21 Sense Key : Illegal Request [current] 
[  642.045788][ T1121] sr 2:0:0:0: [sr0] tag#21 Add. Sense: Invalid command operation code
[  642.049015][ T1121] sr 2:0:0:0: [sr0] tag#21 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00
[  642.051718][ T1121] blk_print_req_error: 10 callbacks suppressed
[  642.051728][ T1121] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 2 prio class 2
[  642.057448][ T1121] buffer_io_error: 322 callbacks suppressed
[  642.057456][ T1121] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  642.062076][ T1121] Buffer I/O error on dev sr0, logical block 1, lost async page write
[  642.062936][T16100] syzkaller0: entered promiscuous mode
[  642.066857][T16100] syzkaller0: entered allmulticast mode
[  642.211440][T14720] usb 8-1: USB disconnect, device number 27
[  642.214888][T14720] usblp0: removed
[  642.274388][T16113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2819'.
[  642.651893][T16117] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2820'.
[  642.655930][T16117] netlink: 'syz.0.2820': attribute type 4 has an invalid length.
[  642.659444][T16117] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2820'.
[  643.066599][   T55] usb 42-1: device descriptor read/8, error -110
[  643.263897][ T5938] Bluetooth: hci0: Invalid connection link type handle 0x00c9
[  643.459772][   T55] usb usb42-port1: attempt power cycle
[  643.484464][T16135] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2824'.
[  644.025833][   T34] usb 40-1: device descriptor read/8, error -110
[  644.456404][   T34] usb usb40-port1: attempt power cycle
[  644.596556][   T55] usb usb42-port1: unable to enumerate USB device
[  644.622661][T16150] IPv6: NLM_F_REPLACE set, but no existing node found!
[  644.645893][T16158] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2830'.
[  645.016095][   T34] usb usb40-port1: unable to enumerate USB device
[  646.503703][   T34] IPVS: starting estimator thread 0...
[  646.541845][T16171] cgroup: fork rejected by pids controller in /syz3
[  646.596665][T16196] IPVS: using max 44 ests per chain, 105600 per kthread
[  647.594392][ T6020] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  647.775833][ T6020] usb 8-1: config 1 interface 0 has no altsetting 0
[  647.795178][ T6020] usb 8-1: New USB device found, idVendor=056a, idProduct=0044, bcdDevice= 0.40
[  647.800747][ T6020] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  647.803330][ T6020] usb 8-1: Product: syz
[  647.811122][ T6020] usb 8-1: Manufacturer: syz
[  647.812705][ T6020] usb 8-1: SerialNumber: syz
[  648.059212][ T6020] usbhid 8-1:1.0: can't add hid device: -71
[  648.064311][ T6020] usbhid 8-1:1.0: probe with driver usbhid failed with error -71
[  648.071247][ T6020] usb 8-1: USB disconnect, device number 28
[  648.167009][T16229] FAULT_INJECTION: forcing a failure.
[  648.167009][T16229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  648.171233][T16229] CPU: 1 UID: 0 PID: 16229 Comm: syz.2.2842 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  648.171262][T16229] Tainted: [L]=SOFTLOCKUP
[  648.171266][T16229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  648.171273][T16229] Call Trace:
[  648.171278][T16229]  <TASK>
[  648.171282][T16229]  dump_stack_lvl+0x100/0x190
[  648.171314][T16229]  should_fail_ex.cold+0x5/0xa
[  648.171331][T16229]  _copy_from_user+0x2e/0xd0
[  648.171355][T16229]  get_compat_msghdr+0xb3/0x4b0
[  648.171378][T16229]  ? __pfx_get_compat_msghdr+0x10/0x10
[  648.171413][T16229]  ___sys_sendmsg+0x1b6/0x1e0
[  648.171427][T16229]  ? __pfx____sys_sendmsg+0x10/0x10
[  648.171455][T16229]  __sys_sendmsg+0x170/0x220
[  648.171472][T16229]  ? __pfx___sys_sendmsg+0x10/0x10
[  648.171496][T16229]  __do_fast_syscall_32+0xde/0x660
[  648.171511][T16229]  do_fast_syscall_32+0x32/0x70
[  648.171525][T16229]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  648.171538][T16229] RIP: 0023:0xf742d579
[  648.171561][T16229] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  648.171572][T16229] RSP: 002b:00000000f541450c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  648.171583][T16229] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000240
[  648.171590][T16229] RDX: 0000000024044080 RSI: 0000000000000000 RDI: 0000000000000000
[  648.171596][T16229] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  648.171602][T16229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  648.171608][T16229] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  648.171621][T16229]  </TASK>
[  650.343924][   T40] audit: type=1326 audit(1770674408.399:3992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16269 comm="syz.1.2854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  650.351435][   T40] audit: type=1326 audit(1770674408.399:3993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16269 comm="syz.1.2854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  650.359513][   T40] audit: type=1326 audit(1770674408.409:3994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16269 comm="syz.1.2854" exe="/syz-executor" sig=0 arch=40000003 syscall=29 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  650.539708][T16276] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2855'.
[  651.075009][T16280] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  651.109301][T16280] kvm: pic: level sensitive irq not supported
[  651.109612][T16280] kvm: pic: non byte read
[  651.116400][T16280] kvm: pic: level sensitive irq not supported
[  651.116695][T16280] kvm: pic: non byte read
[  651.121300][T16280] kvm: pic: level sensitive irq not supported
[  651.122004][T16280] kvm: pic: non byte read
[  651.127244][T16280] kvm: pic: level sensitive irq not supported
[  651.127518][T16280] kvm: pic: non byte read
[  651.568527][T16295] FAULT_INJECTION: forcing a failure.
[  651.568527][T16295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  651.572759][T16295] CPU: 3 UID: 0 PID: 16295 Comm: syz.1.2862 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  651.572788][T16295] Tainted: [L]=SOFTLOCKUP
[  651.572792][T16295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  651.572799][T16295] Call Trace:
[  651.572803][T16295]  <TASK>
[  651.572807][T16295]  dump_stack_lvl+0x100/0x190
[  651.572824][T16295]  should_fail_ex.cold+0x5/0xa
[  651.572846][T16295]  _copy_from_user+0x2e/0xd0
[  651.572862][T16295]  v4l2_compat_get_array_args+0x1a5/0x760
[  651.572877][T16295]  ? __pfx_v4l2_compat_get_array_args+0x10/0x10
[  651.572887][T16295]  ? rcu_is_watching+0x12/0xc0
[  651.572898][T16295]  ? trace_kmalloc+0x83/0xb0
[  651.572911][T16295]  ? __kvmalloc_node_noprof+0x36a/0xac0
[  651.572924][T16295]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  651.572940][T16295]  ? video_usercopy+0x706/0x1400
[  651.572956][T16295]  video_usercopy+0xc21/0x1400
[  651.572969][T16295]  ? __pfx___video_do_ioctl+0x10/0x10
[  651.572983][T16295]  ? __pfx_video_usercopy+0x10/0x10
[  651.573000][T16295]  ? hook_file_ioctl_common+0x146/0x410
[  651.573019][T16295]  v4l2_ioctl+0x1bd/0x250
[  651.573033][T16295]  v4l2_compat_ioctl32+0x20f/0x2d0
[  651.573044][T16295]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  651.573054][T16295]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  651.573067][T16295]  __do_fast_syscall_32+0xde/0x660
[  651.573082][T16295]  do_fast_syscall_32+0x32/0x70
[  651.573096][T16295]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  651.573110][T16295] RIP: 0023:0xf7fe5579
[  651.573118][T16295] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  651.573128][T16295] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  651.573138][T16295] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185648
[  651.573145][T16295] RDX: 0000000080000380 RSI: 0000000000000000 RDI: 0000000000000000
[  651.573151][T16295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  651.573157][T16295] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  651.573163][T16295] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  651.573176][T16295]  </TASK>
[  651.749004][T16303] netlink: 'syz.3.2864': attribute type 11 has an invalid length.
[  651.762536][T16303] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2864'.
[  651.800051][T16308] FAULT_INJECTION: forcing a failure.
[  651.800051][T16308] name failslab, interval 1, probability 0, space 0, times 0
[  651.805026][T16308] CPU: 2 UID: 0 PID: 16308 Comm: syz.3.2866 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  651.805044][T16308] Tainted: [L]=SOFTLOCKUP
[  651.805048][T16308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  651.805054][T16308] Call Trace:
[  651.805058][T16308]  <TASK>
[  651.805062][T16308]  dump_stack_lvl+0x100/0x190
[  651.805078][T16308]  should_fail_ex.cold+0x5/0xa
[  651.805093][T16308]  ? sk_filter_trim_cap+0x571/0xde0
[  651.805106][T16308]  should_failslab+0xc2/0x120
[  651.805121][T16308]  kmem_cache_alloc_noprof+0x83/0x780
[  651.805135][T16308]  ? skb_clone+0x190/0x400
[  651.805153][T16308]  ? skb_clone+0x190/0x400
[  651.805167][T16308]  skb_clone+0x190/0x400
[  651.805183][T16308]  netlink_deliver_tap+0xaed/0xcc0
[  651.805207][T16308]  netlink_unicast+0x70c/0x870
[  651.805225][T16308]  ? __pfx_netlink_unicast+0x10/0x10
[  651.805246][T16308]  ? find_held_lock+0x2b/0x80
[  651.805256][T16308]  ? nl80211_get_reg_do+0x4ca/0xa30
[  651.805272][T16308]  ? nl80211_get_reg_do+0x4ca/0xa30
[  651.805288][T16308]  nl80211_get_reg_do+0x5f8/0xa30
[  651.805298][T16308]  ? __nla_parse+0x40/0x60
[  651.805311][T16308]  ? __pfx_nl80211_get_reg_do+0x10/0x10
[  651.805323][T16308]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  651.805335][T16308]  ? nl80211_pre_doit+0x19a/0xae0
[  651.805349][T16308]  genl_family_rcv_msg_doit+0x214/0x300
[  651.805362][T16308]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  651.805373][T16308]  ? genl_get_cmd+0x3ef/0x720
[  651.805387][T16308]  ? __dev_queue_xmit+0x7fd/0x46f0
[  651.805399][T16308]  ? __radix_tree_lookup+0x217/0x2b0
[  651.805413][T16308]  genl_rcv_msg+0x560/0x800
[  651.805425][T16308]  ? __pfx_genl_rcv_msg+0x10/0x10
[  651.805436][T16308]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  651.805448][T16308]  ? __pfx_nl80211_get_reg_do+0x10/0x10
[  651.805458][T16308]  ? __pfx_nl80211_post_doit+0x10/0x10
[  651.805475][T16308]  netlink_rcv_skb+0x159/0x420
[  651.805485][T16308]  ? __pfx_genl_rcv_msg+0x10/0x10
[  651.805496][T16308]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  651.805514][T16308]  ? netlink_deliver_tap+0x1ae/0xcc0
[  651.805535][T16308]  genl_rcv+0x28/0x40
[  651.805544][T16308]  netlink_unicast+0x5aa/0x870
[  651.805563][T16308]  ? __pfx_netlink_unicast+0x10/0x10
[  651.805587][T16308]  netlink_sendmsg+0x8b0/0xda0
[  651.805605][T16308]  ? __pfx_netlink_sendmsg+0x10/0x10
[  651.805624][T16308]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  651.805642][T16308]  ____sys_sendmsg+0xa54/0xc30
[  651.805658][T16308]  ? __pfx_____sys_sendmsg+0x10/0x10
[  651.805679][T16308]  ___sys_sendmsg+0x190/0x1e0
[  651.805692][T16308]  ? __pfx____sys_sendmsg+0x10/0x10
[  651.805722][T16308]  __sys_sendmsg+0x170/0x220
[  651.805737][T16308]  ? __pfx___sys_sendmsg+0x10/0x10
[  651.805758][T16308]  ? __pfx_ksys_write+0x10/0x10
[  651.805778][T16308]  __do_fast_syscall_32+0xde/0x660
[  651.805793][T16308]  do_fast_syscall_32+0x32/0x70
[  651.805807][T16308]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  651.805820][T16308] RIP: 0023:0xf73cd579
[  651.805828][T16308] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  651.805838][T16308] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  651.805849][T16308] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  651.805856][T16308] RDX: 0000000020004880 RSI: 0000000000000000 RDI: 0000000000000000
[  651.805862][T16308] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  651.805868][T16308] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  651.805874][T16308] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  651.805887][T16308]  </TASK>
[  652.656521][T16317] bridge: RTM_NEWNEIGH with invalid state 0x8
[  653.177214][T16328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2871'.
[  653.717539][T16342] fuse: Unknown parameter 'z'
[  653.728959][T16342] overlayfs: missing 'lowerdir'
[  653.830193][T16346] tmpfs: Unknown parameter 'grpquota_inode
hardlimit'
[  653.885502][T16347] lo speed is unknown, defaulting to 1000
[  654.246847][T16354] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2880'.
[  654.397232][T16365] (syz.1.2885,16365,2):ocfs2_get_sector:1714 ERROR: status = -5
[  654.401838][T16365] (syz.1.2885,16365,2):ocfs2_sb_probe:753 ERROR: status = -5
[  654.404236][T16365] (syz.1.2885,16365,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  654.407081][T16365] (syz.1.2885,16365,2):ocfs2_fill_super:1177 ERROR: status = -5
[  655.890000][T16384] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2888'.
[  656.196516][   T40] audit: type=1326 audit(1770674414.252:3995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.220630][   T40] audit: type=1326 audit(1770674414.262:3996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.228051][   T40] audit: type=1326 audit(1770674414.262:3997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.250185][   T40] audit: type=1326 audit(1770674414.262:3998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.258055][   T40] audit: type=1326 audit(1770674414.262:3999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.265908][   T40] audit: type=1326 audit(1770674414.262:4000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.272933][   T40] audit: type=1326 audit(1770674414.262:4001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.280710][   T40] audit: type=1326 audit(1770674414.262:4002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.287705][   T40] audit: type=1326 audit(1770674414.262:4003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.295332][   T40] audit: type=1326 audit(1770674414.262:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16385 comm="syz.3.2889" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  656.853626][T14132] IPVS: starting estimator thread 0...
[  656.854011][T16415] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  657.125286][T16416] IPVS: using max 44 ests per chain, 105600 per kthread
[  657.534758][T16423] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2899'.
[  657.554470][T16423] loop3: detected capacity change from 0 to 2639
[  657.600107][T16424] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2899'.
[  657.835728][ T5938] Bluetooth: hci1: connection err: -111
[  658.096843][T16444] FAULT_INJECTION: forcing a failure.
[  658.096843][T16444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  658.101618][T16444] CPU: 1 UID: 0 PID: 16444 Comm: syz.2.2904 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  658.101648][T16444] Tainted: [L]=SOFTLOCKUP
[  658.101651][T16444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  658.101658][T16444] Call Trace:
[  658.101662][T16444]  <TASK>
[  658.101667][T16444]  dump_stack_lvl+0x100/0x190
[  658.101683][T16444]  should_fail_ex.cold+0x5/0xa
[  658.101701][T16444]  _copy_from_user+0x2e/0xd0
[  658.101719][T16444]  io_query+0x144/0x6e0
[  658.101735][T16444]  ? __pfx_io_query+0x10/0x10
[  658.101751][T16444]  ? preempt_schedule_thunk+0x16/0x30
[  658.101762][T16444]  ? vfs_write+0x464/0x1070
[  658.101773][T16444]  ? find_held_lock+0x2b/0x80
[  658.101784][T16444]  ? ksys_write+0x190/0x250
[  658.101795][T16444]  ? ksys_write+0x190/0x250
[  658.101808][T16444]  __do_sys_io_uring_register+0x626/0x1650
[  658.101823][T16444]  ? __fget_files+0x215/0x3d0
[  658.101834][T16444]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  658.101848][T16444]  ? __pfx___do_sys_io_uring_register+0x10/0x10
[  658.101863][T16444]  ? __fget_files+0x21f/0x3d0
[  658.101876][T16444]  ? fput+0x79/0x100
[  658.101890][T16444]  ? ksys_write+0x1ac/0x250
[  658.101901][T16444]  ? __pfx_ksys_write+0x10/0x10
[  658.101916][T16444]  __do_fast_syscall_32+0xde/0x660
[  658.101931][T16444]  do_fast_syscall_32+0x32/0x70
[  658.101944][T16444]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  658.101957][T16444] RIP: 0023:0xf742d579
[  658.101965][T16444] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  658.101976][T16444] RSP: 002b:00000000f541450c EFLAGS: 00000292 ORIG_RAX: 00000000000001ab
[  658.101986][T16444] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 0000000000000023
[  658.101992][T16444] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  658.101998][T16444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  658.102004][T16444] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  658.102011][T16444] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  658.102024][T16444]  </TASK>
[  658.108722][ T1326] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  658.358591][ T1326] usb 8-1: Using ep0 maxpacket: 32
[  658.362354][ T1326] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  658.367354][ T1326] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  658.367446][T16447] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2906'.
[  658.370752][ T1326] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  658.370768][ T1326] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.374577][ T1326] usb 8-1: config 0 descriptor??
[  658.806089][ T1326] usbhid 8-1:0.0: can't add hid device: -71
[  658.808513][ T1326] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  658.821361][ T1326] usb 8-1: USB disconnect, device number 29
[  659.015537][T16458] pim6reg: tun_chr_ioctl cmd 1074025675
[  659.017930][T16458] pim6reg: persist enabled
[  659.855346][T16474] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  659.984077][T16477] xt_NFQUEUE: number of total queues is 0
[  660.316726][T16490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2921'.
[  662.460973][T16515] tipc: Enabled bearer <udp:syz0>, priority 10
[  662.575558][T16523] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2932'.
[  662.583101][T16509] lo speed is unknown, defaulting to 1000
[  663.478899][T16535] tipc: Started in network mode
[  663.480537][T16535] tipc: Node identity , cluster identity 4711
[  663.482604][T16535] tipc: Failed to obtain node identity
[  663.484813][T16535] tipc: Enabling of bearer <eth:ip6gre0> rejected, failed to enable media
[  663.609277][   T10] tipc: Node number set to 3380683706
[  663.851558][T16541] overlayfs: failed to resolve './file1/file0': -2
[  663.857943][T13216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  663.860444][T13216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  664.497448][   T40] kauditd_printk_skb: 25 callbacks suppressed
[  664.497460][   T40] audit: type=1326 audit(1770674422.566:4030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16550 comm="syz.0.2942" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73cd579 code=0x0
[  664.984504][T16563] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2944'.
[  665.142009][T16565] netlink: 'syz.2.2945': attribute type 1 has an invalid length.
[  665.270673][T16565] bond1: entered promiscuous mode
[  665.285278][T16565] bond1: entered allmulticast mode
[  665.290783][T16565] 8021q: adding VLAN 0 to HW filter on device bond1
[  665.383540][T16567] erspan1: entered allmulticast mode
[  665.459566][T16567] bond1: (slave erspan1): making interface the new active one
[  665.475616][T16567] erspan1: entered promiscuous mode
[  665.489542][T16567] bond1: (slave erspan1): Enslaving as an active interface with an up link
[  666.174108][T16584] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.176705][T16584] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.216233][T16584] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  666.221551][T16584] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  666.288196][T16584] macsec1: left promiscuous mode
[  666.312409][T13216] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  666.315367][T13216] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  666.318186][T13216] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  666.320996][T13216] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  666.425803][T16591] IPVS: set_ctl: invalid protocol: 51 0.0.0.0:20000
[  666.450903][T16593] lo speed is unknown, defaulting to 1000
[  667.190132][T16602] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2957'.
[  667.628844][T16606] x_tables: duplicate underflow at hook 2
[  667.741345][T16608] netlink: 'syz.3.2959': attribute type 21 has an invalid length.
[  667.745149][T16608] netlink: 164 bytes leftover after parsing attributes in process `syz.3.2959'.
[  668.268594][   T64] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  668.273997][   T64] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  668.277739][   T64] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  668.282281][   T64] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  668.285472][   T64] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  668.307392][T16612] lo speed is unknown, defaulting to 1000
[  668.382374][T16612] chnl_net:caif_netlink_parms(): no params data found
[  668.433638][T16612] bridge0: port 1(bridge_slave_0) entered blocking state
[  668.436108][T16612] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.438442][T16612] bridge_slave_0: entered allmulticast mode
[  668.441185][T16612] bridge_slave_0: entered promiscuous mode
[  668.445220][T16612] bridge0: port 2(bridge_slave_1) entered blocking state
[  668.447630][T16612] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.449934][T16612] bridge_slave_1: entered allmulticast mode
[  668.452653][T16612] bridge_slave_1: entered promiscuous mode
[  668.468629][T16612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  668.473289][T16612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  668.488926][T16612] team0: Port device team_slave_0 added
[  668.492379][T16612] team0: Port device team_slave_1 added
[  668.508114][T16612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  668.510366][T16612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  668.519402][T16612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  668.524948][T16612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  668.527240][T16612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  668.535524][T16612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  668.581992][T16612] hsr_slave_0: entered promiscuous mode
[  668.584768][T16612] hsr_slave_1: entered promiscuous mode
[  668.587074][T16612] debugfs: 'hsr0' already exists in 'hsr'
[  668.589040][T16612] Cannot create hsr debugfs directory
[  668.724122][T16612] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  668.730127][T16612] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  668.735623][T16612] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  668.740567][T16612] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  668.860943][T16612] 8021q: adding VLAN 0 to HW filter on device bond0
[  668.871039][T16612] 8021q: adding VLAN 0 to HW filter on device team0
[  668.877363][T13216] bridge0: port 1(bridge_slave_0) entered blocking state
[  668.879716][T13216] bridge0: port 1(bridge_slave_0) entered forwarding state
[  668.887793][T13216] bridge0: port 2(bridge_slave_1) entered blocking state
[  668.890544][T13216] bridge0: port 2(bridge_slave_1) entered forwarding state
[  669.041768][T16640] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2965'.
[  669.046764][T16640] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2965'.
[  669.059801][T16612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  669.198251][T16612] veth0_vlan: entered promiscuous mode
[  669.203483][T16612] veth1_vlan: entered promiscuous mode
[  669.218855][T16612] veth0_macvtap: entered promiscuous mode
[  669.223092][T16612] veth1_macvtap: entered promiscuous mode
[  669.232487][T16612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  669.238919][T16612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  669.245890][T13197] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  669.253717][T13197] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  669.257880][T13197] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  669.261590][T13197] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  669.293206][   T34] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  669.302052][T13196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  669.305303][T13196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  669.320833][T13197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  669.325206][T13197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  669.463065][   T34] usb 8-1: Using ep0 maxpacket: 8
[  669.468851][   T34] usb 8-1: config 0 has an invalid interface number: 8 but max is 0
[  669.471912][   T34] usb 8-1: config 0 has no interface number 0
[  669.474178][   T34] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  669.478793][   T34] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  669.482091][   T34] usb 8-1: New USB device strings: Mfr=0, Product=128, SerialNumber=0
[  669.485470][   T34] usb 8-1: Product: syz
[  669.488836][   T34] usb 8-1: config 0 descriptor??
[  669.497046][   T34] iowarrior 8-1:0.8: IOWarrior product=0x1512, serial= interface=8 now attached to iowarrior0
[  669.498431][T16651] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.2966'.
[  669.504000][T16651] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2966'.
[  669.766372][T16655] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2967'.
[  670.207445][T15884] usb 8-1: USB disconnect, device number 30
[  670.342939][   T64] Bluetooth: hci2: command tx timeout
[  670.395877][T16660] fuse: Unknown parameter 'a}ׂq���ϤG��f䒬�6�ZV��cQЛ�����U��*��?��2�`!��n�'
[  670.594509][T16664] tmpfs: Unknown parameter 'noinode32'
[  672.210724][T16673] overlayfs: statfs failed on './file0'
[  672.242384][T16693] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  672.245277][T16693] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  672.365756][T16701] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2980'.
[  672.412105][   T64] Bluetooth: hci2: command tx timeout
[  674.678201][T16728] Bluetooth: MGMT ver 1.23
[  674.695358][   T64] Bluetooth: hci2: command tx timeout
[  674.863434][T16738] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2989'.
[  675.136047][T16741] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  675.343874][T16744] lo speed is unknown, defaulting to 1000
[  675.519869][T16744] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2993'.
[  675.527648][T16754] comedi comedi3: comedi_config --init_data is deprecated
[  676.006304][T16787] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3005'.
[  676.730676][   T64] Bluetooth: hci2: command tx timeout
[  677.195214][T16812] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3014'.
[  678.381072][T16850] netlink: 'syz.4.3027': attribute type 12 has an invalid length.
[  678.384153][T16850] netlink: 328 bytes leftover after parsing attributes in process `syz.4.3027'.
[  678.388144][T16850] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3027'.
[  678.392204][T16850] netlink: 'syz.4.3027': attribute type 21 has an invalid length.
[  678.443417][T16854] netlink: 'syz.0.3029': attribute type 1 has an invalid length.
[  678.463692][T16854] bond2: entered promiscuous mode
[  678.465435][T16854] bond2: entered allmulticast mode
[  678.467461][T16854] 8021q: adding VLAN 0 to HW filter on device bond2
[  678.478365][T16854] erspan1: entered allmulticast mode
[  678.481985][T16854] bond2: (slave erspan1): making interface the new active one
[  678.484035][T16854] erspan1: entered promiscuous mode
[  678.486362][T16854] bond2: (slave erspan1): Enslaving as an active interface with an up link
[  678.496915][T16856] lo speed is unknown, defaulting to 1000
[  678.616348][T16864] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3031'.
[  678.735835][T16866] xt_CT: You must specify a L4 protocol and not use inversions on it
[  678.861413][T16868] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3033'.
[  679.617330][T16891] syzkaller0: entered promiscuous mode
[  679.619255][T16891] syzkaller0: entered allmulticast mode
[  679.876164][T16898] tun0: tun_chr_ioctl cmd 1074025675
[  679.877969][T16898] tun0: persist enabled
[  680.492942][T16906] lo speed is unknown, defaulting to 1000
[  680.594673][   T40] audit: type=1326 audit(1770674438.664:4031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16905 comm="syz.0.3046" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x0
[  681.303779][T16921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3050'.
[  682.610730][T16952] 
[  682.611929][T16952] ======================================================
[  682.615010][T16952] WARNING: possible circular locking dependency detected
[  682.617989][T16952] syzkaller #0 Tainted: G             L     
[  682.620904][T16952] ------------------------------------------------------
[  682.624109][T16952] syz.2.3061/16952 is trying to acquire lock:
[  682.626597][T16952] ffff88804d135068 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x69/0x80
[  682.630002][T16952] 
[  682.630002][T16952] but task is already holding lock:
[  682.633034][T16952] ffff8880251dc420 (sb_writers#5){.+.+}-{0:0}, at: __do_splice+0x33b/0x370
[  682.636423][T16952] 
[  682.636423][T16952] which lock already depends on the new lock.
[  682.636423][T16952] 
[  682.640367][T16952] 
[  682.640367][T16952] the existing dependency chain (in reverse order) is:
[  682.643893][T16952] 
[  682.643893][T16952] -> #3 (sb_writers#5){.+.+}-{0:0}:
[  682.646190][T16952]        mnt_want_write+0x6f/0x450
[  682.647842][T16952]        ovl_create_object+0x12b/0x3b0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  682.649924][T16952]        lookup_open.isra.0+0x139b/0x1890
[  682.652170][T16952]        path_openat+0x117d/0x3120
[  682.653801][T16952]        do_filp_open+0x1f7/0x420
[  682.655439][T16952]        do_sys_openat2+0x12e/0x220
[  682.657057][T16952]        __ia32_compat_sys_open+0xfe/0x1c0
[  682.658842][T16952]        __do_fast_syscall_32+0xde/0x660
[  682.660625][T16952]        do_fast_syscall_32+0x32/0x70
[  682.662270][T16952]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  682.664315][T16952] 
[  682.664315][T16952] -> #2 (&ovl_i_mutex_dir_key[depth]#2){++++}-{4:4}:
[  682.667023][T16952]        down_read+0x99/0x460
[  682.668484][T16952]        lookup_slow+0x42/0x70
[  682.669992][T16952]        path_lookupat+0x5e8/0xc40
[  682.671679][T16952]        filename_lookup+0x202/0x590
[  682.673387][T16952]        kern_path+0x35/0x50
[  682.674876][T16952]        lookup_bdev+0xd8/0x280
[  682.676436][T16952]        resume_store+0x1d6/0x460
[  682.678042][T16952]        kobj_attr_store+0x58/0x80
[  682.679657][T16952]        sysfs_kf_write+0xf2/0x150
[  682.681412][T16952]        kernfs_fop_write_iter+0x3e0/0x5f0
[  682.683262][T16952]        vfs_write+0x6ac/0x1070
[  682.684794][T16952]        ksys_write+0x12a/0x250
[  682.686289][T16952]        __do_fast_syscall_32+0xde/0x660
[  682.687989][T16952]        do_fast_syscall_32+0x32/0x70
[  682.689648][T16952]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  682.691811][T16952] 
[  682.691811][T16952] -> #1 (&of->mutex){+.+.}-{4:4}:
[  682.694132][T16952]        __mutex_lock+0x1a2/0x1b90
[  682.695764][T16952]        kernfs_fop_write_iter+0x2c2/0x5f0
[  682.697603][T16952]        iter_file_splice_write+0x82b/0x10a0
[  682.699531][T16952]        do_splice+0x109c/0x1fd0
[  682.701112][T16952]        __do_splice+0x33b/0x370
[  682.702697][T16952]        __ia32_sys_splice+0x189/0x250
[  682.704406][T16952]        __do_fast_syscall_32+0xde/0x660
[  682.706141][T16952]        do_fast_syscall_32+0x32/0x70
[  682.707813][T16952]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  682.709859][T16952] 
[  682.709859][T16952] -> #0 (&pipe->mutex){+.+.}-{4:4}:
[  682.712179][T16952]        __lock_acquire+0x14b8/0x2630
[  682.713813][T16952]        lock_acquire+0x17c/0x330
[  682.715398][T16952]        __mutex_lock+0x1a2/0x1b90
[  682.717006][T16952]        pipe_lock+0x69/0x80
[  682.718449][T16952]        iter_file_splice_write+0x1f8/0x10a0
[  682.720375][T16952]        do_splice+0x109c/0x1fd0
[  682.721942][T16952]        __do_splice+0x33b/0x370
[  682.723514][T16952]        __ia32_sys_splice+0x189/0x250
[  682.725233][T16952]        __do_fast_syscall_32+0xde/0x660
[  682.726979][T16952]        do_fast_syscall_32+0x32/0x70
[  682.728654][T16952]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  682.730724][T16952] 
[  682.730724][T16952] other info that might help us debug this:
[  682.730724][T16952] 
[  682.733910][T16952] Chain exists of:
[  682.733910][T16952]   &pipe->mutex --> &ovl_i_mutex_dir_key[depth]#2 --> sb_writers#5
[  682.733910][T16952] 
[  682.738027][T16952]  Possible unsafe locking scenario:
[  682.738027][T16952] 
[  682.740341][T16952]        CPU0                    CPU1
[  682.742050][T16952]        ----                    ----
[  682.743728][T16952]   rlock(sb_writers#5);
[  682.745053][T16952]                                lock(&ovl_i_mutex_dir_key[depth]#2);
[  682.747580][T16952]                                lock(sb_writers#5);
[  682.749646][T16952]   lock(&pipe->mutex);
[  682.750933][T16952] 
[  682.750933][T16952]  *** DEADLOCK ***
[  682.750933][T16952] 
[  682.753461][T16952] 1 lock held by syz.2.3061/16952:
[  682.755050][T16952]  #0: ffff8880251dc420 (sb_writers#5){.+.+}-{0:0}, at: __do_splice+0x33b/0x370
[  682.757868][T16952] 
[  682.757868][T16952] stack backtrace:
[  682.759707][T16952] CPU: 0 UID: 0 PID: 16952 Comm: syz.2.3061 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  682.759723][T16952] Tainted: [L]=SOFTLOCKUP
[  682.759727][T16952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  682.759734][T16952] Call Trace:
[  682.759739][T16952]  <TASK>
[  682.759744][T16952]  dump_stack_lvl+0x100/0x190
[  682.759760][T16952]  print_circular_bug.cold+0x178/0x1c7
[  682.759779][T16952]  check_noncircular+0x146/0x160
[  682.759793][T16952]  ? stack_trace_save+0x8e/0xc0
[  682.759807][T16952]  __lock_acquire+0x14b8/0x2630
[  682.759822][T16952]  ? __do_fast_syscall_32+0xde/0x660
[  682.759836][T16952]  ? do_fast_syscall_32+0x32/0x70
[  682.759850][T16952]  lock_acquire+0x17c/0x330
[  682.759865][T16952]  ? pipe_lock+0x69/0x80
[  682.759877][T16952]  ? __pfx___might_resched+0x10/0x10
[  682.759894][T16952]  __mutex_lock+0x1a2/0x1b90
[  682.759906][T16952]  ? pipe_lock+0x69/0x80
[  682.759917][T16952]  ? pipe_lock+0x69/0x80
[  682.759929][T16952]  ? __pfx___mutex_lock+0x10/0x10
[  682.759944][T16952]  ? trace_kmalloc+0x83/0xb0
[  682.759958][T16952]  ? __kmalloc_noprof+0x365/0x9c0
[  682.759968][T16952]  ? find_held_lock+0x2b/0x80
[  682.759977][T16952]  ? aa_file_perm+0x268/0x1540
[  682.759989][T16952]  ? pipe_lock+0x69/0x80
[  682.759999][T16952]  pipe_lock+0x69/0x80
[  682.760010][T16952]  iter_file_splice_write+0x1f8/0x10a0
[  682.760024][T16952]  ? __pfx___futex_wait+0x10/0x10
[  682.760036][T16952]  ? __pfx_iter_file_splice_write+0x10/0x10
[  682.760048][T16952]  ? __lock_acquire+0x4a5/0x2630
[  682.760063][T16952]  ? futex_hash+0x2c5/0x380
[  682.760080][T16952]  ? __pfx_iter_file_splice_write+0x10/0x10
[  682.760094][T16952]  do_splice+0x109c/0x1fd0
[  682.760106][T16952]  ? __lock_acquire+0x4a5/0x2630
[  682.760121][T16952]  ? __pfx_do_splice+0x10/0x10
[  682.760132][T16952]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  682.760144][T16952]  ? find_held_lock+0x2b/0x80
[  682.760154][T16952]  __do_splice+0x33b/0x370
[  682.760166][T16952]  ? __pfx___do_splice+0x10/0x10
[  682.760180][T16952]  __ia32_sys_splice+0x189/0x250
[  682.760193][T16952]  __do_fast_syscall_32+0xde/0x660
[  682.760207][T16952]  do_fast_syscall_32+0x32/0x70
[  682.760220][T16952]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  682.760234][T16952] RIP: 0023:0xf742d579
[  682.760243][T16952] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  682.760260][T16952] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000139
[  682.760271][T16952] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  682.760278][T16952] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000008000
[  682.760285][T16952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  682.760291][T16952] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  682.760298][T16952] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  682.760309][T16952]  </TASK>
[  682.822361][   T34] usb 5-1: USB disconnect, device number 27
[  683.139600][ T1145] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.282256][ T1145] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.360478][ T1145] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.421796][ T1145] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.504868][ T1145] bridge_slave_1: left allmulticast mode
[  683.507187][ T1145] bridge_slave_1: left promiscuous mode
[  683.509141][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  683.512220][ T1145] bridge_slave_0: left allmulticast mode
[  683.514023][ T1145] bridge_slave_0: left promiscuous mode
[  683.515937][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  683.620683][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  683.624481][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  683.628477][ T1145] bond0 (unregistering): Released all slaves
[  683.932617][ T1145] hsr_slave_0: left promiscuous mode
[  683.934883][ T1145] hsr_slave_1: left promiscuous mode
[  683.938077][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  683.940634][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  683.943969][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  683.947374][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  683.953328][ T1145] veth1_macvtap: left promiscuous mode
[  683.955643][ T1145] veth0_macvtap: left promiscuous mode
[  683.957829][ T1145] veth1_vlan: left promiscuous mode
[  683.959640][ T1145] veth0_vlan: left promiscuous mode
[  684.101564][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  684.117081][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  684.626284][ T1145] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  684.630761][ T1145] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.678510][ T1145] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  684.682157][ T1145] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.767989][ T1145] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  684.771270][ T1145] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.819318][ T1145] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  684.822587][ T1145] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.919581][ T1145] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.986893][ T1145] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.045106][ T1145] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.115401][ T1145] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.185578][ T1145] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.241101][ T1145] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.288032][ T1145] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.359562][ T1145] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.432280][ T1145] bridge_slave_1: left allmulticast mode
[  685.434666][ T1145] bridge_slave_1: left promiscuous mode
[  685.437594][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  685.442351][ T1145] bridge_slave_0: left allmulticast mode
[  685.444730][ T1145] bridge_slave_0: left promiscuous mode
[  685.448503][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.452774][ T1145] bridge_slave_1: left allmulticast mode
[  685.454503][ T1145] bridge_slave_1: left promiscuous mode
[  685.456960][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  685.460538][ T1145] bridge_slave_0: left allmulticast mode
[  685.462281][ T1145] bridge_slave_0: left promiscuous mode
[  685.464041][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.513998][ T1145] bond2 (unregistering): (slave erspan1): Releasing active interface
[  685.517084][ T1145] erspan1 (unregistering): left promiscuous mode
[  685.534738][ T1145] dvmrp9 (unregistering): left allmulticast mode
[  685.547919][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  685.551508][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  685.554824][ T1145] bond0 (unregistering): Released all slaves
[  685.560505][ T1145] bond1 (unregistering): Released all slaves
[  685.566948][ T1145] bond2 (unregistering): Released all slaves
[  685.645016][ T1145] bond1 (unregistering): (slave erspan1): Releasing active interface
[  685.647503][ T1145] erspan1 (unregistering): left promiscuous mode
[  685.788740][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  685.793121][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  685.797837][ T1145] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  685.802210][ T1145] bond0 (unregistering): Released all slaves
[  685.808013][ T1145] bond1 (unregistering): Released all slaves
[  685.874344][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  685.879643][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  685.883257][ T1145] bond0 (unregistering): Released all slaves
[  686.541413][ T1145] hsr_slave_0: left promiscuous mode
[  686.544052][ T1145] hsr_slave_1: left promiscuous mode
[  686.546975][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  686.549739][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  686.552468][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  686.554843][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  686.558884][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  686.561254][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  686.563897][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  686.566779][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  686.571007][ T1145] hsr_slave_0: left promiscuous mode
[  686.573082][ T1145] hsr_slave_1: left promiscuous mode
[  686.576023][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  686.578506][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  686.581353][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  686.584195][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  686.593741][ T1145] veth1_macvtap: left promiscuous mode
[  686.595624][ T1145] veth0_macvtap: left promiscuous mode
[  686.597653][ T1145] veth1_vlan: left promiscuous mode
[  686.599597][ T1145] veth0_vlan: left promiscuous mode
[  686.601964][ T1145] veth1_macvtap: left promiscuous mode
[  686.603752][ T1145] veth0_macvtap: left promiscuous mode
[  686.605792][ T1145] veth1_vlan: left promiscuous mode
[  686.607514][ T1145] veth0_vlan: left promiscuous mode
[  686.609643][ T1145] veth1_macvtap: left promiscuous mode
[  686.611396][ T1145] veth0_macvtap: left promiscuous mode
[  686.613154][ T1145] veth1_vlan: left promiscuous mode
[  686.614950][ T1145] veth0_vlan: left promiscuous mode
[  686.765502][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  686.783871][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  687.085497][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  687.113406][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  687.405933][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  687.428154][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  688.510105][ T1145] IPVS: stop unused estimator thread 0...
[  690.244861][ T1417] ieee802154 phy1 wpan1: encryption failed: -22