last executing test programs:

52.796307761s ago: executing program 0 (id=4258):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x10, 0x4, 0x0, 0x0, @str='\xca\xb1\x89: \xb8\xd2\xa95!\x80\n'}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
sendmmsg$inet6(r0, &(0x7f0000006b80), 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, 0x0, &(0x7f0000000080))
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt(r0, 0x100, 0x2, &(0x7f0000000140)="d67f64f1a32d8293de7d5ef11cc1cb484c1694b47bb9e3b8127922c659ba1506bee1b06c33fdad33115133b8b8e85020d42c02d4970581a19d5fea294713f384c4e7dc26f624150e171e5fb3f8e7b35a6efcb882b01047d91b18b9c7ff2839a4d277a8046094758ec241d531f32f32cfdc4a212b8566ec3c8ba590237c258b93214e716b80499af1d90bcd2a5e1018b3890d66c94abf51f54e590b8d3b1cb8831774a07abbcf6eb272f228ddb64082", 0xaf)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
getsockopt$bt_hci(r3, 0x84, 0x1, 0x0, &(0x7f0000000100)=0xffffffffffffff16)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, 0x0, 0x0)
unshare(0x24020400)
r8 = inotify_init1(0x0)
inotify_add_watch(r8, &(0x7f0000000000)='.\x00', 0x52000775)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r9=>0x0})
r10 = add_key$fscrypt_provisioning(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x0}, &(0x7f0000000480)={0x9855ede81201bc67, 0x0, @a}, 0x48, 0xfffffffffffffff9)
keyctl$setperm(0x5, r10, 0x2000000)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c000000130001000400"/20, @ANYRES32=0x0, @ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r9, @ANYBLOB="1400350064756d6d7930"], 0x3c}, 0x1, 0x0, 0x0, 0x8004010}, 0x0)
r11 = socket$pppl2tp(0x18, 0x1, 0x1)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r6)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r6, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, r12, 0x100, 0x70bd2b, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x8c0)
ioctl$SIOCSIFMTU(r11, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

52.63030134s ago: executing program 0 (id=4259):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x400, 0x80, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0xc081)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r2 = add_key$user(&(0x7f0000000200), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000280)="5d5b18f9bf", 0x5, 0x0)
keyctl$set_timeout(0xf, r2, 0x6)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001480)={0x6, 0x0, 0x0, 0x0, 0x1, 0xd3, &(0x7f0000001380)=""/211, 0x100, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0xa, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x10, 0x8c}, 0x94)
bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2}})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=r3, 0x0, 0x0, 0x1, &(0x7f0000000200), 0x0, 0x0, &(0x7f0000000300)=[0x0, 0x0], &(0x7f0000001080), 0x0, <r4=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1b000000282000000b75", @ANYRES32, @ANYBLOB, @ANYBLOB, @ANYRES64=r4], 0x20)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r6, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r5, 0x84, 0x6c, &(0x7f0000000080)={r7}, &(0x7f0000000180)=0x8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

51.146324421s ago: executing program 0 (id=4268):
io_setup(0x20004, &(0x7f0000000600))
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioprio_set$pid(0x1, r0, 0x4004)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0xd0, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xa4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}]}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x24, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x335}, @NFTA_FLOWTABLE_HOOK_NUM={0x8, 0x1, 0x1, 0x0, 0x20}]}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x178}}, 0x0)

50.215111836s ago: executing program 0 (id=4273):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0x8}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_RATE_ENABLE={0x8, 0x5, 0xffffffff}]}}]}, 0x38}}, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x80)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = openat$cuse(0xffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r3, &(0x7f0000000480)={0x25, 0x3, 0x0, {0x3, 0x4, 0x0, 'gtp\x00'}}, 0x25)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0xa3101c, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000240)='./file0/file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1091, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
bind$rxrpc(r2, &(0x7f0000000180)=@in4={0x21, 0x0, 0x2f, 0x10, {0x2, 0xffff, @multicast2}}, 0x24)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
ioctl$KVM_SET_TSC_KHZ_vm(r5, 0xaea2, 0x2)
r6 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r4)
sendmsg$GTP_CMD_DELPDP(r4, &(0x7f0000000400)={&(0x7f0000000200), 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="00042dbd7000fbdbdf250100000008000800010000000800080000000000080009000100000005000d0023000000081005000a01010014000c0000000000000000000000000000000001"], 0x50}, 0x1, 0x0, 0x0, 0x2000c044}, 0x4000)

50.06467687s ago: executing program 0 (id=4274):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x800, 0x0)
r0 = gettid()
prlimit64(r0, 0xe, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)=@o_path={&(0x7f0000000100)='./file2\x00', 0x0, 0x8}, 0x14)
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}}, 0x20004000)
r3 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getdents64(0xffffffffffffffff, 0x0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)={0x10, 0x1401, 0x1, 0x70bd25, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x40004}, 0x20004810)

49.244965268s ago: executing program 0 (id=4278):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(0x0, r0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r1, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x425601, 0x0)
mq_open(0x0, 0x42, 0x0, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = inotify_init()
r5 = fsopen(&(0x7f0000000040)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
openat$ocfs2_control(0xffffff9c, &(0x7f0000000080), 0x101202, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0x1)
ioctl$TIOCL_UNBLANKSCREEN(r7, 0x541c, &(0x7f0000000180))

49.173119114s ago: executing program 32 (id=4278):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(0x0, r0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r1, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x425601, 0x0)
mq_open(0x0, 0x42, 0x0, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = inotify_init()
r5 = fsopen(&(0x7f0000000040)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
openat$ocfs2_control(0xffffff9c, &(0x7f0000000080), 0x101202, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0x1)
ioctl$TIOCL_UNBLANKSCREEN(r7, 0x541c, &(0x7f0000000180))

14.955153836s ago: executing program 4 (id=4420):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x5efe)
r1 = openat$vicodec0(0xffffff9c, &(0x7f0000000440), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0185648, &(0x7f0000000080)={0x980000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f908, 0x80008002, '\x00', @p_u16=&(0x7f00000010c0)=0xa5b}})
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000240)={0x28, 0x0, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newtaction={0x258, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x244, 0x1, [@m_tunnel_key={0x158, 0xd, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x6b}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast2}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}]}, {0x103, 0x6, "de8be395178fd8dbcacfeff7f7a69b419e501f95f706f059d364f38e4a5de4e3d3e23661288013049a38a1dfa3112ff02a86da426640353e38112c35a11a3d15c10d7982ceba33ee0645bfa83073d152be30d9039136c648b07eecc9df7e9a729b6241b7f7af83de39973abce792346eaf250e18493b49629e76d2fb951d051245e1f33efaab52a957725fcbea03dfb1dfbbd8eda3cc813e745b63469fb6711f1d90074bd3d51ab1628aa897832b220db1b65b4517f65453f8330615e0c51cf8e374fcdae823e3285b96a0e004611502dce51cf50fa7991640c33c65a8d26d2c2a845703c27fcd67a979c709be964d52e6b48775383c661d7ae181470076f1"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_ife={0xe8, 0x43, 0x0, 0x0, {{0x8}, {0x10, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}]}, {0xb3, 0x6, "ae8a558b034161fa5c2a84da0cc115229be0663d56777096a24d28638a711441d71cddb7b00b316834abf5109eb8f58d5f2cad18d7af08c6def644d3c932876fce38d4c29973e94ace6444c334bece9d36c10c0e1bb32869b3cdbf2ceaebf93a11e9e0b244b3c63da4638d3f926483c7e847f7efadb6ebef85e1bb9b18e77e0c62ea903108825bcbd0421b372b4ac6c3da6606400f5a0b9a79a39b90c0008fde35357d5b60ee9186dc9e2effdf676a"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x258}, 0x1, 0x0, 0x0, 0x804}, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8a79}, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x2}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000180)={0x0, 0x10, "2f716c2c1886a0aa79c7f56cf65e5ad5"}, &(0x7f0000000200)=0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="280000001d000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="000096040a000200aaaaaaaaaa0c000018acd6a49d9eebfb4267cc8a4a4390ed3034ff05dcc26fada90ad7fd5ca14a8e1e5303dcc8257c3a2741ff8ab60de87c4d8a3f0a7a6e"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

14.302300808s ago: executing program 4 (id=4421):
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa09dd6000fc010000000000000000000000000001ff020000000000000000000000000001db7c90780001000800", @ANYRESDEC=0x0], 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x131280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
epoll_create1(0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000640)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000040)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x88, 0x1, 0x0, 0x3}, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, &(0x7f0000000100))
shutdown(r2, 0x1)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000000)=0x41dc, 0x4)
recvmmsg(r2, &(0x7f0000000840)=[{{0x0, 0x41, 0x0}}], 0x414, 0x406, 0x0)
syz_io_uring_setup(0xc97, &(0x7f0000000700)={0x0, 0x6015, 0x800, 0xff7fffff, 0x11c}, &(0x7f00000003c0), &(0x7f0000000140))
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0xfffff000, 0x0, 0x0, 0x0, 0x0, 0x48e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
ioctl$SIOCAX25DELUID(r3, 0x89e2, &(0x7f0000000240)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})
r5 = openat$cgroup_int(r4, &(0x7f0000000340)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r5, r5, 0x0, 0xc92)

14.160140815s ago: executing program 4 (id=4422):
io_setup(0x20004, &(0x7f0000000600))
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0xd0, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xa4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}]}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x24, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x335}, @NFTA_FLOWTABLE_HOOK_NUM={0x8, 0x1, 0x1, 0x0, 0x20}]}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x178}}, 0x0)

12.671942526s ago: executing program 4 (id=4432):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x41)
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$bind(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa06006, 0x0)

12.611014548s ago: executing program 4 (id=4434):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc1400000011"], 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a70000000090a010400000042e7fb11000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b2c00128014000180090001006c6173740000000004000280140001800c000100636f756e746572000400028008000340000001"], 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)

12.527752806s ago: executing program 4 (id=4435):
io_setup(0x20004, &(0x7f0000000600))
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0xd0, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xa4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}]}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x24, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x335}, @NFTA_FLOWTABLE_HOOK_NUM={0x8, 0x1, 0x1, 0x0, 0x20}]}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x178}}, 0x0)

12.432172572s ago: executing program 33 (id=4435):
io_setup(0x20004, &(0x7f0000000600))
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0xd0, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xa4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}]}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x24, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x335}, @NFTA_FLOWTABLE_HOOK_NUM={0x8, 0x1, 0x1, 0x0, 0x20}]}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x178}}, 0x0)

4.806530315s ago: executing program 3 (id=4474):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
userfaultfd(0x80001)
open(0x0, 0x2a4c0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000180), 0x0}, 0x1c)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r4 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r5 = openat$binfmt(0xffffffffffffff9c, r4, 0x42, 0x1ff)
close(r5)
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, 0x0, 0x0)
r6 = openat$binfmt(0xffffffffffffff9c, r4, 0x2, 0x0)
close(r6)
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="2503feffffff0000000016000000140001800d000100756465599cb2a6cb35c12dfe"], 0x28}}, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r10=>0x0})
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r10, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000980)={0x1, 0x0, @ioapic={0xfee00, 0x296a, 0x4, 0x6, 0x0, [{0x98, 0x37, 0x81, '\x00', 0x7f}, {0x41, 0x8, 0x81, '\x00', 0xf5}, {0xf, 0x5, 0x9, '\x00', 0x13}, {0x7, 0x3e, 0x3, '\x00', 0x8f}, {0x3, 0x7f, 0x91, '\x00', 0xa}, {0xf, 0xe3, 0x8, '\x00', 0xac}, {0x6, 0x8, 0x6, '\x00', 0x8}, {0x1, 0xfa, 0x2, '\x00', 0x67}, {0x2, 0x7, 0x2, '\x00', 0x8}, {0x8, 0x3, 0x43, '\x00', 0x9f}, {0xf, 0x8, 0x6, '\x00', 0x3}, {0x2, 0x4c, 0x3, '\x00', 0xa}, {0x7, 0x6, 0x3, '\x00', 0xa6}, {0x8, 0x0, 0x8, '\x00', 0x9}, {0x2, 0x4c, 0xa2, '\x00', 0x1}, {0x8, 0x5e, 0x4, '\x00', 0x3}, {0x5, 0xa0, 0x47, '\x00', 0x6}, {0x7, 0x3, 0x2, '\x00', 0xa7}, {0x4, 0x0, 0x7, '\x00', 0x7}, {0x5e, 0xa, 0xb, '\x00', 0x3}, {0x7f, 0x6, 0xca, '\x00', 0x4}, {0x93, 0x44, 0x9, '\x00', 0x10}, {0x2, 0x8, 0x0, '\x00', 0xfc}, {0x6, 0xc, 0xc6, '\x00', 0x8}]}})

3.90204515s ago: executing program 5 (id=4478):
io_setup(0x20004, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioprio_set$pid(0x1, r0, 0x4004)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0xd0, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xa4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'veth1\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}]}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x24, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x335}, @NFTA_FLOWTABLE_HOOK_NUM={0x8, 0x1, 0x1, 0x0, 0x20}]}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x178}}, 0x0)

3.827219769s ago: executing program 3 (id=4479):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
accept4(r3, 0x0, 0x0, 0x80000)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000070000000700000001"], 0x48)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x9, 0xffffffffffffff00, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = syz_open_dev$I2C(&(0x7f0000000040), 0x7f9f, 0x0)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000080)={0x0, 0x0, 0x8, &(0x7f0000000000)={0x22, "e922604a455494c905fd824393fe53e14fcab3d1eb0000000000000000000800"}})
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
fgetxattr(r5, &(0x7f0000000000)=@known='system.sockprotoname\x00', &(0x7f0000000040)=""/111, 0xfffffffffffffd73)

3.164908771s ago: executing program 1 (id=4480):
socket$packet(0x11, 0x2, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x4008000)

3.082745553s ago: executing program 1 (id=4481):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2400, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x2000, 0x2000, &(0x7f0000fa3000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014500000000c0a050000000000000000000a0000060900020073797a31000000000900010073797a31000000002400038020000080040001800c00044000000000000000060c00054000e0"], 0xbc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
ioctl$KVM_CREATE_DEVICE(r2, 0xc018aec0, &(0x7f00000000c0)={0x1})
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000b80)=[{0x6, 0x20, 0x0, 0x2}]}, 0x8)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x44, &(0x7f00000001c0)={0xc, 0x0}, 0x8)
r4 = socket$kcm(0x11, 0x200000000000002, 0x300)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18080b0008000000000000000000000085000000110000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000d00)=r5, 0x4)
r6 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r6, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x20, &(0x7f0000000540)={@loopback, @loopback}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000000200)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xd}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x3, 0x28, 0x5a18, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x4, 0xfffc, 0x0, 0xffc}}}}}}, 0x0)

2.920513443s ago: executing program 5 (id=4483):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r0, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = openat$comedi(0xffffff9c, &(0x7f0000000200)='/dev/comedi3\x00', 0x101001, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000000c0)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x2f, 0x0, &(0x7f00000005c0)="e30080670000ec67838717bd86dde148f0630962bb87dd44fe42904bcee14db4241544716b9ea42231ed3373a3e299", 0x0, 0x407, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc}, 0x50)
r7 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x4c0200)
ioctl$FIBMAP(r7, 0x1, &(0x7f0000000040)=0x85)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r6, 0x0, 0x0)
fchdir(r8)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0xc3)
ftruncate(r9, 0x2007ffb)
close(r9)
openat(r0, &(0x7f0000000280)='./bus\x00', 0x9c1d6cba64b99aa7, 0x22)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="70000000020605a3cfc8647108024e0000000007120003006269746d61703a69702c6d616300000005000400010000000900020073797a"], 0x70}}, 0x8000)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000140)={'pcmda12\x00', [0xffffffff, 0x8001, 0x3, 0x5, 0x800002f, 0x2, 0x7, 0x5, 0x35f, 0x0, 0x4, 0x8, 0x8, 0xfffffffe, 0xffff, 0xffff, 0xfdffffac, 0x3, 0x1fd, 0x8, 0x1, 0xfffffffe, 0x8, 0xe2df, 0x746e, 0x7, 0x40000009, 0x830, 0x8, 0x3, 0x8049]})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)

2.913157665s ago: executing program 3 (id=4484):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="180000000000000000000095000000000010009c07b346cb5e13f8772644f4971e732de04fedad572bac3404f614c6921cc6566233111a04388a1dd9abd53082a556d3870cc36484b7afd31929aee457d4af6b6ec2d0aec2be5822d676d4d9c11f086b9ee55435fa635bf655e9a79e6ef3c3e8ad04cf1da9c1a928f766b975a31f0c49d8b56581c9304a570a7c27812e5da8d9143ea1ecc8e0f700befc1d70bf4fa9b153672e1e6924"], &(0x7f0000000140)='syzkaller\x00'}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4040001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$mice(0xffffff9c, &(0x7f0000000000), 0x222500)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r2, 0xc05c5340, &(0x7f0000000100)={0x0, 0x7, 0x41b, {0x1}, 0x7, 0x4})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
io_setup(0x6, &(0x7f00000000c0)=<r4=>0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_print_times', 0x20001, 0x0)
io_submit(r4, 0x1, &(0x7f0000000040)=[&(0x7f0000001500)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f0000000100)='9', 0x20000101}])
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x3f, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0)
recvmsg(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x40002002)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001800010010000000000000000a370000", @ANYRES32=0x0, @ANYBLOB="0013fa89c32eb80001"], 0x30}}, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000001000100ff7f00000202000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
mmap$xdp(&(0x7f0000917000/0x3000)=nil, 0x3000, 0x800002, 0x50, r5, 0x80000000)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00f7ffffff1e00ff130012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0)

2.575300578s ago: executing program 1 (id=4487):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x1c, 0x1f4, 0xd0, 0x11, 0x148, 0x0, 0x0, 0x1a8, 0x2a8, 0x2a8, 0x1a8, 0x2a8, 0x3, 0x0, {[{{@ip={@rand_addr=0x64010102, @multicast2, 0x0, 0xff000000, 'wg1\x00', 'dvmrp0\x00', {}, {0xff}, 0x67, 0x3, 0x2}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x2, 0x1, 0x3, 0x3, 0x3], 0x1}, {0x3, [0x1, 0x7, 0x0, 0x7, 0x1, 0x4], 0x2, 0x7}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101, 0x0, 0xffffffff, 'macvtap0\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x250)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)={0x9})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x80000001, 0x146, 0x62, 0x200002000001, 0x80000000, 0x2004c6, 0x2, 0xfffffffffffffffc, 0x36b0, 0x5, 0x5, 0x3, 0x400000000], 0x80a0000, 0x140})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 3)

1.973522409s ago: executing program 1 (id=4491):
r0 = socket(0x1d, 0x3, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
futex(&(0x7f00000001c0)=0x1, 0x8, 0x0, &(0x7f0000000200)={0x0, 0x3938700}, 0x0, 0x2)
sched_setattr(0x0, &(0x7f0000000240)={0xfffffffffffffdc4, 0x5, 0x41, 0x40001, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffe, 0x7, 0x2}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3ff, 0x8, &(0x7f0000006680))
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x3}, &(0x7f0000000340), 0xf2, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f00000000c0)={r3, r3, r3}, &(0x7f0000000080)=""/34, 0x22, &(0x7f0000000000)={&(0x7f0000000280)={'wp512-generic\x00'}})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)
bind$can_j1939(r0, 0x0, 0x0)
umount2(&(0x7f00000002c0)='.\x00', 0xb)
keyctl$update(0x2, r3, &(0x7f0000000040)="3a77ca2f441f0166a88d84e4f8716573a5372153d986", 0x16)
kexec_load(0x8, 0x0, 0x0, 0x160000)
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2)
pread64(r4, &(0x7f0000000180)=""/78, 0x4e, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$VIDIOC_EXPBUF(r4, 0xc0405610, &(0x7f0000000140)={0xf, 0x0, 0x2, 0x80})
sendmsg$nl_route(r0, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x14000080}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x810}, 0x20004040)
rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
keyctl$update(0x2, r3, &(0x7f0000000140)="2fb04ecc48405a03a0e3346a0686f195dd3c8aa201ef9506523e2d0ef5ef0ff2fb021bf888d5ac2a783c160255e06a12cae92ceca54b34f82f6725fcdb", 0x3d)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x0, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@ipv4_newroute={0x24, 0x18, 0x1, 0x2, 0x25dfdbfb, {0x2, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x24}}, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.893757178s ago: executing program 5 (id=4493):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000000)="3c00000058001f000307f4f9002304000a04d65f0800010002010002170003800500000099db973b91aa057972513500b0406700912deb5b85932234", 0x3c)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000080)=0x8, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ff05000000ffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "1277a5904e3402bb"}, 0x28)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a)
r3 = io_uring_setup(0x491, &(0x7f0000000300)={0x0, 0x3a2b, 0x8, 0x2, 0x4000157})
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000680)={r7, 0x10000201, 0x0, 0x81, 0x3, [<r8=>0x0, 0x0, 0x0, <r9=>0x0], [0x3fd86826], [0x0, 0x7, 0x9], [0x0, 0x0, 0xfffffffffefffffc, 0x9]})
syz_emit_ethernet(0x6a, &(0x7f0000000700)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde08004500005c0000000000019078ac1e0001ac1414aa05009078e0009af461452e240e414cef7f00e043000000000000000011feffdf001b5900000000442c000300000000000000000000000000000000ac14140000000000ac0900000000000000000000000000008aceca02f3c12753cecc17f1b8e8ce7e5ff26cafac4bbd880e63c1fe5517c3567e6b6e9e881c57386137a90b0db1ecd3931de78e7d9a7ab6f04b4eb65b86c042f8c251c5178efef1aefafc7b25ebed804f2c8687126b9867a0a86417b2face2df00b304370ea62908a230d8b9291cffaae7499cac2e3bab3035158"], 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r4, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r8, 0x0, 0x0, r9], [0x2b8]})
close_range(r3, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002000)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r10, 0x800448d7, &(0x7f0000000180))
sendfile(r0, r2, 0x0, 0xffffffff004)

1.783510055s ago: executing program 3 (id=4495):
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x2, 0x2, 0x0, 0x8, 0x2d, 0x0, 0x0, 0x0, [@sadb_x_sec_ctx={0x1b, 0x18, 0x8, 0x0, 0xca, "eabceab1c5490a8ff6bad5662027c9a81aee6c1cd0a3d11ef470e291c3ab549c49a6f0dd0a4d4de52a7545755362aa4e028452134d4a0e791316e69d16ac9b197facd1cba71191b7720fa11998480f95235c2e72437b691653c00c7c97e984c511abf344dbd4b3f8b7a87a752d1ea3c0279a628a58b1f5db0a16bd3c14a6e235ed3cf43bef25a04480677eddd797c69360355d8da67ca9587c0b43f09004ac695fa034b721fb6989c37c36531ac5a9b459457441f25054212088f6fd23f5e9e47cb25a097d7c06cc3844"}, @sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x4e21, 0x1b, @remote, 0x2}, @in6={0xa, 0x4e21, 0x40, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x4}}, @sadb_x_kmaddress={0x5, 0x19, 0x0, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e1e, @broadcast}}, @sadb_address={0x3, 0x6, 0x74266cdbe2100445, 0x0, 0x0, @in={0x2, 0x4e24, @remote}}]}, 0x168}}, 0x4004884)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000340)={0xffffffffffffffff, 0x0}, 0x20)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
recvmsg$unix(r0, &(0x7f00000001c0)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000000100)=[{&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000000080)=""/51, 0x33}], 0x2, &(0x7f0000000180)}, 0x40002003)

1.714749446s ago: executing program 3 (id=4496):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet(0x2, 0x1, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4c0c8)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='map_files\x00')
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
tkill(r4, 0xb)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r7, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.47390455s ago: executing program 2 (id=4498):
r0 = accept4$llc(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x800) (async)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000000080), 0xc0)
splice(r0, &(0x7f0000000040)=0xc, r1, &(0x7f00000000c0)=0x40, 0xa, 0xd) (async)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r1, 0xc0096616, &(0x7f0000000100)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) (async)
r2 = syz_open_dev$hiddev(&(0x7f0000000140), 0x4, 0x6800)
ioctl$HIDIOCGCOLLECTIONINFO(r2, 0xc0104811, &(0x7f0000000180)={0x30a, 0x2, 0x2, 0x9d59}) (async)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r3, 0x29, 0x4e, &(0x7f00000001c0)=0x6, 0x4) (async)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0) (async)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, &(0x7f0000000200)={0x4, <r4=>0x0, 0x2})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40086436, &(0x7f0000000240)={r4, 0x3})
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_SEND_PRIO(r5, 0x6b, 0x3, &(0x7f0000000280), &(0x7f00000002c0)=0x4) (async)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f0000000300)={0x2, 0x8ef3, 0x9, 0x3, 0x8})
io_setup(0x5, &(0x7f0000000340)=<r6=>0x0) (async)
r7 = eventfd(0x8) (async)
r8 = openat$ocfs2_control(0xffffff9c, &(0x7f00000004c0), 0x80001, 0x0)
r9 = syz_open_dev$evdev(&(0x7f0000000600), 0xfffffff6, 0x8a080) (async)
r10 = eventfd2(0x3, 0x801)
io_submit(r6, 0x7, &(0x7f0000001880)=[&(0x7f00000003c0)={0x0, 0x0, 0x0, 0x6, 0x8, r3, &(0x7f0000000380)="944faf8176a555f7c83be3ce020407f65b42b0230617", 0x16, 0x5, 0x0, 0x2, r7}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x3, 0xff, r0, &(0x7f0000000400)="9c89e4e2269464cbad4ee941420bb7eb701300621ada55ea848c270b021123720de3d2026997aae2a2eabf3ffa9850f5dfedcca4dff58f295365299fcb91df5f62512da9769a0675a503edd48a8bb22606ff26f8fdb4d4e1e1c28b335e3efee50ed9e52139205ebefdabd8cf266fecb6ea52476c89a77e569619c8838a320201d8d3977e0e802310b7a8214fc2af52c881e6", 0x92, 0x4, 0x0, 0x2, r8}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x3, 0x8, r2, &(0x7f0000000540)="1afc27bd1d3070003edbdc1c27c2c2d172e436e43f7fb298c73c6b25dfbaf0df3b31fc763c2f9b6aaf5c2bf300f1d307cd2e641097c9562f85a3d526a667aedcf1b5ae57120727b6ced623fb7af7255c60798d8718", 0x55, 0x5, 0x0, 0x1}, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x2, 0x1, r9, &(0x7f0000000640)="aaa69e2b5f04b8af72ac653bd139e02cd0230ec7a6f9736bcc4d311b25d5c9543ca560053c6fc88e869cb968be4df00c11f5d9722b23036f2f231167f057a960c45cc4619712398f68d99f4146e8396fa565ee3cb451c67bb52ae28cfe5f111433aa2435747784ae021f29dc778d3c020f08dcdee0000130778a5b4ee18116837cc25e388dffb5501838709c9ee6d63884aa2f8224ba2f6bb0d85bb25db68b13b557825ce9114f9de7e708f85beea44fed1e4180d7036f3a558ecf1b3d43172397f5ba7e432ca03624fd68feeff2b1a5260082ed809f109d949fa79b5067dff40c762166ef74d04cb405c43885d22be63509ca0b233b827e77ca2cfbd9fb50aea95d95f798ebe2bbcbbf3a5469817b2fb0338a8152f368835dc096a67dddf1cc9ce42370e1814e5eef59743c1d36f83b611f77626fd419aa31715bf963579de6ecfec17d5121b22dc3944db033813708c215896ed83118af346cc673cbd19a5f75a58ce73a6925a75d78b615ea3d5df7220d8f456f94d643abaef7f803e67af2ec614f4868877e57c79152dfd81384175b505add460e22c608c05abf5f4e389eba6a7e5086e1936260f4475b07d4b58c28285e31d90e833a3b1e1638a4f9b52e007fe304241923e7b25930e7e261118bbc62f50f9840535e54556e683ccacececde8c2545f65d5f5dd145240628cd205d3c66601a220704689e3a02fe8e2fd1fe727dcd2d8519f921541205b817cd07655110c72e84e9939cdd3e7f12340a477aaa759e7e1cb81f09b50f11a04ea7cc036f0fdfd8871f6e6eca2e0ec9b9e4792a04c19e8287e43104d68ca540c6f8f292cf8b412c363e1899b02a4bcc7d195e1ae6141e87290e18b5b99a798adacfd6b82836c32e0add4f2f48f94dbeab4919a9c8213ccb537235cdf6516b645f4f38be8c5d37b6c6bf7ad7bd8f943378174487420b1f1f0809d8ba0a701a0a898bddd04a9a633a14d5d498d428045bb19e8e9364d5dd2a85ebc865965fb8dc6e0fbc537dd5dc304254a9a710ea71168f8e58e4d1a9a830f4e906c96c5f20d4e13035279fc6be70e8fd085cd38c6aff6eea0875c56235012f2bd582e91dbfc1e8c31eb3d28a7b3d6488cf420e55c5e9f98a0686c0f904f9e8885be3635d1d7e4d5e5ca782c94da86f269158f43eb4181e4df88365857ec7159bdaaebb1db66bfc6847c9b6b573d24abfcbbdb7964a34f5c1d3987c1ef4dfda51fac48d6570e3d4300451539e293dcda143f4bf24025759e799a4fa6f34eb32f0bc44b69cbb212e3eff2b914e482a0cee254ce3b5e790de3dadf8aaa43259c1e98bb42c9892dc46e8a375efe8e8923092fd1f7671acd7242f833839090e09cc7f4bbc243586a8319100af7c593cd677ea16834505dfe7440d3e7268626c64b827d112bc4ee8025ec1041dea8f7e0923115992df084515b87b2bebdf84df1c9a2f231791494cd84ac7ac9afbb87fc5f962cf97744ca80f5d4bb316a202dcccdf92f3f4e50cc3fbfb1235cca621f288ff2e7d914a59e0ea1b3a3b2b23b81f43f5ce7462ae2834ece54e9b34f9d59fa0de29f478e8ce1c448bce56ca4773e308ec33d12fdfcd5e5201fd3734a9334d79b97dfed8030c77a4ee1baabec6e21c45e5ecbb08f3d0c4510f15eaf8b4ca37cbfaa15f8672c5567505975903ed3fd0d01e4df30bd98906ae89d0d07d83ebc06887da733bee68550fe594f39989fe7001a05948b6b9fffc77a70ae7bb6efc3718e71b9e94a561f421e14b3ac8d0b9248058adb81cd4b07a3f367ccbcadfa0292314330f8ea250825019a358461909ae7602fbcb5402f912cea1965b667642bee3e26eb7f73fa5a4fe66c96b0160d8d305a1b1c865e72d29060f099f20fc8e431f11793a14ef5623538a53f717764e62e77205e7d9e06b2ed21a5051daf1e238f8310e1b47ff0927a3c6edb450a72ee6cedcb3bced86a88005079a823954c2b14781bb85ef7595a747ec1883f82dae2d260205616235107ac4f34ac33d88149a7b6c8745bf37b7e8e29ef7a9507e33915d57d5401a94392152dd5d611fc961021b8fea0bba9213bdfc706d694c9c78bbaaca82af00a15f4c293ff9f65737b32c3db2e44df7dacc47466f30afd21aa3d77a099350452150832260e066dc1718e3317e8dea9bd2cc51587cd475766f01f9fb1caff72c17352cc938cd19382f01abdf09001b41d5afd036fe24ce847f745c8b633e2adc3cb64dd68f7778e76a9dbf4affc8451d6bc7147d134d8c079358e30b46e29bf663c75872248e71e1a6e45785f8cb98b6e23570d74d363c315fc10ec3276415bc913be1627b7378b00916f4d0219c5b213a3ea7ed40bab1343c218f90ea75a06afc4991925a21e52a2a10372c447fa6abbc160a85ff3e75f6e597588039e0f9e3d77c94ce213a3c93261dd47f775c4e38e8b07dad213417a893bc69fe4f6109db77e075cff9b7a2128fd9f26518c95aa20d29043a44eaa8bd494409122a6ded41c8af1d466c5a39649c527fc21b6929d30a87d588b9b9f4540be7e8f17f6189c414d96aeb294d51f9522f7a81d58febd5946c45026e3c66a3269f034c3841c6c531c2277731d5e03d70a68d3396f1c2c04e30e83f21ca4059908f1e07f8a7d519dde6064ae9ef086bb7bc7c074e46713e46e61772257cd49aeb456a5a81c42f9bb00504127d98aca2841eb4f131ef5b4552362a583bd674e998ec2ca691ea02325e6344b6f6efdbadc28f30911a149a8fc12fad1bf651395b788d07b9222c598706dae814e6510967d91e8f998e5538e8ecff105bbbe59ad3c20cdcb1333449d4e168b57547a36d6c6b4503eba9d5408f711f3861d87dbfcfc0bcfff47a8a2b8fc277edf775081820c1d3cf7599601d24f9b191bc4e15aab7983dafc7a76b73ce0c3bdaa2d62ad9bdc51df378db8b1c1be7d2c5eb588299ee721dca450484908d34e095850c54939e6642dcc63086499181891886b7e1b80ad1581096d6f746f420c153492f9896576273b08c95e343a7e62f3e732f6f55677da1a788a73572887373bf504f3ea5039c9724736a9d15f54b803c02474c1d1c26d09a182f5ccb980ba01cb9cfb4cdef7748371c6ed7077e0962d067f482e77f06b59a8783a61afe471991d1aa6832e04fc012f074cae34bcc87b2255b22826938d7d1b6fda411ca14de618bdf3495a3fab6dcfe5d8e5574138956063ff8d7a98deae5ee614a304cd902b18283cd97d9eff7d944741125e7a5cd0ddd35fafefdb82a63f9568343f4918e8fc2e67ab8c0c57cad1723e5946c7e79d8fbe6fdc36d7a2f1c42d9e556940c5d92cf92faa519c86482e30e6f36ada6491aea6fa511dcd26f64f7242dc81240aecf84d0e156445d412a3bfff0ca517bf65a1d0313eca23f5b753ffe1fa75881410a57c07168b796e8338d18831b06f4c8761d9ca5d1dba2afd35cb5215247c762f77de837799db2b4143119f21d09d8f3ef3e74000e5e7e95502fc433f0d5540fadca470ceeaf2b82bcd8ddf4e461e46e9bb74e8ef32e25aa2a94c4a4669340c0aa3fbdf7d50687fdc9139658e964004f26ad52441e3e80176d6ee85fb0a3d758404ce61ba69a38ce8bf0030bd9f16c862ea7e3cd191056e7b10b60dda83cc28de1f42e4f52d81c47c3f25e8f7c30e3a1ea3ba8814e7adda22dd05b6dca75c533ff109f545a2eb27e1ab6182a74d7a334bf7b3d42ca65c6b868fd7d39fef91584409fe287d5e3b091d4fe674142b1c3e26b1d9a8b98fe81fd18c19773bec68d46a93037dcd1b1c032d450bb1a3b8f2b573c62ea6a6fdac5613d4801b9105fe79a4d82722034382e7f6603d30ec2e3d0eff9bf6f90325ae5d34afb2850e63ddb3c3d1ec71a6770d22f11e60307ebd7048282dd29ac745c50d31b641e408d67d593ceeaf5f3829fb54a2d8521eaa9a2138cd2f17bdb03fbe71215f86051f0f5141d08f65220338576c733cc45ffcdca16b7b034cfdd8aad4fc3460f961dfa211b0e57d91016ad58d069e835d6542964c484b33d16b0a89bafedfeb1966059911f553db9604e254931baa07b6ea0e1de0f2b3a2f1976fde819985c8c0048675dda54c74338d52caa6daffced0e932194c62361768ae1758e1e149b2b81bb35e44043a55188535c6e6b3f143cb73bd03d306642802e0b3a4bd0dc75ae4611ae37ecce16df5d8f74284f58544bb73856b6990274ad27940d16a783769a319b1103929064daa0c5e49f9c100f3afbe2a2622425493022b3cca6dc576f1ff5aa606d281eea435e82540b44846033f7395772205bb16b80d7df253f9896e2a6843261151b0abb38e568b6b00b532fea8d5bc9e8f34b8d06608ea22ad6e6f80036d511c9c471f731ae7cb6200c9c13f48a8fee8fb6c5a6581344c3030afebcda3cf76a356eb47124fbc720897901851a8fd459e035f2900d8e7ca5509f2998cb2f54b9264f68104ab01126b695886f87da49d3d408fcab0051f583821ebb6dbaa6dfe412a8178fb5edc981d5d206e9bb0dec29963a8f5dd2d6ce2a00991f6faa71b1a5613f86d1d48839ecc9fb929dd8bae9416cac49541217e54ae0a845c185a6317c4ad9a267350d77bdb87c71dddb745ce4f5fdbe0f5639b4668cb4d196beaaa92fb8dd55810d04658cd9a0a81a3a31399bb45471c4bdbe5d297c81dc61ed07894f0c6dde239bc51ffda495ac79e1696803511eca7a4b6b305e89faf67b70d0cb26f6160202976dd150d14cbcf9fffc0dd9945c919b93a60acd894b70ba6471e255725e91bba9daa30a1d2080209783df1af70860204c28e7ae429f6171e71b74e876e93c54b04113f37c846b6f8888e96b60d68427edc56d60f9fca52e8d81fb54d23bd21cc1adbad5ed7a4481c1d41b9468c5d53e306e79697fc493ad5a149efb7ec3f3ffabf82fffe4b1047e108c4fb0c09b5e9048d26043852677a2d63018c39633ef72294ec242faed955464a73af7afac502d58aa8b95c243a803890168ad289b4f4652a2a81f95a0e188c28ee7e995fb5d739c475046695f5eee3bd8691659db23cf4421e69c71d0cd83aa43ce2241811b05c798dbb7711b2fde15027cfaa3b5e96b30200adc6e9935e25e1342ff5c4f5634c65414bdb8305cb2a4605935e88e9fe02df7b15f41e97f67e3bbf402a133ba129378ffd292a40336a4c9e4f43601b39915b4efa7b995bf4bff42d56debb26632b53ee33eca638c7ba65daaa32fe2ddc5d65a8b9d6d861099a90d608b1b97d22a200670bdd0ec271ebec94e41032d370a29f79f02d27159ae2d2e6e8f317153f17e18ad709f0e49df9d6545760028aba9505a0926e90d85ff8d2003fccc92deefc42ec24451a65b400b448b4dafc73c061b123c6167d93d6301753afed7b7f9122d20dcb8a8a5109c0a842449191ccd220bc6341a320bed27a91529d5b2932f45e7397cd744b7924329ebc0190be3e840033f468423f2f8fb5271e762f851c54fa4e4869791402fe49d0742fbccb1d063492be0ee5e505a86e3ddfc1d8a5a435dae8b113dd12e5b6c7f7cfb00608f5745e7a376a4784f2df4900ccd4603007c0f0456037992a011302cba79db83fdc50d90969fb47b875d8c67b4274effc18e717be12814d8ee30751b9b52e2d9ad538c04d3108dee611cbe929dd44559735d833311a5e1a233e340b9a216d5686dd60432921c1a04fa7dc25876d0b65c9450997ebdbaf3238e2c03718884e628aebf909d7ef4bfcea6382d2416d8f41384f56c64948bbc35fb768777a070a9b2cba7951a4d10b169bd1321184a44f4e477ad16047c19b", 0x1000, 0x6, 0x0, 0x1, r10}, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0xffff, r1, &(0x7f0000001680)="c3872d8f26384f0d8e71a356cba99624a4dad4e866f5cf455e8be29978f9527830eaea205b04d9f4c817b851edeb35af7bf981d32f71d0760fbfc7bbc2f0f327202c", 0x42, 0x9, 0x0, 0x0, r5}, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x3, 0x3, r0, &(0x7f0000001740)="693cfe70504b5b331f197b18887820a471d0c733812b95f77618fe2839f000297de908b3325c0e67d91662420032a00992a5a36f3fa4b28893427d500e203908e0", 0x41, 0xffff, 0x0, 0x1}, &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0xbf3b, r2, &(0x7f0000001800)="b06cd25adb7cdbfcfa38cb0965dc0452d9010fd700d92f2b6b6b92be36bbea562d88", 0x22, 0x4, 0x0, 0x1}])
r11 = openat$vicodec0(0xffffff9c, &(0x7f00000018c0), 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r8, 0xc0305302, &(0x7f0000001900)={0xd8, 0xc, 0x8, 0xb4, 0x66, 0x9}) (async)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000001940)={0x0, @multicast2, @broadcast}, &(0x7f0000001980)=0xc) (async)
ioctl$VIDIOC_REQBUFS(r11, 0xc0145608, &(0x7f00000019c0)={0x2, 0xe, 0x1, 0x0, 0x6}) (async)
ioctl$UDMABUF_CREATE_LIST(r8, 0x40087543, &(0x7f0000001a00)={0x1, 0x5, [{r8, 0x0, 0xfffefffff0001000, 0x8000}, {r8, 0x0, 0x921195c23a0f5800, 0x100000000}, {r8, 0x0, 0x0, 0xfffffffffffff000}, {r8, 0x0, 0x1000000, 0xfffffffffffff000}, {r8, 0x0, 0xfffffffffffff000, 0x10000}]})
r12 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001ac0), r8)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r8, &(0x7f0000001b80)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001b40)={&(0x7f0000001b00)={0x2c, r12, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x8, 0x14, 0x2}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x1}, @ETHTOOL_A_COALESCE_TX_USECS_HIGH={0x8, 0x15, 0x1}]}, 0x2c}}, 0x80) (async)
r13 = syz_open_dev$tty20(0xc, 0x4, 0x1)
dup(r13) (async)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000001c00)={0x1, &(0x7f0000001bc0)=[{0xff, 0x0, 0x8, 0x6bb}]}, 0x8)

1.452361825s ago: executing program 5 (id=4499):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x1)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
creat(&(0x7f0000000200)='./file0\x00', 0x28)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000800)={0x16})

1.134455444s ago: executing program 2 (id=4500):
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x5, 0x2, 0xfffffffffffffffe, 0x8, 0x0, 0x0, {0x40, 0x3, 0x6, 0xffff, 0x1000, 0xfffffffffffffffc, 0x0, 0x0, 0x7, 0x2000, 0x0, 0x0, 0x0, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000200)=[{{}, {0x80000000, <r1=>0x0}}, {{}, {<r2=>0x80000000, <r3=>0x0}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f00000001c0)={{r2, r1, 0x1, [0x0, 0xf7df]}, {r2, r3, 0x4, [0x6]}, 0x1, [0x8, 0x3df]})

1.134185284s ago: executing program 2 (id=4501):
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x5, 0x2, 0xfffffffffffffffe, 0x8, 0x0, 0x0, {0x40, 0x3, 0x6, 0xffff, 0x1000, 0xfffffffffffffffc, 0x0, 0x0, 0x7, 0x2000, 0x0, 0x0, 0x0, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000200)=[{{}, {0x80000000, <r1=>0x0}}, {{}, {<r2=>0x80000000, <r3=>0x0}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f00000001c0)={{r2, r1, 0x1, [0x0, 0xf7df]}, {r2, r3, 0x4, [0x6]}, 0x1, [0x8, 0x3df]}) (fail_nth: 1)

973.890137ms ago: executing program 2 (id=4502):
ioctl$USBDEVFS_WAIT_FOR_RESUME(0xffffffffffffffff, 0x5523)
r0 = openat$autofs(0xffffff9c, &(0x7f0000000000), 0x2a00, 0x0)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x14)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r1, {0x4}}, './file0\x00'})
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000001140)={0xffffffffffffffff, 0x0, 0x1000, 0x0, &(0x7f0000000100)="2ee47c401f3db8b2d129107715601923514b8a190442290b0344883d2301334fd6264d25ffe3b97189d1bb77d3d6b49b78bb5dd11f3431c16815f615825851b55e19cafd8419df17397b497394523c053c83e0ad6ffd2e41698d08c19196423787124c66f71fa0ac2d2514b449cacf900326a5d18286036ecc9dc509e5c468e5f6c40edd8d2bc1f540564003920a111754d0f22e9767abbfd067b46ef191f93787914b928fe51af9b5ad9c36666fea52a0fd2b47ba62b26ba426b01135d88881c767be504dfec58c7267ecb8fe2ea815db48ba6ffca35dd2e84a5b319d38c501f70a7654093d7becdb7784317ebdf5f927cdf58d042984f09d82ad1fa3dc512606e8bca0cc037e547df71a119144518af08946dbbdb1240346b98b94be508b160cd1d1b65eab977767536d1de82480d37f9ac5c7b26d220f7d5b33c5f43db727591ab038acc38caa7f13021314cbb5e94302c680d767c4eaaae1601abfb7bbe8bc32c299c1dbb0a55d8dc5033f5b0b61d1fb0f1c3be6b92ea09a5238860040c7dc1a690cdb16a663f45b31043a086474dfe88a9b2972cad32163426350ab31fe2b139d4abc35ca9e6ff28b08bd126b4cc1863e1bd0eb361c7bf2d4dda7e3589f4313fe449b0d3bad142eef69d82fdfaaab86c89f0633ce2d6b1a2d3b9c321eb3ab93912e772022b3ae46947d5c0fc486684ff7e30762e1b308ade4e7d5f081587ab8d3097e2c2a5222d315aa889950ad461feae367f7126990e4da929ce6669953cb755d57c0cc307322231b0f87c77336b33d7bb0bc343a7a4cbc3366b209ca3e1485ffc61c03e0338720db8cb8124e22e240a91555f0bf845143977469b1e4cebf42e6bd8f199614bb59767bd8db0c33474bc6dbeae6b4e9e5cbe80473abe1871f200f00f55842005b11260e3b9cb8833aeb89410cd70e79ea70b45d8cbec38daae60fb4098a034e6bd7d6b68cb16d810cc10c48ea76342c77b41c9f004af25e0ded363b709864428fa61da877735cc6e9e580ca9e7b084bd937d42d4114d56fb96455cac7290e83ab1dc046ad4973839dc1289623dff21b63b4850e56464c18b4e287c9225c9760a4e44b56bf422156a5ff8d6b3097cf79d3e54a83101b1814057037e22d8384d07c9cd9c044fc42e10e3b7200b492b57acf54c054d489bf7dac0746b82ba80fb1fe7e3bf05cac319833a28a284b0ca163e1a7c3b7dedf1936df820cac93a96db79f62d5dbc5f3a16d149bff97e293604fa04f17c606efe8dd04fdaa7273624d075703b40d85472a7c4ce7d37c2204d59d34210663c663f6d33473984ccdb757217bfd857f137501c5542abd7779f434e5af86968d71746da043a583e8f890d4c1f17af478aa611bee6e2a291cf49f39fe94c82d1ee83f507630f5c09670026f637cdd72dd91b5f4bdfa558ec8949b4b72c60f6e6c77ac758720e87d5e61c24fe5a66b72987aa208d356d0b273ff3ed88934818b2eae5f863554ea9a9ba7deacfd683cbe7a62bbc69edda4766bb15aee9ffeb8390cdff7a7d5723db293236840fc0e4cb0cf185bf20f75900fa999dfb1bc95e6532b72b527e96b3d20b6539e2f74798b2f5d088b263920c3e904bffc3a519131ffbb425e476de372f2bf6412068272bc5e9f8e7a259b1b7fad66a6addc9ac48b69671650853f014baeef7f03375dbe0fadbf761586d813dd89ed3c8d3ba8651271ee30f743c1073ae74c900f09f03f26016f697ea8b4ec0a816ecead7ab98dda7f67238ce83b0f7d2a1e75379f9410bbd768bba1c28b62b937cd6e7e7b5ad3303bfe9b55439ea30a09975298eab64a9cc5fb1de52e81482d3068d595eec69ac20a73e26d0115c08d0b230c6480672f522a03a20b266f1ad4b43917af2985353d69ff8f382b8003336f3e95c0de9abdbefee755527b44969bd3d6731583a3b0945b07156574a6f1fc593105313f55a0e03d136d940bcde9f9a9514e2217025ac40e3f7820a02ba958a6168844cdb7ee6bf244b8843f56a85673a7521a8cd5d6321133294df7d1a36237d90fb65edb18ff7bc61448e8b9e18c74f9fb2167190481c78b9e8f4c655a208a1c97aa44db0b3aed36e2d264585c07d2c9e0f15fa94057ec085e515cacb2967df5d01cb5d2bd42e704ae4e083522e2f94d234ad4d3b6161f9dcbb174f6fefb060485c5a0f75758b04e739d1a97c86181828c867e9a3ce02a37708b857127cc1529f8a957e0408e3bb5d4fe5b6f3feaaaffc2456215305c701242f2825765db6b243c8613a563a71afbb483f525d691fb04d9e132a4a92b2a7693cbd99b2c14f93499c2fb290f232dd6a91d38cb77a3705970ddba74d72c0fec73f4c95fb78394512ffa1f803e183f71fb3ebf7dd01fc4577177e3cb6f2878d13c5f59b2935ae9961092169b228702298f1b5c6d61b20bd1b8c073f4c26b2aee7b3b3154f70242c7982a95e0a433decf16c4c86d2844254a19d1fcd60c0bf62f95293f48ca4fc737dce673d1669ef67b8383ec772b5ffc23a2adb6795d27a9fe55348e0a80d0d179505ba892e363d595b3518a88d487e84291c06e060ac947e045b65e22d2b0ae12929576bdc03e5093b51840727ca93ae3d67263e4bbbff65f42bd396aed6a081f3662da72d007c52cb4057ee5109ca9d9a3b8e0e7d69ea5b651f8229930df294d9cc4977c416f27485cc14d22c95d7ccfc9878895ec1a960f43ab33f85882c77cbdf145eac60130b1f79963e4346bbdab01588054bda817cea926bfc2b1405e5a175011a18a6e0fce23b7a4f04d66315cac9336c6307e8e178e03c24e6abae41103f81613d4ff7f988287081b4da05390e9b02df0a5b37257f0b6f071c6cf5bad8ee688eb41fe4faeb4d480e79e3df7195168bc4a0477d220c97a5590d963390cda0189ce78d9edbd463ded7096f5cacd9ab774ac14aaef7424ffb7e5a95fa480edd59c7941f80029b2aa0fbb29a57a8e03f13fb614ac47aee511c5f208f99f0b008b442026a2c4a4ae4af25b4ce7b72c6a0b359089efa591dd28fc7ce016a12e9f44af384086ec19536c90ebfbb162b5d41a5ed45d6ca797d3e23375eede8674792068c92428cf6a0d9e1b73e302828ac11f067646371472a479f0c8c0a090f93214fee3fcd8a4cc529f4c9553ac44373b4af5bbcdb4e5a399fd53d104479bca1ea7bd46e95d543835c7cf39f1da1354efbd6cee40e3ebf28d4ce6bf9ee1f1828b09306c08e4246e96b034c0918b26cc2472b2f813b9d08b0e0d86134288d307ac6704dfd106a1623c26e8b742e435f1cc4df54b3aa3c769f97891e472d8bc63f8309818dff37a0638ed6ce029cea9be51e9aca88438289553f2f2d90bf1dc567577c3a5550b28ca32d289f052051d41b9b605a247d0a119d93c54732c1e600887129e18f35f8558e368b1d104c95933ef0d4bb902876732d0b18e629ba9c4f54a4bd81e13adff5cb01454af1f29c25de7dd0523891a871128470908deeb21b9ec9b92d77d0b63c878225e0165697a34b113fbd582a28ef6c474397c757cfae0fcd3c7362bf4fd4165e71f1c2e80166552a73daa607f6c97e369bf27bcb957d14534a733f07095e28cf0301b2b5c8df2db0b5eee151fb2cd945572e500efe53d1d36133d662387f343b2fdd47a73e47f9be32d345d601e2f66fe74527227f638e9e361ca4bba3c49f00193de85c569a61325203ecc524b6abd285f33af857c38a4d9d5eda6d4e6dc6ad3d99117020a2dbf31c1c81c282bf145876262548b11f74343857d7b358ee757c7aceb68f7ebfbbffbbeb3c3e2d3a9589a4d5b31a94947098b878cb202b11adcdf6db8071637c8e68902eccb5b5ce56e75065da9be35c2e92cfd2cc64dbe355c1ba256ef95188cc4222b1bc7239d41f1759f3e1806981978614c3b5c6fbbe162545f342dd832cffb5aa824a2d28cd023995c0efbb5f59086ba7061d230ea7a36fedca22a3e4318f04cabee6b04e3395b7db9f1bbbc55bf06daef5ac6baec046ce0ebc6924427218812f1e0f24cc621f19684011b153d0327592a1791b29954f73538662c857ce5f656d1a1ad36adc996d7c132c07648f5b044912822f0c0e11af1e9f0bed551a0aa57d2e8a7765ff5eaf1e71b19ea09b794c41093cfbd8b67172d3ea5478a7dde44388ec021429e8760e9ac1fc4255ae32c58149ea73de90c97c57a7729db679a30b5330cc4da98040ccfb878a9e46cac3faa2f58f7f3258eb7f7665962c6ffee79eece45fd67679871b18ecf74509d9f9e633b1f7a4c7c80aaa346a40872398727c31a4ec3c3a18b93f0b7fbddf2cd7d1ad378bbd2a22f3de478497b38bd13dd6d8bdef97b5a4213c23f07ba8e4cf82fb4822328facfcd5c5cba7f1f5b35f007d302af72fc55b0b079a55c61438c2523f44f481dd4ef8d2c0811b3b282327a8faa65038a97fe4a7dbdb65df51f8456c21a9d8ac21243183ab9c7f2ed8e4e6924000e33a748d5be55378dd7eae0a3136ed7bd94380c2f6aa3a8e7c5618efe6aa49ac2f86ef3ededf1668b7fb0cc3dc367c2a603da7a5d8c8e88f3c831e52dcc6d094c96e0f1f2a8a635f6f82afca6130c7406a2dae0abb602d8e561d07bb4112cde01724b8123e46b16195abbe574bd4331fe6c497b8b4fbf5f1e9cf7c6604b5d9a5d16fe024df6d41af8fe774d51b94213ae50cc5074dd7e6b01a9bf1115bab4071dc043162e889eb2ebd5f2396d80fc096ab8a5473a8f9e2e6596f650a6d8bc51e09eea4c9711bed1fbf99825f34f69681f3e0be1b8361205d8d98a3a755c217e9c74ebef61c0b1c5651faf6878c2004a1ac6d6bb8279807c9a598734629c470ec58cf5c6f67d74b773b8aea9e40d70fef069fa6134da2a352254692f08c59b80c99d8685d3505c3a2ce9e176cc0192fec4d98a218c42e4279ff1ac364822b9bd9447b110282622664a2688a82e227cb29b75b9d1b1d3c3971ee7b6004e46bd6446ee4a5140a0a0f4bf007bbb856ca6f0ee9441090c8bfb9854bea1456253027cc0bf8d8c1912afa80b3e601d204478b5aefbbe3beb598d9a956f2853b5eceaf747bb14a7e878ea4e247a53a37ec1f95e3676b8373cbd3f96194538b8395cf9ebd8b0b50caed30150bd340a46ee4676208d001836c817bb61179f010a5f7b762d826d01cf8344ca03bcd4b77c08f277f4f758478e1f9ea52a0ee0586d7b552f8c29144230fd953bc08355e8d42c9251ca32ee86c59352d92e379213e499ebe172ae62664f11e554d0928497f6552cb9ebc9e6727612ff596deedf6c13f15cacf7014f71896b0a009b849411308d0a3c5748565af42962e0e95937b4d61152238be542be8f8f070a506f09c85a13bd1e7bf97ffa7abce34888b9208f7925290768e95d882ff7fef28718058bde09c915a87f9a3aeb19a89ba2703c238ee98e4dc44c8fecb0e3918e8492c06cce66c260f09a219bc05deb51cfb0f4f507b4aa9ffad182f7db1ba7d358f0d42aad757c8df857212b405b6e3220ecb5fb6b924be0d3378b02662d9d32b3608fed52c3a28f257d4fbd75ad02afcbac7be5cc36bcf994b43b6e7516bd5190ff001ac5ed785e9a44ce5b7dc09cc4a15679a68face9e431681c3a1dd65223d428cfb80734035300b1b9431e8623ea2ca91cbe0d5276aa5660b5d5d336c4c5be8d9d47e4d5f1a7c6bed80bf303ec869bf50cc873cdd51902e33e1c50719e1a54a207e198e4815113f4dfa3f369b93c2da4d839d01faf3ee7198004cecb181e75729b975c7bb828cc42737e1571db259179c53cd301c286a9f030ab62123c0ee6c9f9", 0x0, 0x9, 0x0, 0x3a, 0x0, &(0x7f0000001100)="06609e84a629ad6b49c0ba152426a7dfe573dc60fedf10d02baf7a745b9b8e8e128b036717402817921a8c0077f84eb8e5ae45520a163d5e4dd2", 0x0, 0x2, 0x0, 0x1000}, 0x4c)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000011c0)={[0x1, 0x1, 0xffff, 0x8, 0xb, 0x0, 0x1, 0x80, 0xf680, 0x1, 0x5, 0x80, 0x507, 0x6709e736, 0x7, 0x7c0], 0x8080000, 0x57805})
r3 = syz_open_dev$mouse(&(0x7f0000001280), 0x9, 0x1)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f00000012c0)=0x1)
ioctl$VT_RELDISP(r2, 0x5605)
connect$pppoe(r2, &(0x7f0000001300)={0x18, 0x0, {0x3, @broadcast, 'pim6reg\x00'}}, 0x1e)
ioctl$CEC_DQEVENT(r2, 0xc0506107, &(0x7f0000001340)={0x0, 0x0, 0x0, @lost_msgs})
ioctl$int_in(r0, 0x73, &(0x7f00000013c0)=0xc3)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000001400))
ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000001440)={0x3, 0x4, [{0x57a2, 0x0, 0x4}, {0xfffffffa, 0x0, 0x5}, {0x101, 0x0, 0x8}, {0xcfb5, 0x0, 0x4b5}, {0x10000, 0x0, 0x1}, {0xd6, 0x0, 0xd}, {0x9, 0x0, 0x5}, {0x10, 0x0, 0x2}, {0x697, 0x0, 0x608}, {0x80000000, 0x0, 0xf81a}, {0x10001, 0x0, 0x4}, {0x2, 0x0, 0x3}, {0x2, 0x0, 0xb9}, {0x3, 0x0, 0xca}, {0x8, 0x0, 0x8000000000000000}, {0x4, 0x0, 0x8}]})
ioctl$IOC_PR_PREEMPT(r3, 0x401870cb, &(0x7f0000001600)={0x9, 0x5, 0x80, 0xe0})
r4 = accept4(r2, &(0x7f0000001640)=@ieee802154={0x24, @short}, &(0x7f00000016c0)=0x80, 0x80000)
sendmsg$nfc_llcp(r4, &(0x7f0000002900)={&(0x7f0000001700)={0x27, 0x0, 0xffffffffffffffff, 0x1, 0x40, 0x5, "7f5fd48c22ebe60a547e5a2a51aafcaa13494a6b6e8b477d1a6b58b2537050372c77b67b2fa9bcb9ff3e06b0a6922ec5d5598ce6a5c9fe98a107bc8c418ec0", 0x15}, 0x58, &(0x7f0000001880)=[{&(0x7f0000001780)="23a83bd830699cae06ba4b54e8b13f1cd117cd1ae762d34249bbff9f2a698d4fc850b0052d42278e0cccdf9ecfeabb7b41ce8c92cfb565442c43b0e75c8389bb2ebd6cb801941efbb740cbaeac33584280dc05ff6beb9585384aec7048dea30198d108cb6782f8b35ffc89f730c96f0b2f313f82affe4a97e304e23f43316610cd3de03f312e7e5c7a9a7a6cf55d403383c5bc33b16fd9407e009b1fbee7459643764eceea73d7e35075463ef663baf5544b25d5d111a3143454b1ffabc05acc6919d6", 0xc3}], 0x1, &(0x7f00000018c0)={0x100c, 0x0, 0x3, "1103e96effba4942b3ddb61dc29e0eab6e58799b185cda098198d14d5af6f22ea8d041c0080945eb5c68467ce2fdc540e78b72cfaa7bef153bc401c5977a2d306381dc6ea3f77aa2b9f9f3f76b59e989e02d91716257341baf9eda1657e92a8ddd6bd5dd1b565f496c420dbcdd7cc05a2761f5b1ba516e6b068633970cf9a62858b7713cce25b2ccccf6999872539b5bd25e817849ef22d28ed1c255bc454a9025fbc05c4a9474ba3d3ba3ab9b9529bad000edd5d57f1f863295b824c1ef3347ab5ceeead103ff3452ce3b7cf9714012af16b9e85c89a7679de0236383a7cb1a7b8aa4c21f0931e193109a67cad435acf88962f62af133428800a1d7d44cf1fcb8ddf561dbf81ef2d5f20a04cd6f49f917e0efe818e177e5b4a3e179a079b8c84b9a00a3e3f67bd33e4954f0db273ef92613fcf51f2ff55e08c6deb962bebdd4e87ce056d3a75065949a988ee783613785e2db07bf4ef324b502445e66f7a067a34c8644c4d3a86c482754564501a6e48c1b718584ad84251ec5cff462a67a59fb2f1e82f34912b0910f73b0f5ef3f6c5e1cdb1978a6561b697afc54e4c63b4d9bef30994664d685a6d11b7e555c6fb41d75c4100d4fc2b7e1cb48708b396414764b42bc61674fd5ec76c2fbd4a94bb6d1668aab56890594534d857c47a71e746bf19695ee5bf493fd22186e4ff4f0a9bd7d2276cbeb70b4da476f97f1c205fe1c03b99435ada0318d1fe4a5ba138f2362c9aa33421b294d70316da57e3a64a6394a64b4a54c92e6bef522e114bf379f0de1dd76f2b1e0efab2199ca37191da1b31c68481bf50106011dfb336a626a7e2fb4e5f92dfd0c425ae4ef11effb95733a6e51dbc10991a7026c1f07fc74a30fbf1de79ea09edd29041975af4d382f4fb4cedc798fc998e08d6542b1f128e762e46dfec8fee35e4d7493d40a2b2220a2ee3b8a7f10f24910155d7268adce501c7a2d6093f17a80862480e773677fe94d20f353df666d982ef9ef8825ec4c948c766cfdfc0dcfd2555b200dcff57bd1a36e42a359d10856d18bece6f7d0e303f1d2ed6ae085112e8365c077d4b39a8515a47eda6d0b3fa5aeef7df30a2d1a7cd5fe09d88e135534d2c74544a695ee5b3a7f50b37c3741507c1bacad6616bf4d14bdf233c03e4db430c6e258a689dfdab22ab2a4fd7f249374ff4688639f6cc6162b151292394e378907a2f4d0805b5e235b2416c1f24befe13565e8bd8039f4ac532a5769bd38ee454be3e5c080b53deea9c0c0cb951c711b72590a50d68b315562b1c4fba98427a1a76b1ea570affdd0dec4c3d1704e48f3e70d22bb8e8c59a585ca424acd0416fe1359bbd8604e35f3680171246699e7c8ae79d62c740e6376689179d78deb92b7f4c9e3ebcc66a58fbb94eef14620806464cfd003be34e830c04a5b1b002723c04c8740cabe0b309ee00386b1455c97d454803ecc31234ea38b698ee8bccdf7877938ed7e44912ef22140c539f6622b21498941184fe0a52ca10afb0a053cd6a3c9a128f40d3533b8065488221c33e0b152df50a79b798998304d286fe9f0d86dbb6edd7926a46be219e4aa473fd980c5a9eb48afe40f7fc1ed065758dc1c985f13a20a67f8e5e02df7b8defcb64f1fad3a6ec5fa80b7544acf8736b37d760b1c3d0c234169f42ce571cafadff0aa8b29bea39f8808db2d2c85c3bef0cf7d91a3d8d71f12b623ff9413d7a504535eab186a3361b84d035df510509f12c243c3ece123282365a45d1844440b08a026cc1f1c377bd413b3c889fdb95decd4a46df5f738dafc25ded7d66b4ac96c0e4938391dbef0ee980e28aacb4096782cc5e3bb553cf4a64b1a706e96de48f55555fcf176025dd9cad81da45e1e3dd309c8b78741575937942184146e4564cd125b0e6190b099f8d7102606a670350d334ab64571c9b30342208f2d160aba34af8e9ec8ebae790a94a27a69ebf273bd9d74ac480bed92dd9e3f4aff11a0828e9a2d98b40bc008212645fa9d1f2a781d496a80e58f93144eda5a6a7ffd7484b6d710ea0a63c570c2ae2f0a57fb845d332e283493cbb3731fe466ff89509b85b03cbe5fc608c1959f4baacf53be6a41623d42a4f7fc50f3e16d8af107b5d11b352e345f3645ec74ffaf97fac0ca093fb58dc8c8738b3bddec831184a64ec08bce3b1d9854021af468887f835da1ae95977025484b92d896503dce0291ab3d65fc11138d91342c6969b4af90d8000fb5d6e0e70df1ba59ed2a407068d9394d0f83f38a2d1c56125a176c7c52445eca6165f5361c5ae9d07a570408af06092c217a69ca1f0bc6b095e52691c31a96a5f27702a6161800d82dbe9cc2959baab12c6920c895f5d24d06e2be446bec090daa88cb70d0625534b515565afe00f2a74d94502a1cd2c4df3bb0c763f39acc26e36ea6b07ea679403f96671911243ca5cc9d0dafeedd7f1463572e6327ec8fa8f461ccd51e726813288d852bd8c60b9d67f7b25cefde65c14a7499c2d4c18eeb8499ab3a519c42692edef3db7c6b8ac4e9306019f187162ac3e5c7b13d096a0cb15b4bccc0712c212caa8b8813973447b2e9f51c3db37ef491e4539bc313e14b4f2840d4ff6fb55c50ce0d12c8d51c0c1856fcac062928362e01de09fa6592963ae328617f2454300e7ff54353bd8f28376fae2d6f3918d9bf13662db27b479fa44d3f4c867447bb56e1ff96005af8df9a47cdfe978d1a5eb2f896ba67f4bae7853632d84fd64c2b849a044359da316edabde3d9d26012ee2d8d267d61a47027b480df06708d9b78e27dd0569109a5875a93fc45786955f34bd339e283fd16af636911b9f8f9cb11f202967962398d12368f8e6589293371354fd37fc9f7f184bab16232417e72791025cf0441d23513a25ca99545b462b32cdc0dfd3277f0e8f7175994acbd3a8a4aa84bc73b8ea4efbdee19ab92c932c1c177555bdcd10275aaef2b9a133a0372d5fe6e45a279e5fd807e5da00a455b2a5bff6507d292de5cc1a51ec42092640522b21262b048261e647500c0b5823e489897fe79a0f46c25c0a794f7780212af2afce169be5eb8ac9cb661cddebaa0b0240b91906e0069adb67b2fdaef52e60888f368ff93a041ca6a79c05ff4a6e8a742f0165687b7a593d3cff3ff33bb318d463295d6846ad192a21e4bfe12373e315d080e947028af98fe5c39135e784283b1e896ce7e2eaf43198332a7aecb46d1f3b04602656c46389a01005fc7df5ee8878baad17fbb9e3f180adb7e05065ead29d788c29f0ef81981480c283cbef5a14994f61f216e1dbc8504c747722cd19ee1790c73b3cb36995189c3371dfbdc5a4e47a32d21e86e696d5d4c1a7878fb4ee66fc1430730646a962cb9ae3c4daf89084fdae2735d56c78d21bf104b37bd28ebea63506b1a55d779b041c132e1a36bf3241f1210d53c1e0eb6c3d2aaf7f6a3937e97a57da0aa08d5dd8b613d9417f07e311d59658b0d8203b22836031888140a66fc626426367cad92da408448d6f62638346a1317e0dc0282fd63394c94f0a1ad5f4851cb0a76e0e16bd17259f294135d9f0eee68084ae0cb5ad1a078d6f57b48a2fdc2381534794c5b817dfbf6cb6cf7f39fdd97db21f57edbd2bfdace8b75ad090b75f0e353c0f7114c0ca17f412afa2e19cc459552ac7e8e859191b1417582767a1d381e802597bebf413d3dc4a178f26fac41dd6c29e0ef4d61506c11aa22c66c25136c281bcf908d99eaf20c73b67303153c4406c740c1fe639e00db66164c0d5963454edfe7b66bce86c107d037b19fde100a12c6935bd48a64a365e2497ffce3124ae60e3950d70dae6acca202c33a1e639d2b86327d95a698be73efe439efeb44e8ce27227749c8681eaac71dc9acab8a449bf1ae5390c2c3916f8d25b1d55f803da084977976654bfcbfed83171da70978a72c42af4a8c130a179fa4ed0e0f5816bec60fa54a2387815fe8e447359e040280ae3aab502766a239bc834e7b57822aaff1e97e0e8df06814bd0a848d75478385720bf523834ad2dd49398e9f417bdd94aee691ecfed41462290c51f4a8cc7b3703573e6d8b880f3174e77a58dbf379786e293fb62dbf39f39d54f34628c4528533f74d9594f8981ce3fc7813110d55c54fd468febc59404a705d366d7b771fcb52a72f2897a025a380ddaa656a14a95c9c89cb79d066bff2ac8677a1e4527cb7435b54c84f09fc513b6345ca6b83cd34573fe1b9e35522c6c2cac6ac4c420c76f0e633c380859109942a6d34c70162be4b336f8672652e8593ad38c2aa9b9f4b56486a246d5bef903d852894be51124e84b7a3ecdea3038848bdfe53991cda1a70ee45a963ab9c8bc6e447ab5bd580b013887a3099fe5dc972f0ed6293385f2d31ee4cb75b22e109c21c52d55980bd6467dddd687d76dee63ae9487d0849c6bd5f09b73265d5c990aacc0a142dbe01f4835fd9bc6881537b29688758efb7156ff649fcff91fb4baea1a65f69370c17127c444359361339c21612154558a75f0243de59fa8f6e9ab6cce6d853a69af7456211677066d564c61b724c57a64781d33d8cd72cc93d78691473f29cb4507b9787d3e9eeb341156f07af665a07af8a9575193d4458e33189dd0ed720109290ec5da652024a418d624046c94c45d2142851a608faea15cb11ce12a91bd4f581ae85a61f77d2d827919200bf47f85c7c9880014d49859d16f36d82acea9782eb023ce8370e12815663a88f91f235a070725f67193cf32a6debef24c54ce2d0d9e3c5ab64b10357e1ce8dd93af9dfd227e9a61727697b878d7e8b28f757d51e088ccd0554dab9e734b174f101a818303eaf2e2fb001220bbb10fe77e4dfda1a660658755889effa0f08b92634d5b0ba928a1e7268c7a309f083fba5b157c1353b0ee8d5cb57cea4d1c4c21edb802021d1fb9ca17ef2f87507d9ae96cb274a20c0f0fc7c4304ec033115bd07b91b6007d6ae8fd4687de74b5df96c7fc378685d75da69dd17fa9d992da1e6137c53972f5de3938cceeaa270e50d3febab3460ef2eb0b21c1fd860a907779745b38e6e51acc509da6f6f80ce2963f4d7cb2bcbc590d4d861bb309fa864d8be332ef92ca4f8dbe970acb894a48aeb8e16c458f4985ebca5cfed8ba221af009927e670e8811c302b30cfd20df2e71e54b66ef84bf120aba14904060c7f10d63c897b9074af38797b13afb7865572fb96bb9d5d7d99e15238a85f49ff80d42d01ecd97717394897f4a52db4acd104d2250cfb8e556d1efa67fbdbe63d82ef2b6c4422b9a187f39b179f07302c98357c90cc32083f2116555a765de6744cf1304235eebadf5f90b73af87cd4ff37b1d2bc1d70f127781953f3d22e9f91200e740b81c51b20c75fb8b8c2d8a769384ffa88be6622ed8e74c0f4fafd34bf0736007f8b42527be2c26b3c8a49e915d9121bea89e268dfe9e93499f2c823b0953e30135b32d3da565a05ed16a61314d03141e795543e8bbd9055813b72f7f92106cb315862092a08c0b063adc9d7a06d337e134343bb656a2fa1d64ba7a1aa34837a1f13fd6655c88aa0adef9389a323737d58e97413135fb27561b221c238ddb91b8a28aed3fdee0b40b951e553746d6bc451c739bb48f01d0d435956300b8da091ab6006db607c57c4118f65576dcb017b53639bf8d8a913c1a16c7ac117614aa96d92754a397dd144850b7780f12f5df0a82614c9d54566e82c93826cce0f406bf8f1f221abb90338c55c9ad2a882a30a1abcd986515cd6488e8419a74b3afc1218633f8743bf"}, 0x100c, 0x4c040}, 0x80)
read$FUSE(r2, &(0x7f0000002940)={0x2020, 0x0, <r5=>0x0, <r6=>0x0, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_DIRENT(r3, &(0x7f0000004980)={0x160, 0x0, r5, [{0x1, 0x7, 0x0, 0x8}, {0x2, 0x22, 0x1, 0x3, '\x00'}, {0x2, 0x50f, 0x12, 0xfbd9, '/dev/input/mouse#\x00'}, {0x1, 0x9, 0xc, 0x2, '/dev/autofs\x00'}, {0x3, 0xfffffffffffffff5, 0x2, 0x0, '&{'}, {0x1, 0x6, 0xa, 0x9, '/^)$[%:(\x8a%'}, {0x4, 0x9c8, 0x3, 0xfffffff7, ':$:'}, {0x1, 0x4, 0x0, 0xcd2}, {0x0, 0x8001, 0x1, 0x6, '!'}, {0x1, 0xcd, 0x2, 0x6, '^)'}]}, 0x160)
prlimit64(r7, 0xb, &(0x7f0000004b00)={0x9caa, 0x1000}, &(0x7f0000004b40))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000004bc0)={'team_slave_1\x00', &(0x7f0000004b80)=@ethtool_pauseparam={0x13, 0x5, 0x4, 0x1}})
ioctl$IOC_PR_CLEAR(r3, 0x401070cd, &(0x7f0000004c00)={0x100000000})
getsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f0000004c40)={@private, @remote, <r8=>0x0}, &(0x7f0000004c80)=0xc)
setsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000004cc0)={{{@in6=@ipv4={'\x00', '\xff\xff', @local}, @in=@remote, 0x4e24, 0x0, 0x4e21, 0x3, 0x2, 0xa0, 0x80, 0x62, r8, r6}, {0x8, 0x6, 0x4, 0x1, 0x4, 0x3, 0x10, 0x5}, {0x40, 0xc04a, 0x599, 0xfffffffffffffffa}, 0x8, 0x6e6bb6, 0x0, 0x0, 0x0, 0x3}, {{@in=@multicast2, 0x4d5, 0x2b}, 0xa, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x3505, 0x4, 0x1, 0x4, 0x1, 0xa, 0x6}}, 0xe4)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000002, 0x88013, r2, 0x8000000)
r10 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x10, r3, 0x10000000)
syz_io_uring_submit(r9, r10, &(0x7f0000004e40)=@IORING_OP_SYMLINKAT={0x26, 0x10, 0x0, r2, &(0x7f0000004dc0)='./file0\x00', &(0x7f0000004e00)='./file0\x00', 0x0, 0x0, 0x1})

973.567886ms ago: executing program 2 (id=4503):
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x5, 0x2, 0xfffffffffffffffe, 0x8, 0x0, 0x0, {0x40, 0x3, 0x6, 0xffff, 0x1000, 0xfffffffffffffffc, 0x0, 0x0, 0x7, 0x2000, 0x0, 0x0, 0x0, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = syz_open_dev$media(&(0x7f0000000380), 0x1, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x300000b, 0x30, r0, 0x584da000)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000200)=[{{}, {0x80000000, <r1=>0x0}}, {{}, {<r2=>0x80000000, <r3=>0x0}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f00000001c0)={{r2, r1, 0x1, [0x0, 0xf7df]}, {r2, r3, 0x4, [0x6]}, 0x1, [0x8, 0x3df]})

911.066573ms ago: executing program 2 (id=4504):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet(0x2, 0x1, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4c0c8)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='map_files\x00')
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
tkill(r4, 0xb)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

643.199172ms ago: executing program 1 (id=4505):
socket$kcm(0x10, 0x2, 0x10)
socket$packet(0x11, 0x3, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000bc0)={@val={0x8, 0x800}, @val={0x2, 0x83, 0x7, 0x2, 0x1}, @ipv4=@udp={{0x5, 0x4, 0x3, 0x1c, 0x2c, 0x66, 0xfffe, 0x8, 0x11, 0x0, @private=0xa010101, @broadcast}, {0x4f20, 0x4e22, 0x18, 0x0, @wg=@data={0x4, 0x1, 0x3c}}}}, 0x3a)

313.40804ms ago: executing program 1 (id=4506):
r0 = openat$vimc1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000100)={0x0, @reserved})
r1 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r1, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, &(0x7f0000001380)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x7, 0x8001, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r2}])
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={0x1, 0x58, &(0x7f00000002c0)}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000837200000000000000000005000000000000"], 0x0, 0x26}, 0x20)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000400)='veno', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000000)=[@window={0x3, 0x1, 0x7}, @mss={0x2, 0x3}, @sack_perm, @timestamp, @window={0x3, 0x1000, 0xd3}, @mss={0x2, 0xb}], 0x6)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000200), 0x4)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
r5 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x0, 0x0)
r6 = epoll_create1(0x80000)
prctl$PR_MCE_KILL(0x21, 0x1, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r8, &(0x7f0000000100)={0x20000014})

125.764623ms ago: executing program 5 (id=4507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa0000000}}]}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0x64, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

19.853454ms ago: executing program 5 (id=4508):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000000)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x0, 0xdd9f83, 0x1, 0x9, 0xf3, 0x2, 0x5, 0x722, 0x13, 0x7, 0x7f, 0x3f, 0xb763599953cb091d, {0x0, 0x6fd8e84b}, 0x3, 0xed}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r2, 0x4188aec6, &(0x7f0000000040)={0x1, 0x8, 0x0, 0x20000000000000})
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
ioctl$EVIOCSCLOCKID(r4, 0x400445a0, &(0x7f0000000100)=0x7)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x13, r0, 0x6d126000)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r8 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {}, {}, {0xffe0, 0x5}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x20048850)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r10, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)

0s ago: executing program 3 (id=4509):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000dc0)={0x20, 0x33, 0x107, 0xfffffffe, 0x25dfdbfe, {0x3, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @fd}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x40000}, [@call={0x85, 0x0, 0x0, 0x7a}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xf5f12ace06636610)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000080)=r3, 0x4)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(r5, 0x4b71, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000004c0)='./file0\x00')
lchown(&(0x7f0000000000)='.\x00', 0xffffffffffffffff, 0xee01)
write$cgroup_int(r0, &(0x7f0000000040)=0x1f00, 0x12)

kernel console output (not intermixed with test programs):

] CPU: 0 UID: 0 PID: 18808 Comm: syz.3.3526 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  676.970277][T18808] Tainted: [L]=SOFTLOCKUP
[  676.970284][T18808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  676.970296][T18808] Call Trace:
[  676.970303][T18808]  <TASK>
[  676.970311][T18808]  dump_stack_lvl+0x100/0x190
[  676.970338][T18808]  should_fail_ex.cold+0x5/0xa
[  676.970368][T18808]  _copy_from_user+0x2e/0xd0
[  676.970396][T18808]  snd_pcm_oss_write2+0x1c2/0x400
[  676.970421][T18808]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  676.970441][T18808]  ? snd_pcm_kernel_ioctl+0x14a/0x2e0
[  676.970475][T18808]  snd_pcm_oss_write+0x729/0xa30
[  676.970498][T18808]  ? security_file_permission+0x76/0x210
[  676.970533][T18808]  vfs_write+0x2aa/0x1070
[  676.970554][T18808]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  676.970578][T18808]  ? __pfx_vfs_write+0x10/0x10
[  676.970596][T18808]  ? find_held_lock+0x2b/0x80
[  676.970613][T18808]  ? __fget_files+0x215/0x3d0
[  676.970632][T18808]  ? __fget_files+0x215/0x3d0
[  676.970656][T18808]  ? __fget_files+0x21f/0x3d0
[  676.970682][T18808]  ksys_write+0x12a/0x250
[  676.970702][T18808]  ? __pfx_ksys_write+0x10/0x10
[  676.970721][T18808]  ? __pfx_ksys_write+0x10/0x10
[  676.970762][T18808]  __do_fast_syscall_32+0xde/0x660
[  676.970789][T18808]  do_fast_syscall_32+0x32/0x70
[  676.970812][T18808]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  676.970834][T18808] RIP: 0023:0xf7f72579
[  676.970849][T18808] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  676.970865][T18808] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  676.970883][T18808] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000500
[  676.970895][T18808] RDX: 000000000000fc36 RSI: 0000000000000000 RDI: 0000000000000000
[  676.970905][T18808] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  676.970914][T18808] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  676.970924][T18808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  676.970949][T18808]  </TASK>
[  677.185039][T18818] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3529'.
[  678.017856][T18840] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  678.020713][T18840] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  678.024179][T18840] vhci_hcd vhci_hcd.0: Device attached
[  678.315023][   T34] usb 38-1: SetAddress Request (30) to port 0
[  678.317715][   T34] usb 38-1: new SuperSpeed USB device number 30 using vhci_hcd
[  678.438352][T18841] vhci_hcd: connection reset by peer
[  678.441085][   T46] vhci_hcd vhci_hcd.0: stop threads
[  678.443384][   T46] vhci_hcd vhci_hcd.0: release socket
[  678.446069][   T46] vhci_hcd vhci_hcd.0: disconnect device
[  678.753830][T18851] netlink: 96 bytes leftover after parsing attributes in process `nl80211'.
[  678.787295][T18853] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3538'.
[  679.204183][T18865] fuse: Unknown parameter 'æd'
[  679.725943][T18872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3543'.
[  679.728976][T18872] lo: entered promiscuous mode
[  679.730623][T18872] lo: entered allmulticast mode
[  679.746608][T18872] tunl0: entered promiscuous mode
[  679.748836][T18872] tunl0: entered allmulticast mode
[  679.752521][T18872] gre0: entered promiscuous mode
[  679.754388][T18872] gre0: entered allmulticast mode
[  679.759469][T18872] gretap0: entered promiscuous mode
[  679.761370][T18872] gretap0: entered allmulticast mode
[  679.764520][T18872] erspan0: entered promiscuous mode
[  679.767055][T18872] erspan0: entered allmulticast mode
[  679.780957][T18872] ip_vti0: entered promiscuous mode
[  679.783240][T18872] ip_vti0: entered allmulticast mode
[  679.810501][T18872] ip6_vti0: entered promiscuous mode
[  679.829583][T18872] ip6_vti0: entered allmulticast mode
[  679.844596][T18872] sit0: entered promiscuous mode
[  679.853383][T18872] sit0: entered allmulticast mode
[  679.861281][T18872] ip6tnl0: entered promiscuous mode
[  679.863874][T18872] ip6tnl0: entered allmulticast mode
[  679.871689][T18872] ip6gre0: entered promiscuous mode
[  679.874319][T18872] ip6gre0: entered allmulticast mode
[  679.881528][T18872] syz_tun: entered promiscuous mode
[  679.884105][T18872] syz_tun: entered allmulticast mode
[  679.893170][T18872] ip6gretap0: entered promiscuous mode
[  679.895936][T18872] ip6gretap0: entered allmulticast mode
[  679.903280][T18872] bridge0: entered promiscuous mode
[  679.905936][T18872] bridge0: entered allmulticast mode
[  679.911062][T18872] vcan0: entered promiscuous mode
[  679.915139][T18872] vcan0: entered allmulticast mode
[  679.917264][T18872] bond0: entered promiscuous mode
[  679.919009][T18872] bond_slave_0: entered promiscuous mode
[  679.921402][T18872] bond_slave_1: entered promiscuous mode
[  679.923371][T18872] bond0: entered allmulticast mode
[  679.945225][T18872] bond_slave_0: entered allmulticast mode
[  679.955589][T18872] bond_slave_1: entered allmulticast mode
[  679.959426][T18872] team0: entered promiscuous mode
[  679.961254][T18872] team_slave_0: entered promiscuous mode
[  679.963409][T18872] team_slave_1: entered promiscuous mode
[  679.973294][T18878] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3546'.
[  679.975610][T18872] team0: entered allmulticast mode
[  679.985657][T18872] team_slave_0: entered allmulticast mode
[  679.988143][T18872] team_slave_1: entered allmulticast mode
[  679.990854][T18872] dummy0: entered promiscuous mode
[  679.992540][T18872] dummy0: entered allmulticast mode
[  679.994623][T18872] nlmon0: entered promiscuous mode
[  679.997076][T18872] nlmon0: entered allmulticast mode
[  680.003220][T18872] caif0: entered promiscuous mode
[  680.004934][T18872] caif0: entered allmulticast mode
[  680.006849][T18872] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  680.501250][T18890] ceph: No mds server is up or the cluster is laggy
[  680.516561][T18826] ceph: No mds server is up or the cluster is laggy
[  681.081474][T18908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3556'.
[  681.469014][T18914] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3558'.
[  681.496279][T18914] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3558'.
[  682.369053][T18927] bridge0: port 3(syz_tun) entered blocking state
[  682.371212][T18927] bridge0: port 3(syz_tun) entered disabled state
[  682.373389][T18927] syz_tun: entered allmulticast mode
[  682.377528][T18927] syz_tun: entered promiscuous mode
[  682.464181][T11516] libceph: connect (1)[c::]:6789 error -101
[  682.468486][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  682.514003][T18928] ceph: No mds server is up or the cluster is laggy
[  682.996680][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  682.996692][   T40] audit: type=1326 audit(939.849:4788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.015386][   T40] audit: type=1326 audit(939.849:4789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.025148][   T40] audit: type=1326 audit(939.849:4790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.182461][   T40] audit: type=1326 audit(939.849:4791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.190947][   T40] audit: type=1326 audit(939.849:4792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf717572b code=0x7ffc0000
[  683.191389][T18946] syz_tun: entered allmulticast mode
[  683.200674][   T40] audit: type=1326 audit(939.849:4793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.209196][   T40] audit: type=1326 audit(939.849:4794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.216974][   T40] audit: type=1326 audit(939.849:4795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.225675][   T40] audit: type=1326 audit(939.849:4796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.234861][   T40] audit: type=1326 audit(939.849:4797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18926 comm="syz.3.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  683.354217][T18952] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3568'.
[  683.396418][   T34] usb 38-1: device descriptor read/8, error -110
[  683.789069][   T34] usb usb38-port1: attempt power cycle
[  683.845464][T18958] ceph: No mds server is up or the cluster is laggy
[  683.851012][T11516] libceph: connect (1)[c::]:6789 error -101
[  683.854326][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  684.364093][   T34] usb usb38-port1: unable to enumerate USB device
[  684.707874][T18987] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  687.367612][T19016] MTD: Couldn't look up '': -22
[  687.395431][T19016] ubi: mtd0 is already attached to ubi31
[  687.614965][T19027] ceph: No mds server is up or the cluster is laggy
[  688.090871][T19047] fuse: Unknown parameter 'æd'
[  688.175284][T19054] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  688.515465][T19057] IPVS: stopping backup sync thread 19054 ...
[  689.221249][T19079] IPv6: sit1: Disabled Multicast RS
[  689.223597][T19079] sit1: entered allmulticast mode
[  689.236469][T19079] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3602'.
[  689.240446][T19079] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3602'.
[  689.243518][T19079] netlink: 'syz.0.3602': attribute type 20 has an invalid length.
[  690.441033][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  690.564454][T11516] libceph: connect (1)[c::]:6789 error -101
[  690.567896][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  690.640243][T19101] ceph: No mds server is up or the cluster is laggy
[  690.767286][  T830] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  690.919870][  T830] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  690.923301][  T830] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  690.927601][  T830] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  690.931030][  T830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  690.935037][  T830] usb 5-1: config 0 descriptor??
[  690.939910][  T830] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  691.073003][T19108] overlayfs: failed to clone upperpath
[  691.139190][T19098] FAULT_INJECTION: forcing a failure.
[  691.139190][T19098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  691.144637][T19098] CPU: 0 UID: 0 PID: 19098 Comm: syz.0.3607 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  691.144667][T19098] Tainted: [L]=SOFTLOCKUP
[  691.144674][T19098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  691.144686][T19098] Call Trace:
[  691.144693][T19098]  <TASK>
[  691.144703][T19098]  dump_stack_lvl+0x100/0x190
[  691.144728][T19098]  should_fail_ex.cold+0x5/0xa
[  691.144756][T19098]  _copy_from_user+0x2e/0xd0
[  691.144785][T19098]  get_compat_msghdr+0xb3/0x4b0
[  691.144817][T19098]  ? __pfx_get_compat_msghdr+0x10/0x10
[  691.144853][T19098]  ___sys_sendmsg+0x1b6/0x1e0
[  691.144877][T19098]  ? __pfx____sys_sendmsg+0x10/0x10
[  691.144927][T19098]  __sys_sendmsg+0x170/0x220
[  691.144954][T19098]  ? __pfx___sys_sendmsg+0x10/0x10
[  691.144988][T19098]  ? __pfx_ksys_write+0x10/0x10
[  691.145014][T19098]  __do_fast_syscall_32+0xde/0x660
[  691.145040][T19098]  do_fast_syscall_32+0x32/0x70
[  691.145061][T19098]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  691.145084][T19098] RIP: 0023:0xf7fb4579
[  691.145100][T19098] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  691.145117][T19098] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  691.145135][T19098] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  691.145148][T19098] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  691.145160][T19098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  691.145169][T19098] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  691.145179][T19098] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  691.145203][T19098]  </TASK>
[  691.146421][  T830] usb 5-1: USB disconnect, device number 16
[  691.790988][T19120] fuse: Unknown parameter 'æd'
[  691.849486][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  691.849504][   T40] audit: type=1326 audit(948.696:4806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  691.867739][   T40] audit: type=1326 audit(948.696:4807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  691.875894][   T40] audit: type=1326 audit(948.706:4808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=183 compat=1 ip=0xf748d579 code=0x7ffc0000
[  691.885501][   T40] audit: type=1326 audit(948.706:4809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  691.894260][   T40] audit: type=1326 audit(948.706:4810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  691.903771][   T40] audit: type=1326 audit(948.706:4811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf748d579 code=0x7ffc0000
[  691.912984][   T40] audit: type=1326 audit(948.706:4812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  691.922181][   T40] audit: type=1326 audit(948.706:4813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748d579 code=0x7ffc0000
[  691.931261][   T40] audit: type=1326 audit(948.706:4814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf71f572b code=0x7ffc0000
[  691.940451][   T40] audit: type=1326 audit(948.706:4815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19121 comm="syz.1.3614" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf71f572b code=0x7ffc0000
[  692.378423][T11516] libceph: connect (1)[c::]:6789 error -101
[  692.384208][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  692.424916][T19139] ceph: No mds server is up or the cluster is laggy
[  692.503522][T11516] libceph: connect (1)[c::]:6789 error -101
[  692.507142][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  692.559487][T19143] ceph: No mds server is up or the cluster is laggy
[  693.376899][T19163] team0 (unregistering): Port device team_slave_0 removed
[  693.388348][T19163] team0 (unregistering): Port device team_slave_1 removed
[  696.039701][T19209] lo speed is unknown, defaulting to 1000
[  696.043781][T19209] lo speed is unknown, defaulting to 1000
[  696.218929][ T6369] libceph: connect (1)[c::]:6789 error -101
[  696.221028][ T6369] libceph: mon0 (1)[c::]:6789 connect error
[  696.490358][ T6369] libceph: connect (1)[c::]:6789 error -101
[  696.492393][ T6369] libceph: mon0 (1)[c::]:6789 connect error
[  696.652866][T19206] ceph: No mds server is up or the cluster is laggy
[  696.776349][T19227] ceph: No mds server is up or the cluster is laggy
[  696.953868][T19226] lo speed is unknown, defaulting to 1000
[  696.962801][T19226] lo speed is unknown, defaulting to 1000
[  697.595029][T19239] ceph: No mds server is up or the cluster is laggy
[  697.597700][   T24] libceph: connect (1)[c::]:6789 error -101
[  697.599822][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  698.268939][T19262] team_slave_0: left promiscuous mode
[  698.271782][T19262] team_slave_0: left allmulticast mode
[  700.200681][T19262] team0 (unregistering): Port device team_slave_0 removed
[  700.205148][T19262] team_slave_1: left promiscuous mode
[  700.207396][T19262] team_slave_1: left allmulticast mode
[  701.173838][T19262] team0 (unregistering): Port device team_slave_1 removed
[  701.728778][T19280] trusted_key: encrypted_key: master key parameter is missing
[  702.495684][T19263] Set syz1 is full, maxelem 65536 reached
[  703.130696][T19308] team0 (unregistering): Port device team_slave_0 removed
[  703.136775][T19308] team0 (unregistering): Port device team_slave_1 removed
[  704.039890][T19320] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3662'.
[  704.967320][   T40] kauditd_printk_skb: 111 callbacks suppressed
[  704.967337][   T40] audit: type=1326 audit(961.802:4927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  704.979587][   T40] audit: type=1326 audit(961.812:4928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  704.990635][   T40] audit: type=1326 audit(961.822:4929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=183 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  704.999776][   T40] audit: type=1326 audit(961.822:4930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  705.009553][   T40] audit: type=1326 audit(961.822:4931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  705.058692][   T40] audit: type=1326 audit(961.842:4932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  705.066749][   T40] audit: type=1326 audit(961.842:4933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  705.075385][   T40] audit: type=1326 audit(961.842:4934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  705.082069][   T40] audit: type=1326 audit(961.852:4935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  705.089295][   T40] audit: type=1326 audit(961.852:4936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.0.3672" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf71b572b code=0x7ffc0000
[  705.868969][T19362] FAULT_INJECTION: forcing a failure.
[  705.868969][T19362] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  705.876375][T19362] CPU: 0 UID: 0 PID: 19362 Comm: syz.3.3676 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  705.876404][T19362] Tainted: [L]=SOFTLOCKUP
[  705.876411][T19362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  705.876421][T19362] Call Trace:
[  705.876428][T19362]  <TASK>
[  705.876436][T19362]  dump_stack_lvl+0x100/0x190
[  705.876460][T19362]  should_fail_ex.cold+0x5/0xa
[  705.876489][T19362]  _copy_to_user+0x32/0xd0
[  705.876520][T19362]  simple_read_from_buffer+0xcb/0x170
[  705.876540][T19362]  proc_fail_nth_read+0x1af/0x230
[  705.876563][T19362]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  705.876586][T19362]  ? rw_verify_area+0xce/0x6d0
[  705.876604][T19362]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  705.876625][T19362]  vfs_read+0x1e4/0xb30
[  705.876647][T19362]  ? __pfx_vfs_read+0x10/0x10
[  705.876664][T19362]  ? find_held_lock+0x2b/0x80
[  705.876684][T19362]  ? __fget_files+0x215/0x3d0
[  705.876708][T19362]  ? __fget_files+0x21f/0x3d0
[  705.876733][T19362]  ksys_read+0x12a/0x250
[  705.876753][T19362]  ? __pfx_ksys_read+0x10/0x10
[  705.876779][T19362]  do_int80_emulation+0x101/0x470
[  705.876804][T19362]  asm_int80_emulation+0x1a/0x20
[  705.876821][T19362] RIP: 0023:0xf717572b
[  705.876835][T19362] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  705.876849][T19362] RSP: 002b:00000000f54364bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  705.876869][T19362] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54365d0
[  705.876880][T19362] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  705.876889][T19362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  705.876900][T19362] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  705.876924][T19362] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  705.876947][T19362]  </TASK>
[  706.080952][T19373] netlink: 'syz.3.3678': attribute type 30 has an invalid length.
[  706.144055][T19375] netlink: 'syz.3.3678': attribute type 30 has an invalid length.
[  706.246589][T19373] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3678'.
[  706.287162][T19383] lo speed is unknown, defaulting to 1000
[  706.289988][T19383] lo speed is unknown, defaulting to 1000
[  706.453139][   T90] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  706.963141][T19420] netlink: 'syz.1.3698': attribute type 10 has an invalid length.
[  706.989559][T19420] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  707.498161][T19445] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3709'.
[  708.197320][T19468] I: renamed from macvlan0 (while UP)
[  708.322727][T19474] comedi comedi0: pcmda12: I/O port conflict (0xffffffffffffffff,16)
[  708.826278][T19484] team0 (unregistering): Port device team_slave_0 removed
[  708.861575][T19484] team0 (unregistering): Port device team_slave_1 removed
[  708.940029][T19486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3722'.
[  710.014945][T19501] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3728'.
[  711.859456][T19478] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  712.796148][T19517] ªªªªªª: renamed from lo (while UP)
[  714.335143][ T6051] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  714.506895][ T6051] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  714.511572][ T6051] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  714.514772][ T6051] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  714.517931][ T6051] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  714.528306][T19537] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  714.537561][ T6051] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  714.582250][T19543] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.584791][T19543] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.633848][T19543] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  714.641679][T19543] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  714.726479][T19543] batman_adv: batadv0: Interface deactivated: gretap2
[  714.739266][   T10] lo speed is unknown, defaulting to 1000
[  714.739683][   T60] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  714.741756][   T10] syz0: Port: 1 Link DOWN
[  714.744518][   T60] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  714.744542][   T60] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  714.744560][   T60] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  714.801236][   T10] usb 5-1: USB disconnect, device number 17
[  716.284298][T19573] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  716.294021][T19573] Error validating options; rc = [-22]
[  717.287330][T19608] overlayfs: failed to clone lowerpath
[  719.763169][   T40] kauditd_printk_skb: 167 callbacks suppressed
[  719.763186][   T40] audit: type=1326 audit(976.598:5104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  719.796263][   T40] audit: type=1326 audit(976.608:5105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  719.808974][   T40] audit: type=1326 audit(976.618:5106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=183 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  719.826961][   T40] audit: type=1326 audit(976.618:5107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  719.835372][   T40] audit: type=1326 audit(976.618:5108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  719.843135][   T40] audit: type=1326 audit(976.618:5109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  719.849960][   T40] audit: type=1326 audit(976.618:5110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  719.858466][   T40] audit: type=1326 audit(976.618:5111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  719.867777][   T40] audit: type=1326 audit(976.618:5112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf71b572b code=0x7ffc0000
[  719.876347][   T40] audit: type=1326 audit(976.618:5113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19630 comm="syz.0.3760" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf71b572b code=0x7ffc0000
[  719.896139][T19634] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  719.903906][T19634] block device autoloading is deprecated and will be removed.
[  720.231322][T19642] overlayfs: failed to clone upperpath
[  720.298176][ T6369] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  720.348185][T19644] 9p: Bad value for 'rfdno'
[  720.468017][ T6369] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  720.470758][ T6369] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  720.476335][ T6369] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  720.481133][ T6369] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  720.484701][ T6369] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  720.492997][ T6369] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  720.500608][ T6369] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.507755][ T6369] usb 5-1: config 0 descriptor??
[  720.511315][T19634] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  720.940165][ T6369] hid_parser_main: 22 callbacks suppressed
[  720.940188][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.945773][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.950763][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.954152][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.957976][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.961561][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.964903][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.969301][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.972865][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.976378][ T6369] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  720.994629][ T6369] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  721.156054][T19654] fuse: Unknown parameter 'æd'
[  721.202030][ T6330] usb 5-1: USB disconnect, device number 18
[  722.423848][T19686] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3778'.
[  722.428407][T19687] loop5: detected capacity change from 0 to 7
[  722.434803][T19687] Dev loop5: unable to read RDB block 7
[  722.436700][T19687]  loop5: AHDI p1 p2 p3
[  722.438224][T19687] loop5: partition table partially beyond EOD, truncated
[  722.440715][T19687] loop5: p1 start 1601398130 is beyond EOD, truncated
[  722.442957][T19687] loop5: p2 start 1702059890 is beyond EOD, truncated
[  723.047963][T19706] fuse: Unknown parameter 'æd'
[  724.020346][T19730] FAULT_INJECTION: forcing a failure.
[  724.020346][T19730] name failslab, interval 1, probability 0, space 0, times 0
[  724.028510][T19730] CPU: 3 UID: 0 PID: 19730 Comm: syz.0.3792 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  724.028529][T19730] Tainted: [L]=SOFTLOCKUP
[  724.028533][T19730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  724.028540][T19730] Call Trace:
[  724.028544][T19730]  <TASK>
[  724.028549][T19730]  dump_stack_lvl+0x100/0x190
[  724.028567][T19730]  should_fail_ex.cold+0x5/0xa
[  724.028585][T19730]  should_failslab+0xc2/0x120
[  724.028603][T19730]  __kmalloc_cache_noprof+0x80/0x810
[  724.028616][T19730]  ? create_io_worker+0xc6/0x5b0
[  724.028626][T19730]  ? do_raw_spin_lock+0x128/0x260
[  724.028644][T19730]  ? create_io_worker+0x17/0x5b0
[  724.028655][T19730]  ? create_io_worker+0xc6/0x5b0
[  724.028665][T19730]  create_io_worker+0xc6/0x5b0
[  724.028676][T19730]  io_wq_enqueue+0x4d8/0x970
[  724.028688][T19730]  ? __pfx_io_wq_enqueue+0x10/0x10
[  724.028698][T19730]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  724.028717][T19730]  ? io_prep_async_work+0x3d1/0x780
[  724.028738][T19730]  io_queue_iowq+0x234/0x4f0
[  724.028751][T19730]  io_req_task_submit+0x1c1/0x290
[  724.028764][T19730]  ? __pfx_io_req_task_submit+0x10/0x10
[  724.028780][T19730]  ? io_poll_remove_entries.part.0+0x4d0/0x7e0
[  724.028800][T19730]  ? __lock_acquire+0x4a5/0x2630
[  724.028821][T19730]  io_poll_task_func+0x9af/0xe30
[  724.028850][T19730]  ? __pfx_io_poll_task_func+0x10/0x10
[  724.028870][T19730]  ? find_held_lock+0x2b/0x80
[  724.028888][T19730]  ? io_handle_tw_list+0xd4/0x580
[  724.028907][T19730]  ? __pfx_io_poll_task_func+0x10/0x10
[  724.028921][T19730]  io_handle_tw_list+0x194/0x580
[  724.028937][T19730]  tctx_task_work_run+0x57/0x2b0
[  724.028950][T19730]  tctx_task_work+0x7a/0xd0
[  724.028962][T19730]  ? __pfx_tctx_task_work+0x10/0x10
[  724.028974][T19730]  ? rcu_is_watching+0x12/0xc0
[  724.028985][T19730]  ? _raw_spin_unlock_irq+0x23/0x50
[  724.028997][T19730]  ? lockdep_hardirqs_on+0x78/0x100
[  724.029017][T19730]  task_work_run+0x150/0x240
[  724.029045][T19730]  ? __pfx_task_work_run+0x10/0x10
[  724.029069][T19730]  ? pipe_unlock+0x67/0x80
[  724.029088][T19730]  ? pipe_unlock+0x67/0x80
[  724.029109][T19730]  get_signal+0x1bd/0x21e0
[  724.029123][T19730]  ? __mutex_unlock_slowpath+0x15c/0x790
[  724.029139][T19730]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  724.029154][T19730]  ? __pfx_pipe_wait_readable+0x10/0x10
[  724.029170][T19730]  ? __pfx_get_signal+0x10/0x10
[  724.029182][T19730]  ? rcu_is_watching+0x12/0xc0
[  724.029196][T19730]  arch_do_signal_or_restart+0x91/0x770
[  724.029213][T19730]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  724.029233][T19730]  ? __fget_files+0x21f/0x3d0
[  724.029249][T19730]  exit_to_user_mode_loop+0x86/0x4b0
[  724.029265][T19730]  ? rcu_is_watching+0x12/0xc0
[  724.029276][T19730]  do_int80_emulation+0x39b/0x470
[  724.029292][T19730]  asm_int80_emulation+0x1a/0x20
[  724.029303][T19730] RIP: 0023:0xf7fb4579
[  724.029313][T19730] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  724.029324][T19730] RSP: 002b:00000000f545550c EFLAGS: 00000292 ORIG_RAX: 000000000000013b
[  724.029335][T19730] RAX: fffffffffffffe00 RBX: 0000000000000008 RCX: 000000000000000b
[  724.029342][T19730] RDX: 00000000000008f5 RSI: 0000000000000000 RDI: 0000000000000000
[  724.029348][T19730] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  724.029354][T19730] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  724.029361][T19730] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  724.029375][T19730]  </TASK>
[  725.183239][T19766] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3805'.
[  725.186820][T19766] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3805'.
[  726.412863][T19793] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  726.799518][T19808] overlayfs: failed to clone upperpath
[  726.812680][T19804] FAULT_INJECTION: forcing a failure.
[  726.812680][T19804] name failslab, interval 1, probability 0, space 0, times 0
[  726.816879][T19804] CPU: 1 UID: 0 PID: 19804 Comm: syz.3.3816 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  726.816898][T19804] Tainted: [L]=SOFTLOCKUP
[  726.816902][T19804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  726.816909][T19804] Call Trace:
[  726.816914][T19804]  <TASK>
[  726.816919][T19804]  dump_stack_lvl+0x100/0x190
[  726.816937][T19804]  should_fail_ex.cold+0x5/0xa
[  726.816955][T19804]  should_failslab+0xc2/0x120
[  726.816972][T19804]  kmem_cache_alloc_noprof+0x83/0x780
[  726.816987][T19804]  ? ima_inode_get+0x11f/0x580
[  726.817004][T19804]  ? ima_inode_get+0x11f/0x580
[  726.817016][T19804]  ima_inode_get+0x11f/0x580
[  726.817030][T19804]  process_measurement+0x1242/0x2400
[  726.817047][T19804]  ? __ia32_sys_openat2+0x244/0x380
[  726.817064][T19804]  ? do_fast_syscall_32+0x32/0x70
[  726.817079][T19804]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  726.817095][T19804]  ? __pfx_process_measurement+0x10/0x10
[  726.817127][T19804]  ? __pfx_ovl_open+0x10/0x10
[  726.817139][T19804]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  726.817153][T19804]  ? inode_to_bdi+0x9e/0x160
[  726.817170][T19804]  ima_file_check+0xca/0x110
[  726.817184][T19804]  ? __pfx_ima_file_check+0x10/0x10
[  726.817202][T19804]  security_file_post_open+0xc4/0x210
[  726.817220][T19804]  path_openat+0x1564/0x3120
[  726.817238][T19804]  ? __pfx_path_openat+0x10/0x10
[  726.817256][T19804]  do_filp_open+0x1f7/0x420
[  726.817271][T19804]  ? __pfx_do_filp_open+0x10/0x10
[  726.817294][T19804]  ? _raw_spin_unlock+0x28/0x50
[  726.817305][T19804]  ? alloc_fd+0x476/0x790
[  726.817322][T19804]  do_sys_openat2+0x12e/0x220
[  726.817339][T19804]  ? __pfx_do_sys_openat2+0x10/0x10
[  726.817361][T19804]  __ia32_sys_openat2+0x244/0x380
[  726.817379][T19804]  ? __pfx___ia32_sys_openat2+0x10/0x10
[  726.817398][T19804]  ? __pfx_ksys_write+0x10/0x10
[  726.817413][T19804]  __do_fast_syscall_32+0xde/0x660
[  726.817429][T19804]  do_fast_syscall_32+0x32/0x70
[  726.817443][T19804]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  726.817457][T19804] RIP: 0023:0xf7f72579
[  726.817466][T19804] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  726.817477][T19804] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 00000000000001b5
[  726.817510][T19804] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[  726.817517][T19804] RDX: 0000000080000040 RSI: 0000000000000018 RDI: 0000000000000000
[  726.817524][T19804] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  726.817530][T19804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  726.817537][T19804] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  726.817552][T19804]  </TASK>
[  727.120569][T19823] fuse: Unknown parameter 'æd'
[  727.567206][T19835] netlink: 'syz.2.3824': attribute type 1 has an invalid length.
[  727.731376][T19842] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  727.817376][T19849] FAULT_INJECTION: forcing a failure.
[  727.817376][T19849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  727.823305][T19849] CPU: 0 UID: 0 PID: 19849 Comm: syz.3.3828 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  727.823332][T19849] Tainted: [L]=SOFTLOCKUP
[  727.823339][T19849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  727.823350][T19849] Call Trace:
[  727.823357][T19849]  <TASK>
[  727.823365][T19849]  dump_stack_lvl+0x100/0x190
[  727.823394][T19849]  should_fail_ex.cold+0x5/0xa
[  727.823421][T19849]  _copy_to_user+0x32/0xd0
[  727.823451][T19849]  simple_read_from_buffer+0xcb/0x170
[  727.823474][T19849]  proc_fail_nth_read+0x1af/0x230
[  727.823495][T19849]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  727.823519][T19849]  ? rw_verify_area+0xce/0x6d0
[  727.823537][T19849]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  727.823559][T19849]  vfs_read+0x1e4/0xb30
[  727.823580][T19849]  ? __pfx_vfs_read+0x10/0x10
[  727.823598][T19849]  ? find_held_lock+0x2b/0x80
[  727.823616][T19849]  ? __fget_files+0x215/0x3d0
[  727.823641][T19849]  ? __fget_files+0x21f/0x3d0
[  727.823669][T19849]  ksys_read+0x12a/0x250
[  727.823696][T19849]  ? __pfx_ksys_read+0x10/0x10
[  727.823717][T19849]  ? __secure_computing+0x1e4/0x2c0
[  727.823746][T19849]  do_int80_emulation+0x101/0x470
[  727.823772][T19849]  asm_int80_emulation+0x1a/0x20
[  727.823791][T19849] RIP: 0023:0xf717572b
[  727.823804][T19849] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  727.823820][T19849] RSP: 002b:00000000f54364bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  727.823839][T19849] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54365d0
[  727.823848][T19849] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  727.823860][T19849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  727.823871][T19849] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  727.823881][T19849] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  727.823905][T19849]  </TASK>
[  727.842716][T19840] Invalid ELF header magic: != ELF
[  727.917926][T19840] netlink: 'syz.0.3826': attribute type 1 has an invalid length.
[  727.943106][T19840] bond3: entered promiscuous mode
[  727.945203][T19840] bond3: entered allmulticast mode
[  727.947641][T19840] 8021q: adding VLAN 0 to HW filter on device bond3
[  727.967680][T19840] erspan1: entered allmulticast mode
[  727.987328][T19840] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  730.563336][T19936] fuse: Bad value for 'group_id'
[  730.564956][T19936] fuse: Bad value for 'group_id'
[  731.100101][T19950] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3864'.
[  731.520775][T19968] overlayfs: failed to clone upperpath
[  731.623387][T19973] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3873'.
[  731.658300][T19975] overlay: Unknown parameter 'euid>00000000000000060929'
[  731.836333][T19985] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  732.719443][T20005] : entered promiscuous mode
[  732.724679][T20005] netlink: 'syz.3.3881': attribute type 29 has an invalid length.
[  732.727514][T20005] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3881'.
[  732.731776][T20005] veth0_to_bridge: entered promiscuous mode
[  732.734278][T20005] netlink: 'syz.3.3881': attribute type 64 has an invalid length.
[  732.737059][T20005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3881'.
[  732.741340][T20005] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  733.414049][T20001] veth0_to_bridge: left promiscuous mode
[  733.432536][T20013] gfs2: path_lookup on c::: returned error -2
[  733.834771][T20028] can: request_module (can-proto-0) failed.
[  733.908402][T20032] FAULT_INJECTION: forcing a failure.
[  733.908402][T20032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  733.913578][T20032] CPU: 2 UID: 0 PID: 20032 Comm: syz.3.3890 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  733.913598][T20032] Tainted: [L]=SOFTLOCKUP
[  733.913602][T20032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  733.913608][T20032] Call Trace:
[  733.913612][T20032]  <TASK>
[  733.913617][T20032]  dump_stack_lvl+0x100/0x190
[  733.913635][T20032]  should_fail_ex.cold+0x5/0xa
[  733.913660][T20032]  _copy_from_user+0x2e/0xd0
[  733.913686][T20032]  vt_compat_ioctl+0x1c5/0x4e0
[  733.913716][T20032]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  733.913734][T20032]  ? hook_file_ioctl_common+0x146/0x410
[  733.913755][T20032]  ? __fget_files+0x21f/0x3d0
[  733.913768][T20032]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  733.913781][T20032]  tty_compat_ioctl+0x1b4/0x420
[  733.913798][T20032]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  733.913815][T20032]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  733.913835][T20032]  __do_fast_syscall_32+0xde/0x660
[  733.913852][T20032]  do_fast_syscall_32+0x32/0x70
[  733.913866][T20032]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  733.913880][T20032] RIP: 0023:0xf7f72579
[  733.913889][T20032] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  733.913899][T20032] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  733.913911][T20032] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b72
[  733.913918][T20032] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  733.913924][T20032] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  733.913930][T20032] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  733.913937][T20032] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  733.913950][T20032]  </TASK>
[  733.998610][T20034] No control pipe specified
[  734.592995][T20025] overlayfs: statfs failed on './file0'
[  735.316454][ T6051] libceph: connect (1)[c::]:6789 error -101
[  735.319104][ T6051] libceph: mon0 (1)[c::]:6789 connect error
[  735.360541][T20055] ceph: No mds server is up or the cluster is laggy
[  736.290708][ T6330] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  736.460623][ T6330] usb 5-1: Using ep0 maxpacket: 8
[  736.471963][ T6330] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  736.474591][ T6330] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  736.477605][ T6330] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  736.480709][ T6330] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  736.483856][ T6330] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  736.487853][ T6330] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  736.500615][ T6330] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.721995][ T6330] usb 5-1: usb_control_msg returned -71
[  736.724415][ T6330] usbtmc 5-1:16.0: can't read capabilities
[  736.752705][ T6330] usb 5-1: USB disconnect, device number 19
[  737.470541][ T6330] libceph: connect (1)[c::]:6789 error -101
[  737.473839][ T6330] libceph: mon0 (1)[c::]:6789 connect error
[  737.519990][T20091] ceph: No mds server is up or the cluster is laggy
[  737.671877][T20103] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3910'.
[  738.218099][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  738.218112][   T40] audit: type=1326 audit(995.044:5132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.226948][   T40] audit: type=1326 audit(995.044:5133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.233774][   T40] audit: type=1326 audit(995.044:5134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=183 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.240331][   T40] audit: type=1326 audit(995.044:5135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.247165][   T40] audit: type=1326 audit(995.044:5136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.254137][   T40] audit: type=1326 audit(995.044:5137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.261252][   T40] audit: type=1326 audit(995.044:5138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.267926][   T40] audit: type=1326 audit(995.044:5139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.274794][   T40] audit: type=1326 audit(995.044:5140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  738.283911][   T40] audit: type=1326 audit(995.044:5141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20114 comm="syz.0.3915" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf71b572b code=0x7ffc0000
[  738.367631][ T1153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  738.370968][ T1153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  739.021655][T20133] ceph: No mds server is up or the cluster is laggy
[  740.014021][T20162] ceph: No mds server is up or the cluster is laggy
[  740.219295][T20173] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3933'.
[  740.572289][T11516] libceph: connect (1)[c::]:6789 error -101
[  740.574290][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  740.609601][T20185] ceph: No mds server is up or the cluster is laggy
[  741.677906][T20229] netlink: 'syz.1.3953': attribute type 1 has an invalid length.
[  741.743498][T20234] IPVS: ip_vs_add_dest(): server weight less than zero
[  743.009180][T20263] netlink: 'syz.1.3963': attribute type 12 has an invalid length.
[  743.093654][T20272] overlayfs: failed to resolve './bus': -2
[  743.128964][T20275] fuse: Unknown parameter 'f'
[  743.782413][   T40] kauditd_printk_skb: 142 callbacks suppressed
[  743.782425][   T40] audit: type=1326 audit(1000.602:5284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20280 comm="syz.0.3970" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb4579 code=0x0
[  744.164207][T20299] netlink: 'syz.2.3973': attribute type 10 has an invalid length.
[  744.166874][T20299] netlink: 55 bytes leftover after parsing attributes in process `syz.2.3973'.
[  744.358930][T20311] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3976'.
[  745.228328][T20327] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3981'.
[  745.884358][T20339] siw: device registration error -23
[  746.206211][T20365] fuse: Unknown parameter 'fd`0x0000000000000005'
[  746.233073][T11516] libceph: connect (1)[c::]:6789 error -101
[  746.235068][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  746.284322][T20367] ceph: No mds server is up or the cluster is laggy
[  746.810800][T20388] ceph: No mds server is up or the cluster is laggy
[  746.902771][T20393] netlink: 'syz.3.4003': attribute type 29 has an invalid length.
[  746.906435][T20393] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4003'.
[  746.961521][   T40] audit: type=1326 audit(1003.782:5285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  746.973256][   T40] audit: type=1326 audit(1003.782:5286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  746.980430][   T40] audit: type=1326 audit(1003.792:5287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=183 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  746.987512][   T40] audit: type=1326 audit(1003.792:5288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  746.994757][   T40] audit: type=1326 audit(1003.792:5289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  747.001165][   T40] audit: type=1326 audit(1003.802:5290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  747.007910][   T40] audit: type=1326 audit(1003.802:5291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  747.014756][   T40] audit: type=1326 audit(1003.802:5292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  747.021400][   T40] audit: type=1326 audit(1003.802:5293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.3.4004" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  747.257985][T20401] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4007'.
[  747.366016][T20411] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4010'.
[  747.369762][T20411] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4010'.
[  747.554237][T20413] netlink: 182612 bytes leftover after parsing attributes in process `syz.1.4011'.
[  747.558718][T20415] netlink: 'syz.3.4012': attribute type 29 has an invalid length.
[  747.561996][T20415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4012'.
[  748.902803][T20454] : entered promiscuous mode
[  749.035019][   T29] libceph: connect (1)[c::]:6789 error -101
[  749.037422][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  749.066054][T20440] ceph: No mds server is up or the cluster is laggy
[  749.149339][T20461] netlink: 'syz.1.4025': attribute type 1 has an invalid length.
[  749.152187][T20461] netlink: 'syz.1.4025': attribute type 2 has an invalid length.
[  749.160397][T20461] netlink: 'syz.1.4025': attribute type 1 has an invalid length.
[  749.163954][T20461] netlink: 'syz.1.4025': attribute type 2 has an invalid length.
[  749.566241][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  749.566259][   T40] audit: type=1326 audit(1006.391:5314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  749.583800][   T40] audit: type=1326 audit(1006.391:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  749.598180][   T40] audit: type=1326 audit(1006.391:5316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb4598 code=0x7ffc0000
[  749.605108][   T40] audit: type=1326 audit(1006.391:5317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb4598 code=0x7ffc0000
[  749.611688][   T40] audit: type=1326 audit(1006.391:5318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb4598 code=0x7ffc0000
[  749.618344][   T40] audit: type=1326 audit(1006.391:5319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb4598 code=0x7ffc0000
[  749.625753][   T40] audit: type=1326 audit(1006.391:5320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb4598 code=0x7ffc0000
[  749.633157][   T40] audit: type=1326 audit(1006.391:5321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb4598 code=0x7ffc0000
[  749.660675][   T40] audit: type=1326 audit(1006.391:5322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb4598 code=0x7ffc0000
[  749.673721][   T40] audit: type=1326 audit(1006.391:5323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20469 comm="syz.0.4028" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb4598 code=0x7ffc0000
[  749.675308][T20482] bridge0: port 1(bridge_slave_0) entered disabled state
[  750.041254][ T6051] libceph: connect (1)[c::]:6789 error -101
[  750.042788][T11516] libceph: connect (1)[c::]:6789 error -101
[  750.047081][ T6051] libceph: mon0 (1)[c::]:6789 connect error
[  750.053983][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  750.075937][T20492] ceph: No mds server is up or the cluster is laggy
[  750.078991][T20496] ceph: No mds server is up or the cluster is laggy
[  750.153353][T20513] overlayfs: failed to clone upperpath
[  750.200123][T20517] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4043'.
[  750.499394][T20528] 9p: Bad value for 'rfdno'
[  750.499456][T20532] 9p: Unknown Cache mode or invalid value fscach
[  750.701319][T20542] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  750.783256][T20548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4052'.
[  750.921049][ T6369] libceph: connect (1)[c::]:6789 error -101
[  750.923594][ T6369] libceph: mon0 (1)[c::]:6789 connect error
[  750.954105][   T24] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  751.022165][T20550] ceph: No mds server is up or the cluster is laggy
[  751.103982][   T24] usb 5-1: Using ep0 maxpacket: 32
[  751.107487][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  751.110231][   T24] usb 5-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  751.113598][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  751.123469][   T24] usb 5-1: config 0 descriptor??
[  751.413370][T11516] libceph: connect (1)[c::]:6789 error -101
[  751.415677][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  751.463320][T20563] ceph: No mds server is up or the cluster is laggy
[  751.625630][T20569] can: request_module (can-proto-4) failed.
[  751.741628][   T24] usbhid 5-1:0.0: can't add hid device: -71
[  751.749205][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  751.757965][   T24] usb 5-1: USB disconnect, device number 20
[  751.895849][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  753.529880][T20620] lo speed is unknown, defaulting to 1000
[  753.532510][T20620] lo speed is unknown, defaulting to 1000
[  754.985981][T20634] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4074'.
[  755.002711][T20634] bond4: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  755.009794][T20634] bond4 (unregistering): Released all slaves
[  755.040585][T20637] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  755.062393][T20638] lo speed is unknown, defaulting to 1000
[  755.090391][T20638] lo speed is unknown, defaulting to 1000
[  755.879545][T20668] netlink: 'syz.3.4087': attribute type 2 has an invalid length.
[  755.882325][T20668] netlink: 'syz.3.4087': attribute type 1 has an invalid length.
[  755.906378][T20671] FAULT_INJECTION: forcing a failure.
[  755.906378][T20671] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  755.910623][T20671] CPU: 1 UID: 0 PID: 20671 Comm: syz.0.4088 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  755.910643][T20671] Tainted: [L]=SOFTLOCKUP
[  755.910647][T20671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  755.910654][T20671] Call Trace:
[  755.910659][T20671]  <TASK>
[  755.910664][T20671]  dump_stack_lvl+0x100/0x190
[  755.910683][T20671]  should_fail_ex.cold+0x5/0xa
[  755.910702][T20671]  _copy_to_user+0x32/0xd0
[  755.910721][T20671]  simple_read_from_buffer+0xcb/0x170
[  755.910734][T20671]  proc_fail_nth_read+0x1af/0x230
[  755.910748][T20671]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  755.910763][T20671]  ? rw_verify_area+0xce/0x6d0
[  755.910774][T20671]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  755.910787][T20671]  vfs_read+0x1e4/0xb30
[  755.910802][T20671]  ? __pfx_vfs_read+0x10/0x10
[  755.910813][T20671]  ? find_held_lock+0x2b/0x80
[  755.910824][T20671]  ? __fget_files+0x215/0x3d0
[  755.910840][T20671]  ? __fget_files+0x21f/0x3d0
[  755.910856][T20671]  ksys_read+0x12a/0x250
[  755.910868][T20671]  ? __pfx_ksys_read+0x10/0x10
[  755.910885][T20671]  do_int80_emulation+0x101/0x470
[  755.910901][T20671]  asm_int80_emulation+0x1a/0x20
[  755.910912][T20671] RIP: 0023:0xf71b572b
[  755.910921][T20671] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  755.910931][T20671] RSP: 002b:00000000f54764bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  755.910943][T20671] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54765d0
[  755.910950][T20671] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  755.910956][T20671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  755.910963][T20671] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  755.910969][T20671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  755.910983][T20671]  </TASK>
[  756.406384][T20693] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4096'.
[  756.482711][T20696] netlink: 'syz.2.4095': attribute type 29 has an invalid length.
[  756.485727][T20696] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4095'.
[  756.808403][T20706] ceph: No mds server is up or the cluster is laggy
[  757.390021][T20719] ceph: No mds server is up or the cluster is laggy
[  757.437935][T20724] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  758.616595][T19626] libceph: connect (1)[c::]:6789 error -101
[  758.635312][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  758.666892][T20748] ceph: No mds server is up or the cluster is laggy
[  759.181605][T20756] : entered promiscuous mode
[  760.014773][T20775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4118'.
[  760.019882][T20775] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4118'.
[  760.023989][T20775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4118'.
[  760.028739][T20775] FAULT_INJECTION: forcing a failure.
[  760.028739][T20775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  760.034638][T20775] CPU: 3 UID: 0 PID: 20775 Comm: syz.3.4118 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  760.034680][T20775] Tainted: [L]=SOFTLOCKUP
[  760.034687][T20775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  760.034697][T20775] Call Trace:
[  760.034705][T20775]  <TASK>
[  760.034711][T20775]  dump_stack_lvl+0x100/0x190
[  760.034740][T20775]  should_fail_ex.cold+0x5/0xa
[  760.034770][T20775]  _copy_from_user+0x2e/0xd0
[  760.034800][T20775]  kstrtouint_from_user+0xd6/0x1d0
[  760.034821][T20775]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  760.034840][T20775]  ? __lock_acquire+0x4a5/0x2630
[  760.034868][T20775]  ? lock_acquire+0x17c/0x330
[  760.034896][T20775]  proc_fail_nth_write+0x83/0x220
[  760.034920][T20775]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  760.034948][T20775]  vfs_write+0x2aa/0x1070
[  760.034972][T20775]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  760.034996][T20775]  ? __pfx_vfs_write+0x10/0x10
[  760.035013][T20775]  ? find_held_lock+0x2b/0x80
[  760.035031][T20775]  ? __fget_files+0x215/0x3d0
[  760.035057][T20775]  ? __fget_files+0x21f/0x3d0
[  760.035083][T20775]  ksys_write+0x12a/0x250
[  760.035104][T20775]  ? __pfx_ksys_write+0x10/0x10
[  760.035132][T20775]  do_int80_emulation+0x101/0x470
[  760.035157][T20775]  asm_int80_emulation+0x1a/0x20
[  760.035176][T20775] RIP: 0023:0xf717572b
[  760.035192][T20775] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  760.035209][T20775] RSP: 002b:00000000f54364bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  760.035232][T20775] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54365d0
[  760.035244][T20775] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  760.035254][T20775] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  760.035265][T20775] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  760.035274][T20775] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  760.035297][T20775]  </TASK>
[  761.151704][T20796] fuse: Bad value for 'fd'
[  761.636369][   T24] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  761.718142][T19626] libceph: connect (1)[c::]:6789 error -101
[  761.720535][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  761.772360][T20806] ceph: No mds server is up or the cluster is laggy
[  761.806391][   T24] usb 5-1: Using ep0 maxpacket: 8
[  761.810506][   T24] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  761.812567][T19626] libceph: connect (1)[c::]:6789 error -101
[  761.814157][   T24] usb 5-1: config 0 has no interface number 0
[  761.819745][   T24] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  761.824434][   T24] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  761.826254][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  761.829499][   T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  761.835580][   T24] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  761.847247][   T24] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  761.854894][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.855606][T20811] ceph: No mds server is up or the cluster is laggy
[  761.864253][   T24] usb 5-1: config 0 descriptor??
[  761.871001][   T24] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  762.122040][T20816] netlink: 'syz.1.4130': attribute type 10 has an invalid length.
[  762.174491][   T40] kauditd_printk_skb: 39 callbacks suppressed
[  762.174504][   T40] audit: type=1326 audit(1018.998:5363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.184634][   T40] audit: type=1326 audit(1018.998:5364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.191481][   T40] audit: type=1326 audit(1019.008:5365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.198898][   T40] audit: type=1326 audit(1019.008:5366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.205598][   T40] audit: type=1326 audit(1019.008:5367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.212518][   T40] audit: type=1326 audit(1019.008:5368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.219829][   T40] audit: type=1326 audit(1019.008:5369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.226643][   T40] audit: type=1326 audit(1019.008:5370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.233362][   T40] audit: type=1326 audit(1019.008:5371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000
[  762.240664][   T40] audit: type=1326 audit(1019.008:5372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.1.4131" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf748d579 code=0x7ffc0000
[  763.587871][T20837] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4136'.
[  764.120945][T20843] netlink: 'syz.3.4138': attribute type 1 has an invalid length.
[  764.135497][T20843] 8021q: adding VLAN 0 to HW filter on device bond2
[  764.155940][ T6051] usb 5-1: USB disconnect, device number 21
[  764.164037][ T6051] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  764.181619][T20843] vlan4: entered allmulticast mode
[  764.183285][T20843] veth0_to_bond: entered allmulticast mode
[  764.185752][T20843] bond2: (slave vlan4): Opening slave failed
[  765.724825][T20873] netlink: 'syz.2.4146': attribute type 29 has an invalid length.
[  765.727548][T20873] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4146'.
[  765.814747][T20867] netlink: 'syz.3.4144': attribute type 29 has an invalid length.
[  765.817461][T20867] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4144'.
[  766.237924][T19626] libceph: connect (1)[c::]:6789 error -101
[  766.240123][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  766.286051][T20886] ceph: No mds server is up or the cluster is laggy
[  768.822438][T20941] bond3 (unregistering): Released all slaves
[  768.858480][T20942] bond3 (unregistering): Released all slaves
[  769.241808][T20957] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  769.827890][T20978] netlink: 'syz.0.4173': attribute type 1 has an invalid length.
[  769.850432][T20978] 8021q: adding VLAN 0 to HW filter on device bond4
[  769.961007][T20987] overlayfs: failed to clone upperpath
[  770.008990][T20987] netlink: 'syz.1.4176': attribute type 12 has an invalid length.
[  770.019474][T20987] 9p: Bad value for 'rfdno'
[  770.221476][ T5944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  770.227092][ T5944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  770.296887][ T5944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  770.308988][ T5944] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  770.313219][ T5944] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  770.333422][T14376] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  770.337147][T14376] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  770.341336][T14376] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  770.349958][T14376] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  770.354227][T14376] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  770.376102][T20992] lo speed is unknown, defaulting to 1000
[  770.390118][T20992] lo speed is unknown, defaulting to 1000
[  770.812104][T20992] chnl_net:caif_netlink_parms(): no params data found
[  770.826726][ T6051] libceph: connect (1)[c::]:6789 error -101
[  770.829738][ T6051] libceph: mon0 (1)[c::]:6789 connect error
[  770.834156][ T6051] libceph: connect (1)[c::]:6789 error -101
[  770.836452][ T6051] libceph: mon0 (1)[c::]:6789 connect error
[  770.920224][T21006] ceph: No mds server is up or the cluster is laggy
[  770.945489][T20992] bridge0: port 1(bridge_slave_0) entered blocking state
[  770.948022][T20992] bridge0: port 1(bridge_slave_0) entered disabled state
[  770.950526][T20992] bridge_slave_0: entered allmulticast mode
[  770.954884][T20992] bridge_slave_0: entered promiscuous mode
[  770.961637][T20992] bridge0: port 2(bridge_slave_1) entered blocking state
[  770.964207][T20992] bridge0: port 2(bridge_slave_1) entered disabled state
[  770.966643][T20992] bridge_slave_1: entered allmulticast mode
[  770.973053][T20992] bridge_slave_1: entered promiscuous mode
[  771.010407][T20992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  771.018636][T20992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  771.041769][T20992] team0: Port device team_slave_0 added
[  771.051618][ T1153] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.054779][T21018] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4181'.
[  771.075656][T20992] team0: Port device team_slave_1 added
[  771.091703][T20992] batman_adv: batadv0: Adding interface: batadv_slave_0
[  771.093941][T20992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  771.104663][T20992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  771.110574][T20992] batman_adv: batadv0: Adding interface: batadv_slave_1
[  771.112956][T20992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  771.121592][T20992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  771.161944][ T1153] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.175581][T20992] hsr_slave_0: entered promiscuous mode
[  771.179781][T20992] hsr_slave_1: entered promiscuous mode
[  771.221990][ T1153] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.294222][ T1153] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.472476][ T1153] bridge_slave_1: left allmulticast mode
[  771.474712][ T1153] bridge_slave_1: left promiscuous mode
[  771.476877][ T1153] bridge0: port 2(bridge_slave_1) entered disabled state
[  771.481570][ T1153] bridge_slave_0: left allmulticast mode
[  771.483758][ T1153] bridge0: port 1(bridge_slave_0) entered disabled state
[  772.378265][T14376] Bluetooth: hci0: command tx timeout
[  772.416793][ T1153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  772.427632][ T1153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  772.434866][ T1153] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  772.447977][ T1153] bond0 (unregistering): Released all slaves
[  772.549386][ T1153] bond1 (unregistering): Released all slaves
[  772.650998][ T1153] bond2 (unregistering): (slave veth0_to_bond): Releasing active interface
[  772.653955][ T1153] veth0_to_bond: left promiscuous mode
[  772.655902][ T1153] veth0_to_bond: left allmulticast mode
[  772.660222][ T1153] bond2 (unregistering): Released all slaves
[  773.115681][T21056] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4190'.
[  773.343118][T20992] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  773.360950][T20992] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  773.374128][T20992] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  773.400123][T20992] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  773.643829][ T1153] hsr_slave_0: left promiscuous mode
[  773.646659][ T1153] hsr_slave_1: left promiscuous mode
[  773.652156][ T1153] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  773.654524][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_0
[  773.658732][ T1153] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  773.661201][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_1
[  773.682281][ T1153] batadv_slave_1: left promiscuous mode
[  773.684605][ T1153] veth1_macvtap: left promiscuous mode
[  773.686492][ T1153] veth0_macvtap: left promiscuous mode
[  773.688793][ T1153] veth1_vlan: left promiscuous mode
[  773.690674][ T1153] veth0_vlan: left promiscuous mode
[  774.440691][T20992] 8021q: adding VLAN 0 to HW filter on device bond0
[  774.450645][T20992] 8021q: adding VLAN 0 to HW filter on device team0
[  774.457991][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  774.461004][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  774.468759][T14376] Bluetooth: hci0: command tx timeout
[  774.469504][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  774.472842][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  774.515522][T20992] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  774.519635][T20992] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  774.617887][T20992] 8021q: adding VLAN 0 to HW filter on device batadv0
[  774.641320][T20992] veth0_vlan: entered promiscuous mode
[  774.646668][T20992] veth1_vlan: entered promiscuous mode
[  774.664208][T20992] veth0_macvtap: entered promiscuous mode
[  774.668108][T20992] veth1_macvtap: entered promiscuous mode
[  774.696356][T20992] batman_adv: batadv0: Interface activated: batadv_slave_0
[  774.703237][T20992] batman_adv: batadv0: Interface activated: batadv_slave_1
[  774.709018][   T90] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  774.712484][   T90] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  774.715823][   T90] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  774.720155][   T90] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  774.755682][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  774.758211][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  774.773531][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  774.776010][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  774.801020][T21070] ptrace attach of "/syz-executor exec"[15155] was attempted by "/syz-executor exec"[21070]
[  774.833569][ T1153] IPVS: stop unused estimator thread 0...
[  775.118836][T19626] libceph: connect (1)[c::]:6789 error -101
[  775.120879][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  775.180189][T21079] ceph: No mds server is up or the cluster is laggy
[  776.245762][T21085] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4194'.
[  776.549736][T14376] Bluetooth: hci0: command tx timeout
[  777.162782][T21109] netlink: 'syz.2.4197': attribute type 29 has an invalid length.
[  777.166071][T21109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4197'.
[  777.805313][ T6369] libceph: connect (1)[c::]:6789 error -101
[  777.808593][ T6369] libceph: mon0 (1)[c::]:6789 connect error
[  777.856003][T21116] ceph: No mds server is up or the cluster is laggy
[  778.183534][   T24] libceph: connect (1)[c::]:6789 error -101
[  778.185722][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  778.236254][T21126] ceph: No mds server is up or the cluster is laggy
[  778.629262][T14376] Bluetooth: hci0: command tx timeout
[  780.258618][T21161] Invalid logical block size (161)
[  780.348570][T21166] tipc: Started in network mode
[  780.351842][T21166] tipc: Node identity aedef684c6b1, cluster identity 4711
[  780.354538][T21166] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  780.357930][T21166] syzkaller0: entered promiscuous mode
[  780.359791][T21166] syzkaller0: entered allmulticast mode
[  780.432361][T21167] tipc: Resetting bearer <eth:syzkaller0>
[  781.173368][T21164] tipc: Resetting bearer <eth:syzkaller0>
[  781.224043][T21174] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4213'.
[  781.230439][T21164] tipc: Disabling bearer <eth:syzkaller0>
[  781.865468][T21190] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  782.429776][T21196] syzkaller0: entered promiscuous mode
[  782.431805][T21196] syzkaller0: entered allmulticast mode
[  782.613717][T21201] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4220'.
[  782.703807][T21201] netlink: 'syz.3.4220': attribute type 6 has an invalid length.
[  784.670895][T21234] tipc: Started in network mode
[  784.673348][T21234] tipc: Node identity dee413f07393, cluster identity 4711
[  784.675768][T21234] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  784.678836][T21234] syzkaller0: entered promiscuous mode
[  784.680708][T21234] syzkaller0: entered allmulticast mode
[  784.688621][T21234] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  784.900202][T21236] syzkaller0: mtu less than device minimum
[  784.903835][T21233] tipc: Resetting bearer <eth:syzkaller0>
[  784.916254][T21233] tipc: Disabling bearer <eth:syzkaller0>
[  785.116822][T21238] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4227'.
[  785.389492][T21240] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4228'.
[  785.457817][T21259] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  785.459941][T21259] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  785.462902][T21259] vhci_hcd vhci_hcd.0: Device attached
[  785.719744][ T6369] usb 37-1: new low-speed USB device number 20 using vhci_hcd
[  785.937384][T21260] vhci_hcd: connection reset by peer
[  785.939927][T19363] vhci_hcd vhci_hcd.0: stop threads
[  785.944018][T19363] vhci_hcd vhci_hcd.0: release socket
[  785.950277][T19363] vhci_hcd vhci_hcd.0: disconnect device
[  785.979016][T21267] netem: change failed
[  786.428049][T21277] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  786.430221][T21277] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  786.433237][T21277] vhci_hcd vhci_hcd.0: Device attached
[  786.674858][ T6006] usb 43-1: new low-speed USB device number 17 using vhci_hcd
[  786.825210][T21299] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  786.830603][T21292] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4242'.
[  787.029525][T21308] FAULT_INJECTION: forcing a failure.
[  787.029525][T21308] name failslab, interval 1, probability 0, space 0, times 0
[  787.035026][T21308] CPU: 3 UID: 0 PID: 21308 Comm: syz.1.4245 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  787.035055][T21308] Tainted: [L]=SOFTLOCKUP
[  787.035062][T21308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  787.035073][T21308] Call Trace:
[  787.035079][T21308]  <TASK>
[  787.035086][T21308]  dump_stack_lvl+0x100/0x190
[  787.035114][T21308]  should_fail_ex.cold+0x5/0xa
[  787.035144][T21308]  should_failslab+0xc2/0x120
[  787.035175][T21308]  kmem_cache_alloc_noprof+0x83/0x780
[  787.035199][T21308]  ? copy_process+0x283f/0x7890
[  787.035227][T21308]  ? copy_process+0x283f/0x7890
[  787.035249][T21308]  copy_process+0x283f/0x7890
[  787.035272][T21308]  ? __lock_acquire+0x4a5/0x2630
[  787.035304][T21308]  ? __pfx_copy_process+0x10/0x10
[  787.035331][T21308]  ? get_pid_task+0xfc/0x250
[  787.035354][T21308]  ? get_pid_task+0xfc/0x250
[  787.035384][T21308]  kernel_clone+0xfc/0x930
[  787.035405][T21308]  ? proc_fail_nth_write+0x9f/0x220
[  787.035427][T21308]  ? find_held_lock+0x2b/0x80
[  787.035445][T21308]  ? __pfx_kernel_clone+0x10/0x10
[  787.035474][T21308]  ? ksys_write+0x190/0x250
[  787.035501][T21308]  __do_compat_sys_ia32_clone+0xd4/0x120
[  787.035528][T21308]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  787.035567][T21308]  ? ksys_write+0x1ac/0x250
[  787.035587][T21308]  ? __pfx_ksys_write+0x10/0x10
[  787.035612][T21308]  __do_fast_syscall_32+0xde/0x660
[  787.035638][T21308]  do_fast_syscall_32+0x32/0x70
[  787.035661][T21308]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  787.035683][T21308] RIP: 0023:0xf7fc4579
[  787.035698][T21308] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  787.035715][T21308] RSP: 002b:00000000f54864bc EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  787.035733][T21308] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000000000000
[  787.035744][T21308] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  787.035755][T21308] RBP: 00000000f7484f80 R08: 0000000000000000 R09: 0000000000000000
[  787.035765][T21308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  787.035776][T21308] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  787.035800][T21308]  </TASK>
[  787.046635][T21283] vhci_hcd: connection reset by peer
[  787.128457][   T46] vhci_hcd vhci_hcd.3: stop threads
[  787.130172][   T46] vhci_hcd vhci_hcd.3: release socket
[  787.132301][   T46] vhci_hcd vhci_hcd.3: disconnect device
[  787.276760][T21317] netlink: 'syz.1.4248': attribute type 29 has an invalid length.
[  787.279728][T21317] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4248'.
[  787.965679][T21328] FAULT_INJECTION: forcing a failure.
[  787.965679][T21328] name failslab, interval 1, probability 0, space 0, times 0
[  787.970245][T21328] CPU: 1 UID: 0 PID: 21328 Comm: syz.3.4252 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  787.970270][T21328] Tainted: [L]=SOFTLOCKUP
[  787.970275][T21328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  787.970284][T21328] Call Trace:
[  787.970290][T21328]  <TASK>
[  787.970296][T21328]  dump_stack_lvl+0x100/0x190
[  787.970334][T21328]  should_fail_ex.cold+0x5/0xa
[  787.970358][T21328]  should_failslab+0xc2/0x120
[  787.970378][T21328]  ? ip_options_get+0xa4/0x420
[  787.970404][T21328]  __kmalloc_noprof+0xf6/0x9c0
[  787.970417][T21328]  ? __might_fault+0xc5/0x140
[  787.970432][T21328]  ? __might_fault+0xc5/0x140
[  787.970452][T21328]  ? ip_options_get+0xa4/0x420
[  787.970469][T21328]  ip_options_get+0xa4/0x420
[  787.970489][T21328]  ? _copy_from_iter+0x270/0x1690
[  787.970516][T21328]  ? aa_label_sk_perm+0x195/0x5f0
[  787.970539][T21328]  ? __pfx_ip_options_get+0x10/0x10
[  787.970560][T21328]  ? __pfx__copy_from_iter+0x10/0x10
[  787.970584][T21328]  ip_cmsg_send+0x86f/0xbc0
[  787.970600][T21328]  ? aa_label_sk_perm+0x195/0x5f0
[  787.970625][T21328]  ping_v4_sendmsg+0x65a/0x19d0
[  787.970643][T21328]  ? register_lock_class+0x40/0x560
[  787.970663][T21328]  ? __pfx_ping_v4_sendmsg+0x10/0x10
[  787.970679][T21328]  ? __lock_acquire+0x4a5/0x2630
[  787.970704][T21328]  ? reacquire_held_locks+0xce/0x1e0
[  787.970722][T21328]  ? release_sock+0x21/0x220
[  787.970746][T21328]  ? inet_autobind+0x145/0x1a0
[  787.970759][T21328]  ? find_held_lock+0x2b/0x80
[  787.970772][T21328]  ? inet_autobind+0x145/0x1a0
[  787.970789][T21328]  ? inet_autobind+0x145/0x1a0
[  787.970800][T21328]  ? __local_bh_enable_ip+0x9e/0x120
[  787.970818][T21328]  ? inet_autobind+0x14a/0x1a0
[  787.970831][T21328]  ? __pfx_ping_v4_sendmsg+0x10/0x10
[  787.970847][T21328]  inet_sendmsg+0x11c/0x140
[  787.970864][T21328]  ____sys_sendmsg+0x9ad/0xc30
[  787.970882][T21328]  ? __pfx_____sys_sendmsg+0x10/0x10
[  787.970906][T21328]  ___sys_sendmsg+0x190/0x1e0
[  787.970924][T21328]  ? __pfx____sys_sendmsg+0x10/0x10
[  787.970963][T21328]  __sys_sendmsg+0x170/0x220
[  787.970984][T21328]  ? __pfx___sys_sendmsg+0x10/0x10
[  787.971011][T21328]  ? __pfx_ksys_write+0x10/0x10
[  787.971032][T21328]  __do_fast_syscall_32+0xde/0x660
[  787.971052][T21328]  do_fast_syscall_32+0x32/0x70
[  787.971070][T21328]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  787.971088][T21328] RIP: 0023:0xf7f72579
[  787.971100][T21328] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  787.971113][T21328] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  787.971128][T21328] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000600
[  787.971137][T21328] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  787.971145][T21328] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  787.971158][T21328] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  787.971166][T21328] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  787.971185][T21328]  </TASK>
[  788.144593][T21333] comedi comedi3: comedi_test: 10 microvolt, 2046 microsecond waveform attached
[  788.611768][T21349] bond2: (slave dummy0): Releasing active interface
[  788.620891][T21349] batman_adv: batadv0: Adding interface: dummy0
[  788.623255][T21349] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  788.633163][T21349] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  789.193876][T21357] dummy0: left promiscuous mode
[  789.195982][T21357] dummy0: left allmulticast mode
[  789.200729][T21357] bond3: (slave dummy0): Releasing active interface
[  789.209643][T21357] batman_adv: batadv0: Adding interface: dummy0
[  789.212297][T21357] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  789.223262][T21357] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  789.492976][T21365] batman_adv: batadv0: Adding interface: geneve2
[  789.495052][T21365] batman_adv: batadv0: The MTU of interface geneve2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1568 would solve the problem.
[  789.503252][T21365] batman_adv: batadv0: Interface activated: geneve2
[  789.505708][ T1153] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  789.509377][ T1153] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  789.512056][ T1153] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  789.514804][ T1153] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  790.700228][T21387] overlayfs: missing 'lowerdir'
[  790.857413][ T6369] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  791.582847][T19363] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  791.790777][T19363] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  791.839360][ T6006] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  792.023443][T21406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4277'.
[  792.150287][T21407] ceph: No mds server is up or the cluster is laggy
[  792.153761][T19626] libceph: connect (1)[c::]:6789 error -101
[  792.160817][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  792.225477][ T5944] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  792.231769][ T5944] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  792.236507][ T5944] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  792.241977][ T5944] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  792.250779][ T5944] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  793.372006][T19363] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  793.421721][T21406] hsr_slave_1 (unregistering): left promiscuous mode
[  793.442696][T21423] netlink: 'syz.1.4282': attribute type 1 has an invalid length.
[  793.445381][T21423] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4282'.
[  793.467918][T19363] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  793.487262][T21412] lo speed is unknown, defaulting to 1000
[  793.492291][T21412] lo speed is unknown, defaulting to 1000
[  793.683913][T21412] chnl_net:caif_netlink_parms(): no params data found
[  793.799595][T21436] random: crng reseeded on system resumption
[  793.845968][T21412] bridge0: port 1(bridge_slave_0) entered blocking state
[  793.850015][T21412] bridge0: port 1(bridge_slave_0) entered disabled state
[  793.852337][T21412] bridge_slave_0: entered allmulticast mode
[  793.854972][T21412] bridge_slave_0: entered promiscuous mode
[  793.862162][T21412] bridge0: port 2(bridge_slave_1) entered blocking state
[  793.864635][T21412] bridge0: port 2(bridge_slave_1) entered disabled state
[  793.867179][T21412] bridge_slave_1: entered allmulticast mode
[  793.870591][T21412] bridge_slave_1: entered promiscuous mode
[  793.887634][T21412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  793.892442][T21412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  793.910706][T21412] team0: Port device team_slave_0 added
[  793.915167][T21412] team0: Port device team_slave_1 added
[  793.939640][T21412] batman_adv: batadv0: Adding interface: batadv_slave_0
[  793.941875][T21412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  793.950674][T21412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  793.956209][T21412] batman_adv: batadv0: Adding interface: batadv_slave_1
[  793.958520][T21412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  793.967547][T21412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  793.971632][T19363] bridge_slave_1: left allmulticast mode
[  793.973668][T19363] bridge_slave_1: left promiscuous mode
[  793.976181][T19363] bridge0: port 2(bridge_slave_1) entered disabled state
[  793.991815][T19363] bridge_slave_0: left allmulticast mode
[  793.994013][T19363] bridge_slave_0: left promiscuous mode
[  793.996526][T19363] bridge0: port 1(bridge_slave_0) entered disabled state
[  794.309600][T14376] Bluetooth: hci2: command tx timeout
[  794.382882][T19363] batman_adv: batadv0: Interface deactivated: gretap1
[  794.628797][T19363] batman_adv: batadv0: Removing interface: gretap1
[  794.987185][T19363] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  794.992108][T19363] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  794.995717][T19363] bond0 (unregistering): Released all slaves
[  795.131281][T19363] bond1 (unregistering): Released all slaves
[  795.296645][T19363] bond2 (unregistering): Released all slaves
[  795.339549][T21461] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  795.344126][T21461] overlayfs: missing 'lowerdir'
[  795.386011][T19363] bond3 (unregistering): Released all slaves
[  795.474862][T19363] bond4 (unregistering): Released all slaves
[  795.573489][T19363] : left promiscuous mode
[  795.704527][T21412] hsr_slave_0: entered promiscuous mode
[  795.707961][T21412] hsr_slave_1: entered promiscuous mode
[  795.718293][T21412] debugfs: 'hsr0' already exists in 'hsr'
[  795.720449][T21412] Cannot create hsr debugfs directory
[  795.749955][T19363] tipc: Left network mode
[  795.784701][T19363] IPVS: stopping master sync thread 16718 ...
[  795.990064][T21465] syzkaller0: entered promiscuous mode
[  795.994806][T21465] syzkaller0: entered allmulticast mode
[  796.391281][T14376] Bluetooth: hci2: command tx timeout
[  797.698717][T21487] syzkaller0: entered promiscuous mode
[  797.700874][T21487] syzkaller0: entered allmulticast mode
[  798.474451][T14376] Bluetooth: hci2: command tx timeout
[  799.534380][T21515] syzkaller0: entered promiscuous mode
[  799.536598][T21515] syzkaller0: entered allmulticast mode
[  799.622085][T21526] overlayfs: missing 'lowerdir'
[  799.737044][T21528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4299'.
[  800.556442][T14376] Bluetooth: hci2: command tx timeout
[  800.977007][T19363] hsr_slave_0: left promiscuous mode
[  800.979203][T19363] hsr_slave_1: left promiscuous mode
[  800.981260][T19363] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  800.983573][T19363] batman_adv: batadv0: Removing interface: batadv_slave_0
[  800.986308][T19363] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  800.988742][T19363] batman_adv: batadv0: Removing interface: batadv_slave_1
[  800.991424][T19363] batman_adv: batadv0: Removing interface: dummy0
[  800.999651][T19363] veth1_macvtap: left promiscuous mode
[  801.001545][T19363] veth0_macvtap: left promiscuous mode
[  801.003346][T19363] veth1_vlan: left promiscuous mode
[  801.005188][T19363] veth0_vlan: left promiscuous mode
[  801.309453][   T29] libceph: connect (1)[c::]:6789 error -101
[  801.311470][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  801.314451][   T29] libceph: connect (1)[c::]:6789 error -101
[  801.316732][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  801.351805][T21542] ceph: No mds server is up or the cluster is laggy
[  801.818865][T19626] infiniband syzD: ib_query_port failed (-19)
[  801.830889][T21412] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  801.840474][T21412] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  801.848624][T21412] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  801.858993][T21412] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  801.931989][T21412] 8021q: adding VLAN 0 to HW filter on device bond0
[  801.941431][T21412] 8021q: adding VLAN 0 to HW filter on device team0
[  801.946442][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  801.948718][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  801.954770][ T1185] bridge0: port 2(bridge_slave_1) entered blocking state
[  801.957039][ T1185] bridge0: port 2(bridge_slave_1) entered forwarding state
[  802.133934][T21412] 8021q: adding VLAN 0 to HW filter on device batadv0
[  802.258109][T19363] IPVS: stop unused estimator thread 0...
[  802.377452][T21412] veth0_vlan: entered promiscuous mode
[  802.383047][T21412] veth1_vlan: entered promiscuous mode
[  802.410137][T21412] veth0_macvtap: entered promiscuous mode
[  802.421905][T21412] veth1_macvtap: entered promiscuous mode
[  802.443855][T21412] batman_adv: batadv0: Interface activated: batadv_slave_0
[  802.459735][T21412] batman_adv: batadv0: Interface activated: batadv_slave_1
[  802.473777][ T1153] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  802.477433][ T1153] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  802.480206][ T1153] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  802.482955][ T1153] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  802.518965][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  802.524955][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  802.538805][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  802.542540][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  802.769242][T21602] mkiss: ax0: crc mode is auto.
[  802.780606][ T6006] hid_parser_main: 5 callbacks suppressed
[  802.780623][ T6006] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  802.829298][ T6369] IPVS: starting estimator thread 0...
[  802.853357][ T6006] hid-generic 0000:0000:0000.0006: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  802.901812][T21605] fido_id[21605]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  802.925247][T21604] IPVS: using max 43 ests per chain, 103200 per kthread
[  803.208005][T21613] dlm: no local IP address has been set
[  803.209915][T21613] dlm: cannot start dlm midcomms -107
[  803.502454][T21627] netlink: 'syz.2.4316': attribute type 29 has an invalid length.
[  803.504652][T21627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4316'.
[  803.573097][T21628] ceph: No mds server is up or the cluster is laggy
[  803.575727][   T29] libceph: connect (1)[c::]:6789 error -101
[  803.577707][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  804.185183][T21648] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  804.534212][T21659] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4324'.
[  804.542747][T21659] bridge_slave_0: left allmulticast mode
[  804.544582][T21659] bridge_slave_0: left promiscuous mode
[  804.552701][T21659] bridge0: port 1(bridge_slave_0) entered disabled state
[  804.589234][T21659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4324'.
[  805.233266][   T40] kauditd_printk_skb: 603 callbacks suppressed
[  805.233284][   T40] audit: type=1400 audit(1062.038:5976): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=AAAAAAAAAA pid=21673 comm="syz.3.4327"
[  805.234523][T21674] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4327'.
[  805.977434][T19626] libceph: connect (1)[c::]:6789 error -101
[  805.979477][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  806.021662][T21691] ceph: No mds server is up or the cluster is laggy
[  806.418815][T21698] lo speed is unknown, defaulting to 1000
[  806.445366][T21698] lo speed is unknown, defaulting to 1000
[  806.977379][T21716] syzkaller0: entered promiscuous mode
[  806.979943][T21716] syzkaller0: entered allmulticast mode
[  807.044204][T21717] lo speed is unknown, defaulting to 1000
[  808.762892][T21717] lo speed is unknown, defaulting to 1000
[  808.763667][T21731] ip6gretap0: left promiscuous mode
[  808.767282][T21731] ip6gretap0: left allmulticast mode
[  809.669942][T21754] ceph: No mds server is up or the cluster is laggy
[  809.803974][T19626] libceph: connect (1)[c::]:6789 error -101
[  809.807060][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  812.118267][T21800] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4361'.
[  812.120747][  T843] libceph: connect (1)[c::]:6789 error -101
[  812.123394][  T843] libceph: mon0 (1)[c::]:6789 connect error
[  812.158887][T21794] ceph: No mds server is up or the cluster is laggy
[  812.415956][  T843] libceph: connect (1)[c::]:6789 error -101
[  812.417997][  T843] libceph: mon0 (1)[c::]:6789 connect error
[  812.447215][T21810] netlink: 'syz.1.4362': attribute type 29 has an invalid length.
[  812.450078][T21810] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4362'.
[  812.463734][T21799] ceph: No mds server is up or the cluster is laggy
[  812.931601][T21818] fuse: Unknown parameter 'user_id00000000000000000000'
[  812.935445][T21818] kAFS: unable to lookup cell 'Þ({^ú@'
[  813.372342][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  813.955685][T21774] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  814.706026][T19626] libceph: connect (1)[c::]:6789 error -101
[  814.709517][T21875] ceph: No mds server is up or the cluster is laggy
[  814.714453][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  814.899593][T21882] syzkaller0: entered promiscuous mode
[  814.902082][T21882] syzkaller0: entered allmulticast mode
[  815.096963][T21884] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4376'.
[  815.379530][T21889] slcan: can't register candev
[  816.284967][T21904] netlink: 188 bytes leftover after parsing attributes in process `syz.4.4381'.
[  816.625955][T19626] libceph: connect (1)[c::]:6789 error -101
[  816.629690][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  816.651102][T21909] ceph: No mds server is up or the cluster is laggy
[  816.994683][T21888] lo speed is unknown, defaulting to 1000
[  816.997875][T21888] lo speed is unknown, defaulting to 1000
[  819.395618][ T6369] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  819.545646][ T6369] usb 6-1: Using ep0 maxpacket: 32
[  819.553968][ T6369] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  819.559624][ T6369] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  819.562499][ T6369] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  819.567397][ T6369] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  819.574090][ T6369] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  819.578103][ T6369] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  819.585625][ T6369] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  819.595623][ T6369] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  819.600062][ T6369] usb 6-1: config 0 descriptor??
[  819.807385][T21963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  819.811687][T21963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  819.842846][ T6369] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  819.851864][ T6369] usb 6-1: USB disconnect, device number 14
[  819.860694][ T6369] usblp0: removed
[  820.297220][ T6003] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  820.476369][ T6003] usb 6-1: Using ep0 maxpacket: 32
[  820.480176][ T6003] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  820.483778][ T6003] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  820.487681][ T6003] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  820.490514][ T6003] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  820.493861][ T6003] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  820.497799][ T6003] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  820.502830][ T6003] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  820.506453][ T6003] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.511370][ T6003] usb 6-1: config 0 descriptor??
[  820.728422][ T6003] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 15 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  822.647791][T14376] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  822.653176][T14376] Bluetooth: hci2: Injecting HCI hardware error event
[  822.655333][   T29] usb 6-1: USB disconnect, device number 15
[  822.657903][T14376] Bluetooth: hci2: hardware error 0x00
[  822.660854][   T29] usblp0: removed
[  823.345630][T22007] netlink: 'syz.1.4405': attribute type 10 has an invalid length.
[  823.354535][T22007] 8021q: adding VLAN 0 to HW filter on device team0
[  823.358042][T22007] bond0: (slave team0): Enslaving as an active interface with an up link
[  824.500906][T22026] ceph: No mds server is up or the cluster is laggy
[  824.511555][T19626] libceph: connect (1)[c::]:6789 error -101
[  824.513792][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  824.729165][T14376] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  825.742266][T19626] libceph: connect (1)[c::]:6789 error -101
[  825.744728][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  825.776238][T22041] ceph: No mds server is up or the cluster is laggy
[  826.424481][T19626] libceph: connect (1)[c::]:6789 error -101
[  826.427248][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  826.501441][T22062] ceph: No mds server is up or the cluster is laggy
[  826.628214][T22066] bridge_slave_0: default FDB implementation only supports local addresses
[  827.157362][T19626] libceph: connect (1)[c::]:6789 error -101
[  827.159645][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  827.284246][T22071] ceph: No mds server is up or the cluster is laggy
[  827.799007][T22096] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  827.802424][T22096] block device autoloading is deprecated and will be removed.
[  828.106148][   T40] audit: type=1326 audit(1084.894:5977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.129644][T22102] fuse: Unknown parameter 'group_id00000000000000000000'
[  828.143060][   T40] audit: type=1326 audit(1084.894:5978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.150543][   T40] audit: type=1326 audit(1084.904:5979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.161505][   T40] audit: type=1326 audit(1084.904:5980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.190744][   T40] audit: type=1326 audit(1084.904:5981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.205947][   T40] audit: type=1326 audit(1084.904:5982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.219886][   T40] audit: type=1326 audit(1084.904:5983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.235259][   T40] audit: type=1326 audit(1084.904:5984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.247316][   T40] audit: type=1326 audit(1084.904:5985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.265335][   T40] audit: type=1326 audit(1084.904:5986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22099 comm="syz.2.4430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000
[  828.664697][T22106] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4431'.
[  828.727022][T22108] fuse: Unknown parameter 'ÿÿÿÿÿÿ'
[  828.730637][T22108] 9p: Bad value for 'rfdno'
[  828.843833][   T90] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  828.963801][   T90] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.000952][ T5944] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  829.009996][ T5944] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  829.021723][ T5944] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  829.072648][ T5944] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  829.075416][ T5944] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  829.139805][   T90] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.155853][T22123] lo speed is unknown, defaulting to 1000
[  829.159623][T22123] lo speed is unknown, defaulting to 1000
[  829.398083][   T90] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.490615][T22123] chnl_net:caif_netlink_parms(): no params data found
[  829.519632][T19626] libceph: connect (1)[c::]:6789 error -101
[  829.521853][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  829.551057][T22135] ceph: No mds server is up or the cluster is laggy
[  829.651984][T22123] bridge0: port 1(bridge_slave_0) entered blocking state
[  829.654308][T22123] bridge0: port 1(bridge_slave_0) entered disabled state
[  829.656914][T22123] bridge_slave_0: entered allmulticast mode
[  829.660485][T22123] bridge_slave_0: entered promiscuous mode
[  829.663892][   T90] bridge_slave_1: left allmulticast mode
[  829.665715][   T90] bridge_slave_1: left promiscuous mode
[  829.668103][   T90] bridge0: port 2(bridge_slave_1) entered disabled state
[  829.894688][T22144] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4442'.
[  830.122427][   T90] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  830.127937][   T90] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  830.133712][   T90] bond0 (unregistering): Released all slaves
[  830.140725][T22123] bridge0: port 2(bridge_slave_1) entered blocking state
[  830.144588][T22123] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.147728][T22123] bridge_slave_1: entered allmulticast mode
[  830.151709][T22123] bridge_slave_1: entered promiscuous mode
[  830.199707][T22146] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4442'.
[  830.264187][T22123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  830.271143][T22123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  830.332585][T22153] netlink: 'syz.2.4444': attribute type 1 has an invalid length.
[  830.350053][T22123] team0: Port device team_slave_0 added
[  830.365823][T22123] team0: Port device team_slave_1 added
[  830.403629][T22153] 8021q: adding VLAN 0 to HW filter on device bond6
[  830.425545][T22154] bond6: (slave gretap4): making interface the new active one
[  830.430372][T22154] bond6: (slave gretap4): Enslaving as an active interface with an up link
[  830.434375][T22153] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4444'.
[  830.448427][T22123] batman_adv: batadv0: Adding interface: batadv_slave_0
[  830.451416][T22123] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  830.462530][T22123] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  830.581290][T22153] bond6 (unregistering): (slave gretap4): Releasing active interface
[  830.592891][T22153] bond6 (unregistering): Released all slaves
[  830.640046][T22123] batman_adv: batadv0: Adding interface: batadv_slave_1
[  830.643109][T22123] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  830.654282][T22123] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  830.720612][T22172] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  830.782285][T22123] hsr_slave_0: entered promiscuous mode
[  830.786837][T22123] hsr_slave_1: entered promiscuous mode
[  830.789718][T22123] debugfs: 'hsr0' already exists in 'hsr'
[  830.792128][T22123] Cannot create hsr debugfs directory
[  830.798101][   T90] hsr_slave_0: left promiscuous mode
[  830.800781][   T90] hsr_slave_1: left promiscuous mode
[  830.803555][   T90] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  830.806727][   T90] batman_adv: batadv0: Removing interface: batadv_slave_0
[  830.812026][   T90] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  830.815392][   T90] batman_adv: batadv0: Removing interface: batadv_slave_1
[  830.832417][   T90] veth1_macvtap: left promiscuous mode
[  830.835016][   T90] veth0_macvtap: left promiscuous mode
[  830.838964][   T90] veth1_vlan: left promiscuous mode
[  830.841261][   T90] veth0_vlan: left promiscuous mode
[  831.142988][ T5944] Bluetooth: hci2: command tx timeout
[  831.227399][   T90] team0 (unregistering): Port device team_slave_1 removed
[  831.256524][   T90] team0 (unregistering): Port device team_slave_0 removed
[  831.628930][T22172] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  831.732270][T19626] libceph: connect (1)[c::]:6789 error -101
[  831.759266][T22184] ceph: No mds server is up or the cluster is laggy
[  831.792003][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  831.971994][T22172] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  832.079820][T22172] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  832.150829][T22123] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  832.158256][T22123] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  832.164937][T22123] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  832.171921][T22123] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  832.241811][   T13] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  832.246531][   T13] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  832.264362][   T46] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  832.281880][   T46] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  832.290326][   T90] IPVS: stop unused estimator thread 0...
[  832.315887][T22123] 8021q: adding VLAN 0 to HW filter on device bond0
[  832.328686][T22123] 8021q: adding VLAN 0 to HW filter on device team0
[  832.337839][T19966] bridge0: port 1(bridge_slave_0) entered blocking state
[  832.341297][T19966] bridge0: port 1(bridge_slave_0) entered forwarding state
[  832.349740][ T1185] bridge0: port 2(bridge_slave_1) entered blocking state
[  832.352631][ T1185] bridge0: port 2(bridge_slave_1) entered forwarding state
[  832.507896][T22123] 8021q: adding VLAN 0 to HW filter on device batadv0
[  832.642432][T22123] veth0_vlan: entered promiscuous mode
[  832.650213][T22123] veth1_vlan: entered promiscuous mode
[  832.665658][T22123] veth0_macvtap: entered promiscuous mode
[  832.670153][T22123] veth1_macvtap: entered promiscuous mode
[  832.678369][T22123] batman_adv: batadv0: Interface activated: batadv_slave_0
[  832.684696][T22123] batman_adv: batadv0: Interface activated: batadv_slave_1
[  832.690989][ T1153] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  832.695188][ T1153] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  832.698816][ T1153] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  832.702494][ T1153] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  832.747753][T19966] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  832.750437][T19966] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  832.762732][T19966] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  832.765371][T19966] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  833.214453][ T5944] Bluetooth: hci2: command tx timeout
[  833.234077][ T6330] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[  833.398711][ T6330] usb 10-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  833.403189][ T6330] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  833.408211][ T6330] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  833.412702][ T6330] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  833.417903][ T6330] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  833.426108][ T6330] usb 10-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  833.429990][ T6330] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  833.433299][ T6330] usb 10-1: Product: syz
[  833.435582][ T6330] usb 10-1: Manufacturer: syz
[  833.437559][ T6330] usb 10-1: SerialNumber: syz
[  833.441626][ T6330] usb 10-1: config 0 descriptor??
[  833.444552][T22233] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  833.451345][ T6330] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input24
[  834.149362][   T29] usb 10-1: USB disconnect, device number 2
[  834.801798][T22260] misc userio: The device must be registered before sending interrupts
[  835.142394][T19626] libceph: connect (1)[c::]:6789 error -101
[  835.146081][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  835.192481][T22270] ceph: No mds server is up or the cluster is laggy
[  835.299305][ T5944] Bluetooth: hci2: command tx timeout
[  836.089427][T22295] Bluetooth: MGMT ver 1.23
[  836.242537][  T830] libceph: connect (1)[c::]:6789 error -101
[  836.244616][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  836.265452][T22307] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4471'.
[  836.411846][T22303] ceph: No mds server is up or the cluster is laggy
[  837.376750][ T5944] Bluetooth: hci2: command tx timeout
[  837.499840][T19626] libceph: connect (1)[c::]:6789 error -101
[  837.502653][T19626] libceph: mon0 (1)[c::]:6789 connect error
[  837.581107][T22331] ceph: No mds server is up or the cluster is laggy
[  837.826240][T22340] i2c i2c-1: Invalid block write size 34
[  838.566121][T22345] raw_sendmsg: syz.1.4481 forgot to set AF_INET. Fix it!
[  838.694203][T22360] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4484'.
[  838.700154][T22360] batadv1: entered allmulticast mode
[  838.784648][T22368] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4483'.
[  838.860195][T22374] FAULT_INJECTION: forcing a failure.
[  838.860195][T22374] name failslab, interval 1, probability 0, space 0, times 0
[  838.874333][T22374] CPU: 2 UID: 0 PID: 22374 Comm: syz.1.4487 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  838.874354][T22374] Tainted: [L]=SOFTLOCKUP
[  838.874357][T22374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  838.874365][T22374] Call Trace:
[  838.874369][T22374]  <TASK>
[  838.874375][T22374]  dump_stack_lvl+0x100/0x190
[  838.874391][T22374]  should_fail_ex.cold+0x5/0xa
[  838.874411][T22374]  should_failslab+0xc2/0x120
[  838.874428][T22374]  __kmalloc_cache_noprof+0x80/0x810
[  838.874440][T22374]  ? rcu_is_watching+0x12/0xc0
[  838.874451][T22374]  ? vhost_task_create+0xee/0x370
[  838.874468][T22374]  ? trace_contention_end+0xd6/0x110
[  838.874485][T22374]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  838.874505][T22374]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  838.874523][T22374]  ? vhost_task_create+0xee/0x370
[  838.874539][T22374]  vhost_task_create+0xee/0x370
[  838.874557][T22374]  ? __pfx_vhost_task_create+0x10/0x10
[  838.874574][T22374]  ? register_lock_class+0x40/0x560
[  838.874594][T22374]  ? __pfx_vhost_task_fn+0x10/0x10
[  838.874613][T22374]  ? __pfx___mutex_lock+0x10/0x10
[  838.874632][T22374]  kvm_mmu_post_init_vm+0x1b3/0x370
[  838.874648][T22374]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  838.874663][T22374]  ? kvm_vcpu_ioctl+0x150f/0x16d0
[  838.874689][T22374]  kvm_vcpu_ioctl+0x730/0x16d0
[  838.874702][T22374]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  838.874714][T22374]  ? tomoyo_path_number_perm+0x188/0x580
[  838.874732][T22374]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  838.874754][T22374]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  838.874767][T22374]  ? do_vfs_ioctl+0x226/0x13e0
[  838.874785][T22374]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  838.874813][T22374]  kvm_vcpu_compat_ioctl+0x20f/0x3c0
[  838.874825][T22374]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  838.874836][T22374]  ? __fget_files+0x21f/0x3d0
[  838.874851][T22374]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  838.874863][T22374]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  838.874883][T22374]  __do_fast_syscall_32+0xde/0x660
[  838.874900][T22374]  do_fast_syscall_32+0x32/0x70
[  838.874914][T22374]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  838.874929][T22374] RIP: 0023:0xf7fc4579
[  838.874938][T22374] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  838.874949][T22374] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  838.874960][T22374] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  838.874967][T22374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  838.874973][T22374] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  838.874980][T22374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  838.874986][T22374] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  838.875001][T22374]  </TASK>
[  839.077990][T22387] netlink: 14 bytes leftover after parsing attributes in process `syz.2.4490'.
[  839.082039][T22387] hsr_slave_0: left promiscuous mode
[  839.085125][T22387] hsr_slave_1: left promiscuous mode
[  839.304493][T22388] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4490'.
[  839.451038][T22396] netlink: 'syz.5.4493': attribute type 3 has an invalid length.
[  839.454399][T22396] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4493'.
[  839.682640][T22399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4494'.
[  840.155038][T22425] ceph: No mds server is up or the cluster is laggy
[  840.631735][   T29] libceph: connect (1)[c::]:6789 error -101
[  840.634031][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  840.845531][T22443] syzkaller1: entered promiscuous mode
[  840.847900][T22443] syzkaller1: entered allmulticast mode
[  841.558221][T22458] netlink: 'syz.3.4509': attribute type 1 has an invalid length.
[  841.586624][T11516] libceph: connect (1)[c::]:6789 error -101
[  841.589506][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  841.591647][T22454] ceph: No mds server is up or the cluster is laggy
[  841.629727][T22460] 
[  841.630592][T22460] ======================================================
[  841.633067][T22460] WARNING: possible circular locking dependency detected
[  841.635937][T22460] syzkaller #0 Tainted: G             L     
[  841.638681][T22460] ------------------------------------------------------
[  841.641556][T22460] syz.3.4509/22460 is trying to acquire lock:
[  841.644013][T22460] ffff88806ad2ba98 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}, at: lookup_slow+0x42/0x70
[  841.648133][T22460] 
[  841.648133][T22460] but task is already holding lock:
[  841.651207][T22460] ffff88804cde2888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  841.655104][T22460] 
[  841.655104][T22460] which lock already depends on the new lock.
[  841.655104][T22460] 
[  841.659391][T22460] 
[  841.659391][T22460] the existing dependency chain (in reverse order) is:
[  841.663116][T22460] 
[  841.663116][T22460] -> #3 (&of->mutex){+.+.}-{4:4}:
[  841.666172][T22460]        __mutex_lock+0x1a2/0x1b90
[  841.668348][T22460]        kernfs_fop_write_iter+0x2c2/0x5f0
[  841.670559][T22460]        iter_file_splice_write+0x82b/0x10a0
[  841.672790][T22460]        do_splice+0x109c/0x1fd0
[  841.674796][T22460]        __do_splice+0x33b/0x370
[  841.676729][T22460]        __ia32_sys_splice+0x189/0x250
[  841.678881][T22460]        __do_fast_syscall_32+0xde/0x660
[  841.680741][T22460]        do_fast_syscall_32+0x32/0x70
[  841.682498][T22460]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  841.685218][T22460] 
[  841.685218][T22460] -> #2 (&pipe->mutex){+.+.}-{4:4}:
[  841.688291][T22460]        __mutex_lock+0x1a2/0x1b90
[  841.690462][T22460]        pipe_lock+0x69/0x80
[  841.692399][T22460]        iter_file_splice_write+0x1f8/0x10a0
[  841.694888][T22460]        do_splice+0x109c/0x1fd0
[  841.696803][T22460]        __do_splice+0x33b/0x370
[  841.698644][T22460]        __ia32_sys_splice+0x189/0x250
[  841.700767][T22460]        __do_fast_syscall_32+0xde/0x660
[  841.702574][T22460]        do_fast_syscall_32+0x32/0x70
[  841.704326][T22460]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  841.706490][T22460] 
[  841.706490][T22460] -> #1 (sb_writers#5){.+.+}-{0:0}:
[  841.709254][T22460]        mnt_want_write+0x6f/0x450
[  841.711331][T22460]        ovl_create_object+0x12b/0x3b0
[  841.713599][T22460]        lookup_open.isra.0+0x139b/0x1890
[  841.715917][T22460]        path_openat+0x117d/0x3120
[  841.717892][T22460]        do_filp_open+0x1f7/0x420
[  841.719767][T22460]        do_sys_openat2+0x12e/0x220
[  841.721446][T22460]        __ia32_compat_sys_open+0xfe/0x1c0
[  841.723368][T22460]        __do_fast_syscall_32+0xde/0x660
[  841.725326][T22460]        do_fast_syscall_32+0x32/0x70
[  841.727034][T22460]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  841.729267][T22460] 
[  841.729267][T22460] -> #0 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}:
[  841.731989][T22460]        __lock_acquire+0x14b8/0x2630
[  841.733761][T22460]        lock_acquire+0x17c/0x330
[  841.735360][T22460]        down_read+0x99/0x460
[  841.736883][T22460]        lookup_slow+0x42/0x70
[  841.738414][T22460]        path_lookupat+0x5e8/0xc40
[  841.740045][T22460]        filename_lookup+0x202/0x590
[  841.741677][T22460]        kern_path+0x35/0x50
[  841.743120][T22460]        lookup_bdev+0xd8/0x280
[  841.744776][T22460]        resume_store+0x1d6/0x460
[  841.746381][T22460]        kobj_attr_store+0x58/0x80
[  841.748027][T22460]        sysfs_kf_write+0xf2/0x150
[  841.749742][T22460]        kernfs_fop_write_iter+0x3e0/0x5f0
[  841.751582][T22460]        vfs_write+0x6ac/0x1070
[  841.753325][T22460]        ksys_write+0x12a/0x250
[  841.754924][T22460]        __do_fast_syscall_32+0xde/0x660
[  841.756776][T22460]        do_fast_syscall_32+0x32/0x70
[  841.758550][T22460]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  841.760766][T22460] 
[  841.760766][T22460] other info that might help us debug this:
[  841.760766][T22460] 
[  841.764017][T22460] Chain exists of:
[  841.764017][T22460]   &ovl_i_mutex_dir_key[depth] --> &pipe->mutex --> &of->mutex
[  841.764017][T22460] 
[  841.768259][T22460]  Possible unsafe locking scenario:
[  841.768259][T22460] 
[  841.770645][T22460]        CPU0                    CPU1
[  841.772390][T22460]        ----                    ----
[  841.774137][T22460]   lock(&of->mutex);
[  841.775462][T22460]                                lock(&pipe->mutex);
[  841.777609][T22460]                                lock(&of->mutex);
[  841.779754][T22460]   rlock(&ovl_i_mutex_dir_key[depth]);
[  841.781519][T22460] 
[  841.781519][T22460]  *** DEADLOCK ***
[  841.781519][T22460] 
[  841.783942][T22460] 4 locks held by syz.3.4509/22460:
[  841.785627][T22460]  #0: ffff88802367feb8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380
[  841.788554][T22460]  #1: ffff888044234420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  841.791425][T22460]  #2: ffff88804cde2888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  841.794567][T22460]  #3: ffff888040edb008 (kn->active#72){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  841.797804][T22460] 
[  841.797804][T22460] stack backtrace:
[  841.799702][T22460] CPU: 1 UID: 0 PID: 22460 Comm: syz.3.4509 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  841.799718][T22460] Tainted: [L]=SOFTLOCKUP
[  841.799722][T22460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  841.799733][T22460] Call Trace:
[  841.799739][T22460]  <TASK>
[  841.799745][T22460]  dump_stack_lvl+0x100/0x190
[  841.799760][T22460]  print_circular_bug.cold+0x178/0x1c7
[  841.799778][T22460]  check_noncircular+0x146/0x160
[  841.799797][T22460]  __lock_acquire+0x14b8/0x2630
[  841.799815][T22460]  lock_acquire+0x17c/0x330
[  841.799829][T22460]  ? lookup_slow+0x42/0x70
[  841.799845][T22460]  ? __pfx___might_resched+0x10/0x10
[  841.799862][T22460]  ? find_held_lock+0x2b/0x80
[  841.799873][T22460]  down_read+0x99/0x460
[  841.799888][T22460]  ? lookup_slow+0x42/0x70
[  841.799903][T22460]  ? __pfx_down_read+0x10/0x10
[  841.799916][T22460]  ? __d_lookup+0x266/0x4a0
[  841.799934][T22460]  lookup_slow+0x42/0x70
[  841.799950][T22460]  path_lookupat+0x5e8/0xc40
[  841.799961][T22460]  filename_lookup+0x202/0x590
[  841.799973][T22460]  ? __pfx_filename_lookup+0x10/0x10
[  841.799990][T22460]  ? getname_kernel+0x52/0x370
[  841.800006][T22460]  ? __asan_memcpy+0x3c/0x60
[  841.800018][T22460]  kern_path+0x35/0x50
[  841.800029][T22460]  lookup_bdev+0xd8/0x280
[  841.800039][T22460]  ? __pfx_lookup_bdev+0x10/0x10
[  841.800050][T22460]  ? __asan_memcpy+0x3c/0x60
[  841.800061][T22460]  resume_store+0x1d6/0x460
[  841.800078][T22460]  ? __pfx_resume_store+0x10/0x10
[  841.800096][T22460]  ? find_held_lock+0x2b/0x80
[  841.800107][T22460]  ? sysfs_file_kobj+0xe4/0x290
[  841.800119][T22460]  ? sysfs_file_kobj+0xe4/0x290
[  841.800131][T22460]  ? __pfx_resume_store+0x10/0x10
[  841.800148][T22460]  kobj_attr_store+0x58/0x80
[  841.800163][T22460]  ? __pfx_kobj_attr_store+0x10/0x10
[  841.800177][T22460]  sysfs_kf_write+0xf2/0x150
[  841.800190][T22460]  kernfs_fop_write_iter+0x3e0/0x5f0
[  841.800201][T22460]  ? __pfx_sysfs_kf_write+0x10/0x10
[  841.800214][T22460]  vfs_write+0x6ac/0x1070
[  841.800225][T22460]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  841.800237][T22460]  ? __pfx_vfs_write+0x10/0x10
[  841.800253][T22460]  ksys_write+0x12a/0x250
[  841.800264][T22460]  ? __pfx_ksys_write+0x10/0x10
[  841.800278][T22460]  __do_fast_syscall_32+0xde/0x660
[  841.800293][T22460]  do_fast_syscall_32+0x32/0x70
[  841.800307][T22460]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  841.800322][T22460] RIP: 0023:0xf7f72579
[  841.800331][T22460] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  841.800342][T22460] RSP: 002b:00000000f541550c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  841.800353][T22460] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  841.800360][T22460] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000
[  841.800366][T22460] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  841.800373][T22460] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  841.800379][T22460] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  841.800389][T22460]  </TASK>
[  841.899433][T11516] libceph: connect (1)[c::]:6789 error -101
[  841.926524][T11516] libceph: mon0 (1)[c::]:6789 connect error
[  841.967754][T22460] PM: Image not found (code -22)