last executing test programs:

1m51.886471157s ago: executing program 1 (id=2941):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, 0x0, 0x0)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000b80)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x26, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

1m51.870885779s ago: executing program 1 (id=2942):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x18, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="18ec420c7f9ad20000000000000000000000ffffff80e500020000000000c500fcff110000008500feffd10000009500"], &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)="ce89605a43b9e8a29e18354e0cac707858f9b0a4531100", 0x17}, 0x1, 0x0, 0x0, 0x48054}, 0x20044806)
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
ioctl$IOC_PR_PREEMPT(r5, 0x401870cb, &(0x7f0000000800)={0x3000000000000000, 0x40e, 0x6, 0x3})
r6 = socket(0x10, 0x3, 0x0)
open$dir(&(0x7f00000003c0)='./file0\x00', 0x4000, 0x2)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'gretap0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x7}, {0xfff1, 0xffff}, {0x0, 0xd}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x1ff}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r8 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
connect$bt_rfcomm(r8, &(0x7f0000000040)={0x1f, @none, 0x2}, 0xa)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
lchown(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)

1m47.951865592s ago: executing program 1 (id=2953):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="780000000001010400000000141a000002000010240001801400018008000100e000000108000200e00000010c0002800500010000000000240002801400018008000100ac1414aa08000200ac1414bb0c00028005000100000000000800074000000001"], 0x78}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x1f00, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="780000000001010400000000141a000002000010240001801400018008000100e000000108000200e00000010c0002800500010000000000240002801400018008000100ac1414aa08000200ac1e00010c000280050001000000000008000740000000010b0016"], 0x78}}, 0x0)

1m47.876932704s ago: executing program 1 (id=2954):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e21}, 0x19)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000800)='./file0\x00', 0x44)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1)
r4 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
openat$fuse(0xffffff9c, &(0x7f00000007c0), 0x2, 0x0)
ioctl$PTP_PIN_SETFUNC2(0xffffffffffffffff, 0x40603d10, &(0x7f00000002c0)={'\x00', 0x8, 0x1, 0x64})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x3fb, 0x7fff})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)={0x28, 0x3d, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0x8, 0x200c, 0x0, 0x0, @uid}, @nested={0xc, 0x16, 0x0, 0x1, [@nested={0x8, 0x4f, 0x0, 0x1, [@typed={0x4, 0xd0, 0x0, 0x0, @binary}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x42804}, 0x0)

1m45.94011631s ago: executing program 1 (id=2957):
r0 = fsopen(&(0x7f0000000080)='erofs\x00', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)=ANY=[@ANYRESOCT=r1, @ANYRES16=r2, @ANYBLOB="00f5a98db22025ec1cf7ffb34de6551557132ffa4e1f60b6b54d2d2db8eeae", @ANYRES32=r3, @ANYBLOB="1d"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x880)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4cc, 0x33c, 0x150, 0x150, 0x33c, 0xf8010000, 0x404, 0x238, 0x238, 0x404, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xa}}, [], [], 'team_slave_0\x00', 'hsr0\x00', {}, {}, 0x84}, 0x0, 0x214, 0x33c, 0x0, {}, [@common=@unspec=@mark={{0x2c}, {0x9, 0x9}}, @common=@inet=@sctp={{0x144}, {[], [], [0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000], 0x6, [], 0xfffffffe, 0x6}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x8, 'system_u:object_r:udev_var_run_t:s0\x00'}}}, {{@ipv6={@empty, @mcast1, [0x0, 0x0, 0x0, 0xffffffff], [], 'tunl0\x00', 'gre0\x00', {}, {}, 0x87}, 0x0, 0xa4, 0xc8}, @common=@inet=@SYNPROXY={0x24, 'SYNPROXY\x00', 0x0, {0x0, 0x9}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x528)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000480)={0x400, 0x8}, 0x10)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x101})
openat$rdma_cm(0xffffff9c, &(0x7f0000000800), 0x2, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000001100)=[@increfs], 0x0, 0x0, 0x0})
r8 = dup3(r7, r6, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$TCSETS2(r8, 0x402c542b, &(0x7f0000000200)={0xffffff80, 0x2, 0x100, 0x0, 0x1e, "a66b65478d3ac719ad1988d6c9ae64f3ee8478", 0x3, 0x9a})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100a, 0x1})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
r9 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x7, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB="6a0ac4ff000010427110a900000000950042000000000000000000"], &(0x7f0000000480)='GPL\x00'}, 0x94)
ioctl$UI_ABS_SETUP(r9, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0x0, 0x0, 0x0, 0x6}})
write$uinput_user_dev(r9, &(0x7f0000000380)={'syz0\x00', {0xff, 0x6, 0x7fff, 0x8d5}, 0x24, [0x10000, 0xeba, 0x3, 0xe6a, 0x8, 0x1, 0x5, 0x7ff, 0x54, 0x7fffdfff, 0x2, 0xc, 0x8, 0x9, 0x9, 0xfffffff5, 0x7, 0x40000, 0xa, 0x23, 0x2, 0x0, 0x3ff, 0xfffffff2, 0x1, 0xda6, 0x3, 0xa7, 0xeb36, 0x96a, 0x9, 0x76c9, 0x200, 0x1, 0x1, 0x0, 0x5, 0x9, 0xf, 0xb, 0x10, 0x80000000, 0x9, 0xb50, 0x0, 0x800, 0x3, 0xffefffff, 0x7, 0xfffffffe, 0x5, 0x8, 0x24, 0x7fff, 0x8, 0x1, 0x200, 0x100000, 0x0, 0x7f, 0x964e, 0x2d5, 0x149, 0x1], [0x4b1a3e4b, 0xfffffff9, 0x4, 0x800, 0x8e, 0x7, 0x142, 0x9, 0x4, 0x2, 0x0, 0x7, 0x6, 0x8001, 0x9, 0x8, 0x8, 0xffff, 0x40, 0x7ff, 0x7ff, 0x5, 0xa, 0xc00, 0x89, 0x7ff, 0x0, 0x1, 0xfffffff7, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x6, 0x0, 0x4, 0x4c, 0x9, 0x8, 0x5, 0xe66, 0x8, 0x2, 0x81, 0x4b, 0x80, 0x6, 0xb, 0x4004, 0x9, 0x1, 0x8d1, 0x8fd, 0xfffffffa, 0xe0, 0x8e, 0x10001, 0x4, 0x100, 0xade, 0x7f, 0x9], [0x8396, 0x5, 0x6, 0x9, 0x8000, 0x1, 0x9, 0xe88, 0xc7, 0x6, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8000, 0x7, 0x3, 0x6, 0x4000005, 0x3, 0x800, 0x2, 0x3, 0x0, 0x2, 0x2, 0xc, 0x5, 0xb0f, 0x1e, 0x1, 0x800, 0x8, 0x9, 0x800, 0x4, 0xfffffff7, 0x4, 0xe, 0x6, 0x6, 0x2e7, 0x7ff, 0x1ff, 0x6, 0x87ff, 0x2, 0x7fffffff, 0xffffffff, 0x4, 0x81, 0xd5d, 0xa0c7881, 0xffffff4e, 0x9, 0x4, 0x40, 0x3, 0x0, 0x1fc1, 0x9, 0x1, 0x8001], [0x10000010, 0x7, 0x9, 0x2, 0xa5e, 0xfe, 0xff, 0x3, 0x80000000, 0x0, 0xe, 0x9, 0x204, 0x7, 0x7, 0x0, 0xfffffffd, 0xfffffff8, 0xc, 0x4, 0x3, 0x103, 0x6, 0xcc, 0x6, 0x4000400, 0xffffffff, 0xfffffffd, 0x40, 0x80000000, 0x9, 0x7, 0xfff, 0x40, 0x9, 0x0, 0x9, 0x1, 0x0, 0x7, 0x8ac1, 0x3, 0x4, 0x80000000, 0x80000002, 0xff, 0x40000006, 0x3, 0xfffff801, 0xffffffff, 0x37d, 0xfffffff8, 0xd, 0x7, 0xd, 0x9, 0x6eaf, 0x0, 0x3, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c)
ioctl$UI_SET_EVBIT(r9, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r9, 0x5501)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r5)
write(r5, &(0x7f0000000100)="1800000016005f0214fffffffffffff80700000023000000", 0x18)

1m45.425077441s ago: executing program 1 (id=2961):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1, &(0x7f0000000100)=0x8, 0x4)
r1 = socket(0x1, 0x5, 0x20103)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r2, 0x104, 0x2, &(0x7f00000002c0)=0x6, 0x4)
setsockopt$inet_int(r1, 0x0, 0x15, &(0x7f0000000340)=0xd1, 0x4)

1m45.379073131s ago: executing program 32 (id=2961):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1, &(0x7f0000000100)=0x8, 0x4)
r1 = socket(0x1, 0x5, 0x20103)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r2, 0x104, 0x2, &(0x7f00000002c0)=0x6, 0x4)
setsockopt$inet_int(r1, 0x0, 0x15, &(0x7f0000000340)=0xd1, 0x4)

1m5.196081754s ago: executing program 3 (id=3095):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bond\x00', <r1=>0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
shutdown(r4, 0x0)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x7ff, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x47b, 0x2)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$mixer_OSS_GETVERSION(r5, 0x80086303, &(0x7f0000000180))
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
mknod(&(0x7f0000000100)='./file0\x00', 0x8, 0xd)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000140)={0x1, 0x0, [{0x276, 0x0, 0xe6}]})
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r9, 0x0, 0x60, &(0x7f0000000780)={'filter\x00', 0x7, 0x4, 0x410, 0x218, 0x0, 0x108, 0x328, 0x328, 0x328, 0x4, 0x0, {[{{@uncond, 0xfffffffffffffed3, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6af, 'syz1\x00', {0xed}}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @remote, @broadcast, 0x8, 0xffffffff}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x10}, @local, 0xffffff00, 0xffffff00, 0x1, 0xe, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}, {[0x0, 0x0, 0xff, 0xff, 0x0, 0xff]}}, {@mac, {[0x0, 0x0, 0xff, 0x0, 0xff, 0xff]}}, 0x90, 0x9, 0x0, 0x6, 0x9, 0x7, 'veth0_to_bridge\x00', 'gretap0\x00', {}, {0xff}, 0x0, 0x33}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random, @mac=@broadcast, @broadcast, @loopback, 0xf}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x47b)
getpriority(0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000010c0)=@newqdisc={0x38, 0x24, 0xf0b, 0xfff1, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x2}}, @TCA_RATE={0x6}]}, 0x38}}, 0x4000)

1m3.63623301s ago: executing program 3 (id=3101):
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400c0, 0x80)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(0x0, 0x8fff5)
r1 = syz_clone(0x30a400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xf6ff, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1, r1}}, 0x40)

1m3.446436627s ago: executing program 3 (id=3102):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000000)={r1, 0xffaf}, 0x8)

1m3.31577723s ago: executing program 2 (id=3106):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
openat$apparmor_thread_exec(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x841, &(0x7f00000001c0)={0x11, 0x8100, 0x0, 0x1, 0xd8, 0x6, @broadcast}, 0x14)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000140)={0x11, 0x8100, r1}, 0x14)

1m2.763108108s ago: executing program 2 (id=3108):
r0 = eventfd(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x1, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r6, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x4, @multicast}, 0x10)
sendmmsg(r6, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000380)={0x0, &(0x7f0000000100)})
io_uring_enter(r4, 0x4e14, 0x913a, 0x41, 0x0, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0x1ff)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r8 = syz_open_dev$usbmon(&(0x7f0000000240), 0x8, 0x0)
mmap(&(0x7f00006c2000/0x1000)=nil, 0x1000, 0x5, 0x13, r8, 0x1e67e000)
ioctl$MON_IOCT_RING_SIZE(r8, 0x9204, 0xc397e)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
socket$inet_mptcp(0x2, 0x1, 0x106)

1m1.736101828s ago: executing program 3 (id=3113):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x904}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a3000000000d0000000160a01000000000000000000010000010900010073797a30000000000900020073797a3000000000a40003800800014000000000900003801400010076657468305f746f5f62617461647600140001006d6163766c616e3100000000000000002800010076657468310000000000000000000000140001006772653000000000000000000000000014000100776c616e3100000000000000000000001400010076657468315f766972745f77696669001400010076657468305f746f5f626f6e640000000800024000000006c8000000180a0101000b000000000000010000000900010073797a30000000009c0003800800014000000000900003801400010069703665727370616e300000000000001400010076657468305f6d61637674616ff7000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f30000000001400010063616966300000000000000000000000140001006d616373656330000000000000000000140001007465616d5f736c6176655f30000000000900020073797a3000000000140000001000010000000000000000000000000a"], 0x1e0}}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000340)={0x2, 0x0, 0x2, 0x8, r0})
clock_gettime(0x0, &(0x7f0000000280))
clock_gettime(0x0, &(0x7f00000002c0))
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0xa20, 0x0, 0x11, 0x148, 0xb8, 0x0, 0x98c, 0x2a8, 0x2a8, 0x98c, 0x2a8, 0x3, 0x0, {[{{@ip={@rand_addr=0x64010102, @multicast2, 0x0, 0xff000000, 'wg1\x00', 'ip6tnl0\x00', {}, {}, 0x67, 0x3, 0x2}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x7fffffff, {0x8000}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, 0xff, 'vlan0\x00', 'netdevsim0\x00', {}, {}, 0x0, 0x1}, 0x0, 0x874, 0x8d4, 0x0, {}, [@common=@ttl={{0x24}, {0x2, 0x40}}, @common=@unspec=@u32={{0x7e0}, {[{[{0xff}, {0x5a4, 0x1}, {0xa1, 0x3}, {0xfff, 0x1}, {0x40, 0x2}, {0x1ff, 0x3}, {0x6, 0x3}, {0x81, 0x2}, {0x9, 0x2}, {0x7fffffff, 0x2}, {0x23, 0x2}], [{0x1, 0x9}, {0x404, 0x2}, {0x0, 0x7}, {0x1, 0x3ff}, {0x6, 0x9}, {0x7ff, 0x4}, {0x0, 0x5}, {0x800, 0x5}, {0x80, 0x2}, {0xd, 0x7fff0}, {0xe, 0x2}], 0x9}, {[{0xfffffffe, 0x2}, {0xec, 0x2}, {0x0, 0x2}, {0x0, 0x3}, {0x3, 0x1}, {0x0, 0x1}, {0xadc}, {0x200}, {0x9}, {0x10001, 0x2}, {0x3, 0x3}], [{0x3}, {0x0, 0x7bdded9}, {0x1, 0x1}, {0x6, 0x9}, {0xf, 0x5}, {0x7, 0x4}, {0x401, 0x1}, {0x1, 0x400}, {0xfb, 0xfffffffd}, {0xf8e, 0x1}, {0x8, 0xa}], 0x2, 0xa}, {[{0x2, 0x2}, {0x1}, {0x800}, {0x8, 0x3}, {0x6e, 0x2}, {0x2, 0x1}, {0x9, 0x3}, {0xe6, 0x1}, {0x0, 0x2}, {0x3, 0x3}, {0x1}], [{0x65, 0x8}, {0x7, 0x2}, {0x6, 0x8}, {0x3, 0x8}, {0x7, 0xe0}, {0x8, 0x4e}, {0x6, 0xe7d3}, {0x2, 0xef65}, {0x81e}, {0x1, 0x7fff}, {0x6, 0x100}], 0x1, 0x4}, {[{0x4, 0x2}, {0x400, 0x2}, {0x8, 0x2}, {0x260, 0x2}, {0x6}, {0x2, 0x2}, {0x9}, {0x1, 0x2}, {0x7, 0x2}, {0x7fffffff, 0x2}, {0x7}], [{0x1000, 0x4}, {0x6819, 0x3}, {0x80000000, 0xffff}, {0xd, 0x7}, {0x7fff, 0xfffffffc}, {0x101, 0x1000}, {0x1, 0xd0}, {0x29, 0x5}, {0x4, 0x7}, {0x40, 0xc2f1}, {0x7f, 0xebd}], 0xa, 0x6}, {[{0x2, 0x1}, {0x8, 0x1}, {0xe, 0x1}, {0x1, 0x1}, {0x3}, {0x2, 0x2}, {0x5, 0x1}, {0x10001}, {0x8, 0x1}, {0x1, 0x3}, {0xf, 0x3}], [{0x6, 0x4}, {0xd86, 0x9}, {0xa67c, 0x800}, {0x7, 0x8}, {0x1, 0x2}, {0xfffffffb, 0x8d}, {0x7}, {0x6, 0x80}, {0x9, 0x2}, {0x81, 0xb}, {0x8, 0x1}], 0x4, 0x7}, {[{0x6, 0x1}, {0x4}, {0x0, 0x2}, {0x4}, {0x3ff, 0x3}, {0xb135, 0x1}, {0xe4ab, 0x2}, {0x200, 0x2}, {0xa, 0x2}, {0x6}, {0x2, 0x2}], [{0x0, 0xa}, {0xa, 0x400}, {0x4, 0x9}, {0x8, 0x5}, {0x5, 0xb84}, {0x7, 0x9}, {0x300000, 0x1000}, {0x800, 0x4}, {0x5, 0x80}, {0x1, 0x3}, {0xa, 0x5}], 0x9, 0x8}, {[{0x5cae8a2b, 0x2}, {0x6, 0x3}, {0x58d8, 0x2}, {0x9c3, 0x1}, {0x5, 0x1}, {0x8}, {0x7}, {0x401, 0xc0875356c265fb1d}, {0x2, 0x2}, {0x6, 0x2}, {0x3}], [{0x3, 0x2}, {0x400, 0x3}, {0xfffffffd, 0xa}, {0xfffffffd, 0x5}, {0x80000001, 0x1}, {0x4, 0xf3}, {0xb}, {0x80000001, 0x3}, {0xc, 0x7}, {0xbaa6, 0x8}, {0x6ab60000, 0x4}], 0x4, 0xb}, {[{0x81}, {0x3}, {0x99, 0x1}, {0x7, 0x1}, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0x1}, {0x2, 0x2}, {0x4, 0x1}, {0x3}, {0x6c, 0x2}], [{0x8, 0x40}, {0x1, 0xe140}, {0x5, 0x1}, {0x3, 0x2}, {0x6, 0x7}, {0x2, 0x3}, {0x40, 0x80000000}, {0x5, 0x8}, {0x4, 0x2}, {0xffffffff, 0xffffffff}, {0x3, 0x41}], 0x2, 0x8}, {[{0x8}, {0xc}, {0x0, 0x3}, {0x4, 0x1}, {0x1, 0x1}, {0x2, 0x3}, {0x5, 0x1}, {0x4}, {0x7, 0x2}, {0x8, 0x3}, {0x3}], [{0x4ff4, 0xfff}, {0x4, 0x6}, {0x7f4c, 0x9}, {0x8, 0x7fff}, {0x80000001, 0x401}, {0x9}, {0x7f, 0x1}, {0xfa, 0x8}, {0xce, 0x4}, {0xc131, 0x2}, {0x6}], 0x5, 0xa}, {[{0x80, 0x1}, {0x6, 0x1}, {0x101, 0x1}, {0x9, 0x1}, {0x5, 0x1}, {0x7ff, 0x2}, {0x6, 0x1}, {0x7, 0x3}, {0x6}, {0xa, 0x3}, {0x0, 0x2}], [{0xe000000, 0x3f2d}, {0x80000000, 0x1}, {0x7, 0x4}, {0x3, 0x8}, {0xa, 0xfffffffb}, {0x2b, 0xfffffff1}, {0x8, 0x601c}, {0x1, 0x682d69b7}, {0x4, 0x38000000}, {0x9, 0xb}, {0x7, 0x4}], 0x9, 0x8}, {[{0x800, 0x3}, {0xd02b, 0x3}, {0x9, 0x3}, {0x0, 0x2}, {0x2, 0x2}, {0x8c, 0x2}, {0x3, 0x1}, {0x8000, 0x1}, {0xfffffffd}, {0x7, 0x2}], [{0x9, 0x200}, {0x8, 0x10001}, {0x2, 0x401}, {0x6}, {0x2, 0x7ff}, {0x9, 0xfffffffd}, {0x7957, 0x7eed}, {0x7, 0x2}, {0x6}, {0x4, 0x1000}, {0xfffffff7, 0x9}], 0x1, 0x3}], 0x0, 0x8}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x5, 0x3, 0x0, 0x6, 0x1], 0x1, 0x1}, {0x1, [0x1, 0x0, 0x0, 0x4, 0x1, 0x3], 0x0, 0x1}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0xa7c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip6gre0\x00'})
r5 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0)
ioctl$FBIOBLANK(r5, 0x4611, 0x2)
r6 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0)
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f00000003c0), 0x2214000, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}})

1m1.66661428s ago: executing program 2 (id=3115):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x60300, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001b40)={&(0x7f0000001980)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000003000000010000000100000ff80000000000000003000000ffffffff4d36550f000000b5005f00"], 0x0, 0x43, 0x0, 0x1, 0x5}, 0x28)
io_setup(0x6, &(0x7f0000001380)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0x8000, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0xc0686611, &(0x7f0000000180)={0x900, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000df000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000005d040200000000001d400500000000002004000001ed000062030000000000f53e440000000000007a0a00fe00ffffffc3030000f1000000b500feff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c500000057bd81cb2af0b176275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e5b5b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb9134658fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9a958f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f94fefe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1adaec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b209c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e924d6b1594af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e70300000000000000fee18a22da19fcdb4c2890cda1f96b952511e34cb14ea4a10a6f1dbaa69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca485683252b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a0032f37ff559be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee07751532d5e7d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e2fa3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde20300accc5bd40a2968b59c93d35f8e42366fdef907000000f01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e015cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933f638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb581012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18fa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00000000000000003542591d17b5e8d9be772914cf4e3129e7929aa238bd99c3ddd895e33d8cf6c3d6cc883f0319aec94fb4cffde7a6d1fa1bcc03ead3912c2a68ca172adf3f9417207ea83d03a108d2ae15ee38c06dc98a0d1696b7c7fe142440776889154a93888972462439ae33b24c90e13c8f80d4e32716e96825d7bbdd97e4bae368d009b4611619a778f547fa1c92cc656a89728a6a1758b98fd27e1f5e1b446506d8947ca82bac7c2f00000000000000000000003dd9dac6793d963491130ba0a8c9fefff611e292c7829ad1fb9a212d8679d76cf478897127b382dc5338029dd965ba162756ed3638cd2b5d399c89f1a4a92a2ad903111624217fa9951f685be3ac760d81070e3227eceb52c8a2445cb518c38686fe36a688b2bdf85bd21f29240967c16fe368158d83ba67d0df67bfadd3ed52c5e715a774b1b8ccc83c3a00000000000000000000000aec7c50133b40e3af6736fb4421043644bdf8bd79728192ec9a63afad4af6855275278a39a040c0bab3a2fdeecef169b3ef66bad67d6866986d2900b73ebc0a5179b79d7008a5ae749c78888d7d42cc111bc189753da054a8417980f8ba79f82ba9759841fcfae0b765e0644fad141cdd5c7972d0cff975724890182c00c4a71bf6932c2baac542f328dc5e7b24517e842316ff38fd4f5da9005c15092a91989237618db1da0fcf4d9f00c5da88a799d44b0f1d117bc5837c824b47ba31ba83635cf2188b7c01dfd0c94dc0dbc05c93e4238ea5c6dd4b4df1d32d58c648b17e292d1c3a8f0a7d6f9f57008c83f592"], &(0x7f0000000480)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
io_pgetevents(r2, 0xe, 0x4, &(0x7f0000000100)=[{}, {}, {}, {}], &(0x7f0000000080)={0x77359400}, 0x0)
ioctl$SIOCAX25DELFWD(r0, 0x89eb, &(0x7f0000000040)={@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}})

1m1.40640532s ago: executing program 2 (id=3116):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
openat$apparmor_thread_exec(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x841, &(0x7f00000001c0)={0x11, 0x8100, 0x0, 0x1, 0xd8, 0x6, @broadcast}, 0x14)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400", 0xd, 0x0, &(0x7f0000000140)={0x11, 0x8100, r1}, 0x14)

1m1.346483743s ago: executing program 2 (id=3118):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r0 = syz_io_uring_setup(0x4ed, &(0x7f0000000300)={0x0, 0xfec9, 0x0, 0xff7ffffc, 0x274}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0xdb4, 0xd070, 0x0, 0x0, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0xcc09, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r5=>0x0, &(0x7f0000000480))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x3498, 0x969, 0xffff000000000000, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r5, 0x114, &(0x7f0000000000)=0x1, 0x0, 0x4)

1m1.126273352s ago: executing program 2 (id=3121):
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x1)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
socket$inet_sctp(0x2, 0x1, 0x84)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="f8000000160001000000000000000000fe8000000000000000000000000000aaff010000000000000000000000000001", @ANYRES32, @ANYBLOB], 0xf8}}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
unshare(0x6a040000)
socket$kcm(0x11, 0x2, 0x300)
syz_emit_ethernet(0x86, &(0x7f0000000380)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa2e080045008d780000000000119078000000000000000000001b59006490780200000003000000000000000002000000753904030405a024f0dd00000000000000000000000000000000009384bbeb3018ad591b661fe808b21b77694c875dfb1be5d2a0057a62022a1564a329d3a14a1d8c690000000000000000d3f83842dd0f1d8b8b05fb1a2d4c5f45f4d2888acb9657bac3e06c261be9fefc23f14f226cd475dec87f437319b696548e8af8dda5032af0"], 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

59.88704005s ago: executing program 3 (id=3123):
r0 = memfd_create(&(0x7f00000001c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xf7\x00d2*Nha\x97\xd5\f\xde@\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\x91\xeb\xfc_q\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1a\x81]\x01*\x1b\xfd\xbcMA\xdcq\xa1b\x17\xab\xe4\x14l\x9b$\x13\xa7\x00MO\xb8\xfdX\xaaf*Du\x02z\x89(\xbcu\x9e\xdf\xe7es\xb9\x1e\xb2\x83\xdc\x82\xed\xcf\x1e\xff\x00\x00\x00\x00g\xa2-\xb1\x94\x9b\x04\x899\xf25\xae\xbb[C\x8aH\xa0\xb1\xa4&\xfb\xe4\xae\xf9R[jQ\x92\xc6K\xe6U\xaa3\xeb\x93\x84bIn\xc9\x11e\xf6;\xce\xee\xe2\x84]\x1eF\xee\xaf\x97Md\xbb\xd1}\x91\x12`\x02\xaa\xb2\xe8F7\t\x92\xedO`\xf7jc\x00\x11|]\x13\xaa<)0\x95-\xe7\xc5\xceuB\xba\xd5\x10\x1d4\x8f@\xfd6\xed?\xe5\xb7\x9d\xb7\xc3+m\x94\xf7\x00g\xa8\xd0y\xaa\x86\f?c\x8c.\x05\n\xf1\x9dw8\xbb\xcf\x9a\xfewx\xb7\xea\xb0\xe0\xa2\xa6/u\x18\xb8\x912g\x19\xcauw\xa8\x93\x80h\xad\x04\xf9sCB?b?\x1a\x04\x11U\xac\b\x9b\xd3\x04\xd9\xdb\xa3?qny\x19f{F\xb0\xb2\xc6\xe9\x1f\x13\x14\xbb\xde\x06\x16\b\x95^q\x0f\xc6\x16\xfeG\xf9\xf3D\xe9:\x86\xc8!4\xa0+\xba\x87\xdd\xbc\xbd\x93\xbb\xef*:\x00Ld\x00'/408, 0x4)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r1, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x40, r2, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x9, 0xa, '\'(^(+'}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x20}, @NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, '%'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040081}, 0x800)
ftruncate(r0, 0x40000001)
syz_emit_ethernet(0x28, &(0x7f0000000580)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x6, 0x4, 0x3, 0x14, 0x1a, 0x68, 0x0, 0xb3, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x16}, @private=0xa010101, {[@generic={0x94, 0x2}]}}, "71a1"}}}}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000006c0)=@nat={'nat\x00', 0x62, 0x5, 0x42c, 0xdc, 0x180, 0xffffffff, 0xdc, 0x0, 0x398, 0x398, 0xffffffff, 0x398, 0x398, 0x5, 0x0, {[{{@ip={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth0_to_bond\x00', 'wg1\x00'}, 0x0, 0xa8, 0xdc, 0x0, {0x22e}, [@common=@unspec=@statistic={{0x38}}]}, @MASQUERADE={0x34, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @multicast1, @remote, @icmp_id, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa4}, @MASQUERADE={0x34, 'MASQUERADE\x00', 0x0, {0x1, {0x4, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, @icmp_id=0x65, @gre_key=0xfc}}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_hsr\x00', 'ipvlan0\x00'}, 0x0, 0xe0, 0x128, 0x0, {}, [@common=@socket0={{0x20}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv4=@local, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @icmp_id=0x68, @icmp_id=0x67}}}, {{@ip={@multicast1, @empty, 0x0, 0xff000000, 'vlan0\x00', 'pim6reg\x00', {0xff}}, 0x0, 0xbc, 0xf0, 0x0, {}, [@common=@ttl={{0x24}}, @common=@inet=@tcpmss={{0x28}, {0xf}}]}, @NETMAP={0x34, 'NETMAP\x00', 0x0, {0x1, {0x16, @private=0xa010100, @broadcast, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x488)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000040))
r4 = socket$inet6(0xa, 0x3, 0x75)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, {0xfffffffffffffffd, 0xeca, 0x0, 0x9, 0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0xc0f}}, {{@in6=@mcast2, 0x4d6, 0x6c}, 0x0, @in=@multicast1}}, 0xe4)
close(r4)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[], 0x28}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1, 0x100800, 0x0, <r5=>0xffffffffffffffff})
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r6, &(0x7f0000000080)=0x3, 0x12)
sendmsg$key(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x2, 0x12, 0x2, 0x9, 0xb, 0x0, 0x70bd2d, 0x25dfdbfb, [@sadb_key={0x4, 0x10, 0x90, 0x0, "9b53a98a14c08e6a7dcfaf46d69d314e2c3c"}, @sadb_address={0x5, 0x17, 0x33, 0xa0, 0x0, @in6={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x9}}]}, 0x58}}, 0x4894)
ioctl$KVM_CAP_HYPERV_SYNIC2(r5, 0x4068aea3, &(0x7f0000000280))
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r7, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="2e00000022008102e00f80ecdb4cb9020a", 0x4a}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0)

59.675820458s ago: executing program 3 (id=3125):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2714, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0xffffffffffffff9f, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20820}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
openat$fuse(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_FPU(0xffffffffffffffff, 0x41a0ae8d, &(0x7f0000002780)={'\x00', 0x7, 0x29e, 0x8d, 0x0, 0x1, 0x40000, 0xfec00000, '\x00', 0x4})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
munlockall()
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000440)={0x34, r6, 0x1, 0x8000, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
pwritev(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000080)="6837fc3cdcbe3c3bab92b85a19d3797f609630b52cbec944ddd8d9fad98560a0cdbb5b896ef120d179ecd8c077e332993819d465de48a3746d9f", 0x3a}], 0x1, 0x800000, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

45.21784836s ago: executing program 33 (id=3121):
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x1)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
socket$inet_sctp(0x2, 0x1, 0x84)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="f8000000160001000000000000000000fe8000000000000000000000000000aaff010000000000000000000000000001", @ANYRES32, @ANYBLOB], 0xf8}}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
unshare(0x6a040000)
socket$kcm(0x11, 0x2, 0x300)
syz_emit_ethernet(0x86, &(0x7f0000000380)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa2e080045008d780000000000119078000000000000000000001b59006490780200000003000000000000000002000000753904030405a024f0dd00000000000000000000000000000000009384bbeb3018ad591b661fe808b21b77694c875dfb1be5d2a0057a62022a1564a329d3a14a1d8c690000000000000000d3f83842dd0f1d8b8b05fb1a2d4c5f45f4d2888acb9657bac3e06c261be9fefc23f14f226cd475dec87f437319b696548e8af8dda5032af0"], 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

44.560347395s ago: executing program 34 (id=3125):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2714, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0xffffffffffffff9f, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20820}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
openat$fuse(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_FPU(0xffffffffffffffff, 0x41a0ae8d, &(0x7f0000002780)={'\x00', 0x7, 0x29e, 0x8d, 0x0, 0x1, 0x40000, 0xfec00000, '\x00', 0x4})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
munlockall()
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000440)={0x34, r6, 0x1, 0x8000, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
pwritev(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000080)="6837fc3cdcbe3c3bab92b85a19d3797f609630b52cbec944ddd8d9fad98560a0cdbb5b896ef120d179ecd8c077e332993819d465de48a3746d9f", 0x3a}], 0x1, 0x800000, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

14.014886704s ago: executing program 6 (id=3161):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f0000000180)='net/unix\x00')
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
r4 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$search(0xa, r4, 0x0, &(0x7f0000000180)={'syz', 0x3}, 0x0)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000001a000000bca30000000000002403000020feffff720af0fff8ffffff71a4f2ff000000001f03000000000000e5000200000000002604fdffff0200007b010000000000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x101d0}], 0x1, 0x0, 0xd66, 0xf5ffffff}, 0x0)
sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}], {0x14}}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x40050)

13.728319289s ago: executing program 5 (id=3164):
r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000090000402505a8a440000102030109021b00010100000009040000020701010009050102"], 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='net/ip_tables_matches\x00')
write$cgroup_pressure(r1, 0x0, 0x0)
read$char_usb(r1, &(0x7f0000000200)=""/195, 0xc3)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000000)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000140)=0x200000000)
preadv2(r2, &(0x7f0000000080)=[{&(0x7f0000000000)=""/84, 0x54}], 0x1, 0x0, 0x0, 0x16)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$midi(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100030052887212e8f1146c00010203010902120001011e4008090400000001032005"], 0x0)
r4 = openat$uhid(0xffffff9c, &(0x7f0000000080), 0x802, 0x0)
ioctl$XFS_IOC_COMMIT_RANGE(r3, 0x40585883, &(0x7f0000000180)={r4, 0x0, 0x7, 0xf07, 0x4000000000035, 0xf, [0xe84b, 0x7, 0x5, 0x4, 0x100000001, 0x6]})

13.655888607s ago: executing program 0 (id=3165):
r0 = socket$inet(0x2, 0x1, 0x100)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x400, 0x28)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="1e40c2b2f9", 0x5)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080)="11000000140025000307f4f9002304000a", 0x11)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x5, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x8031, r3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(0x0, 0x0)
getresgid(&(0x7f0000000500), &(0x7f0000000540)=<r7=>0x0, &(0x7f0000000a40))
fchownat(0xffffffffffffffff, &(0x7f0000000280)='./file1\x00', 0x0, r7, 0x400)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000100)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x2, r9}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x200ce8c4)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r9], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)

12.858413431s ago: executing program 6 (id=3166):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
ioctl$FIONCLEX(r2, 0x5450)
epoll_wait(r3, &(0x7f0000000340)=[{}], 0x1, 0x80000000)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)

11.795877095s ago: executing program 6 (id=3167):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02017c008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}, {&(0x7f00000000c0)=ANY=[], 0x10}], 0x2}, 0x20040011)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x3b6, &(0x7f0000000440)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x11, 0xa7, [{0x3, 0xa, "a78ce5400659808000000003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42c60a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "ffffffffffffff8026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d036397a0acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x18, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a000023f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x5, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c764c2d227a83b89483b1084743474677e45e65eb27a5c8d989417019f619f91394c02bcfbbb7d71138537d68f2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x40, "fcc1876d4ec1876d4e6fa3ce2dfdb43a6f022059fe5c2d6b3d9363ed09bd9281c9fe68a3000000006f0000044e43e740e077e1d16212fb"}, {0x5, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1eb91a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d96967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c000000000000000000"}, {0x0, 0x5, "090000000900000036da018dff16e70b8b1400000000e18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)

11.729275635s ago: executing program 6 (id=3168):
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x1800, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)

11.654344331s ago: executing program 6 (id=3169):
r0 = eventfd(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x1, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r6, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x4, @multicast}, 0x10)
sendmmsg(r6, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000380)={0x0, &(0x7f0000000100)})
io_uring_enter(r4, 0x4e14, 0x913a, 0x41, 0x0, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0x1ff)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r8 = syz_open_dev$usbmon(&(0x7f0000000240), 0x8, 0x0)
mmap(&(0x7f00006c2000/0x1000)=nil, 0x1000, 0x5, 0x13, r8, 0x1e67e000)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r7, 0xfffffffc)
socket$inet_mptcp(0x2, 0x1, 0x106)

10.923287513s ago: executing program 0 (id=3170):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="0213000002007d048000000000000000"], 0x10}}, 0x20000000)
socket$inet(0x2, 0x2, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5400000002060104000000000000000005000000050001000600000016000300686173683a6e65742c706f72742c6e65740000000900020073797a3100000002050005000a0000000900020073797a3200000000"], 0x54}}, 0x0)
mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x8a241, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001780)=ANY=[], 0x290}}, 0x4048010)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000300)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x124)
ioctl$VIDIOC_S_EXT_CTRLS(r5, 0xc0185648, &(0x7f00000004c0)={0xfffffff, 0x200006df, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000480)={0x9b0907, 0x2, '\x00', @ptr=0x6}})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
ioctl$TCSETSF(r7, 0x5404, &(0x7f0000000340)={0x9, 0x0, 0x10000000, 0x515f3157, 0x15, "78e114100985a79874342a70e113343972d01f"})
ioctl$COMEDI_SUBDINFO(r3, 0x80486402, &(0x7f0000000100))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', 0x1842, 0x136)
umount2(&(0x7f00000001c0)='./file0\x00', 0x1)
write$UHID_INPUT(r9, &(0x7f0000002e40)={0x8, {"ea810ac2a4e58710186bccf7a332902f189dadccd31c6ce9838be9c4ed46c3ec936f980d55b98b5dc613d562ccc5c7ce73f2d436dcd295e5400bbb174f9532bc2b416e9d1b1042d011fc133ad5b36c31086a09e71f22c6357a17b57b9e9ec1e5a7bff3468da9d91edd35b240bafa8f5d8fb5526a34d1476de7bb4fe85f2356c33bf88b0c65cb015c8703df9f3d850d51fdd0c7653612e146b905e431d1b996169e6d569fc31469720732b0e193cfbabbecead29d9ca9317914c4ddb2eda6fc2de2c4fe5ce0dc9f93abe65b7983d44d58da3354f86fdfbf8d82c4ff9a61354ad87f442bba0b7f62ad878ac5ce47ecf41ef3c6eb966b2eda35090fd8386c852347118a7ba17f38e658cf4f72e4df24b0fba3d26b7909c4e4f4341acf1a9d08d9b3827b550138fe8f2d67e7889db3dabd74f858cb5292c9f2ed6159b0fcc9227eb2d86966c8cd036b716e61a0eeceb48940436238f9c5daaa7ce66ea601ffe0e36c00308b2dab82c987a1f4ba4d69ce6681cddeabee290cc7809859298552e33967963f6f790cf7202be3531fbb8f5dcecc602f45345df30eda75acd7561d71b8b7ae4fb822828c312975a7c7b122b168509a5a5b6899957e14df518976793703e5678549124833d2bb44907f15cbc3d1e02a4e8f2aa7979daacaf38b04f4188bd73ddadac6e479ddd2c7ef01cc66dd3cb96e0fe9cf7b5388cf7e6029475676ca1076267ec950ea4c7d8df7e99253e0a218627685d22f4847d25331c0c53022bc513620371f1400929c78ab4883c54b06759b0f30795ea943d049a82238210a6f35470d09f4817b6cd1f13148240eeeabcf1f6d00bf018799248ce9789aba090873c24d25dcdf4cebc3e8b2654a339010fc0aadfc5e49186b4d138ab9a8932cbaf9f065eb01a8b5698e946dbcf54b19b2ac596b754b4ca2dc60379e6b6e50c11afa0ececc6145a0c31fd688e7ac0989a3c122b837d84449c1ab412a23654fe497100f8ea1e91273b45c4a919143710894939abaf07ee38fa0ba779478df3821860cd9b65af5f6a8f324aeaa93c989026a88a7043f10d9c5bf96d7ab20d386fcf3da26c5aeace4e5c58f012f42bd171131b6fb49c31a72826360416aa9d6384f0e84dd60d265aecfdbf3b9aeab43997e7a96858a18a6fed38e14607746aab9102386b9c6c93bf8c057ca5b0f776924152962fc32a475235bb075e1ca6ab4aa3235bc5a9a0e80f7e8e06874fecd58bf6b04ac462dc72fa1c3401fdeb7cc03530d4392775fae355dd945d3349c286c8251a1b351bcb87dca9aa3cbe744698517c9cb8a16bf33434fb8134bc2d88c3923d9025e5c46c7913cf01caa8d7d89e68cedf6a3f1aee5e25a0ed062a0fb778c33b66564eebb7ccbf5daf34db67317e327aa702bd20a34fc7504bb840e964f083c07eee63b1eebb8e9048268d18500b03a41b919d85f26c29d0bef343e9e5c4384ef4c8e35822e474262faa5e18aa6bbf41af6993c445b0c4e453ea7f0c180749a093039d26c8b7afd4c7aa6e644b2a05c2555b7716051fc1fdca655046244ac87f5ca9295a296458f818fd62b8457cee0ef269f887afbf55f70d83e6dca5cbd954c4b9832df6c3dc93fba339a35c3fe7a7bbd3bcc7d4cdb303460b9cb263b924e5982dea2a7d80ddea0a98e7b57d44977f186e8c15bb13af9376c95fc30697874c299ebf8177e35cbe8dd9f343b7247432c4dc5ab8222a7de28b3045cf3c8bd779de90150ee0c2ffbc65be4ed59a40bb9eeb056c9d9bc25815f6987ba726862fdd957c9964855809f5264f32279059fca5701fcb408803058ad2458f1b8320a3ade03dbd10f386b0b5fb6315f6104ac271bff5c1cd66b41bbf7be443672ce17c488ad91532cc23f9ceeffb53b69a0b995201609ef2d628122f0712851790e3ca2c6adfcbbb0712bc2df727d002535caa97bcff058434f7a2b551091056d416edf11a521e84c946d78c3d01aa916a1950da4d128f905451b0da43273e245785d7cf51242c5e5244aafbe49c03011d1f4a371df3ba56be3d1cd366a049ef2c1f95ea053831a65d1d495aaad4d5f67e513aaaa7ff3850697761dab50519e019431b248d893f273b2c46b1e4892bc29f61bcaba2f6160fe236a084099908016c5265d5aa20212815787c0242a51cc24f8802cc8646e89ca8ba439b29d27cbafb32879cdb55e427c9abc207557b2d67b9fbff83081f489b6f29279dcc2562dd6ed38638d7fed1799a2611cae4474b74e55f5c234b3809b8829384357720d4c8a72ddc084075228dae64b86a45942ae522a497e5bdf865ce2730e36b214b11c5d68bab9f6090572868b91dc25faf21cac293589d6abe1664458e3b3b66bc1db298b3b9f3edda495847f4268874b19b895e6d582d1ac83a217e1442755134d2375be59e96d0474de3bb172525d0c9688f5c1a1e8843fdcfd155b31456ee81a17bb257a60f542b2d3f24460b6d8dfeb8662000eac6f83a5113e4ee2f8cbd813b9f7bc44744d99d208390c010ab2cf15e8555f3d18e442635ec4bc50be2cba2781369d6c43c5b45c8508ff568d1652d1633ef7f654c69261e0652479e4d47ab3a59e38165ce231d1e296e6ed58d5c1b0b0d1e2a72713e449c6d3be23c08536ffe720b152ce1afe4ac8f108c88aa74b9587512a3c34c180bc5aa80b3ef8abfd4bfbe05d64278136b096944e7f6eede37312210990d6b95226dcdec847899b693164eac3edbe3667ff0e2983f4d2b26ca62b7ce2215cb547cdd2f706a233d9af9d92c6d1889c30ce68341343a42499d31472594067d4b95e5cb82db5dcc763ee1203ca64a0b38ea528289283d3f415899131b951321f321d3cb8180e5105e84bc230ffc07c03bfb2498b3689fda0428c09258aec5fb653883f3dec0bd93875b66d08a94fbddd6c675dc82f9852fa6b79198f664a4717c2b93a621c7f1d02de67f1d3f76faa3e2d5a84d4922a8f982c6636dd9cb903d18b4392d00500ee2ef26641c676f84002c916f7cb1e5b7e48ebd60324dfa1dd1b338887145495427b27cf17453a79a409ea1fc239f5652cb44f5dd3c69b9f5594a875c0678927c75b3143114a00596c1e56a66abf7e3fe4f5cd10217fbadf862271b703873761c64c44c0b8319e59a2a5640770a8b8428d468d1c5eefbd0f4fe37bb72b4ba7227956384af071db13f95edebfd0e344bf9202c1550bbe2cffed775e700c6c8175368a5fd765bbbcf4f070fcd6b2c1375b77d85101045717d4434eb04255606c7bb053b48fb07ee4e4d6cdbbc8667aef5e5e37440b3f62c94b37421d4864722461ddc0e38591d5b4e1aa3d59758c2ca77d35f6e2c9ed53d3051c1ac1d36bc32375235b70401f2e99e12d506b5e4ccbdc070aa0fd074e9725b31024452c75bb876e19ab02125739c14ce4a2cf900d8f13aa2358cdf832553c31ce6a9c4b00285d6e4a002f030372ffb2fb38c67a58564e77809d1ce1f3e32ca78180039f6d3d7ea2ff692ccdf842300daea020bb7ff49000eb6e97da480a5cda8e6425206218b3f73b3844d8183e4d2137d01a2c4dc0992791663aab5d117a6be9b3b0049baeab8b482e6cf2baf5811abd24df5e7e35ef7547e9f60603e19ddd51a5b8caa8aac8d98f5188ee94ca299f70731d197669a3119f4a27c80209be4cb88f2b17809430cb25c125560e09c669fec6e84671f6f5f755f34a74b74a26e700dc5b962da53bf8831e41a4faed135009dbcc0b5ea14c211565e77966aa1af99781d9aa9b38d7b63f7f576b0ff8e6e3907d8ca2f5a454d96985241ca1be830963a75b0af32a0e31ad01bfbfcc29c5e770fcc520209252ec06776765e0a02b0283877b584a5e573ca572045ea869db6caa4a97fa6a8b99fdeaea3f30f1d8e30d29e229a8d0d38ad27b133dae20838400e47883e859587edfab8a96189eb3dea2b6df46da94d7e76182c2aa4bf55d6be78a3f591ac419ee8f81163f8e7274d5083c2fdbe2e5b696b6c28ca9af38a13a4082b5ad287260ec55201c6ee7de51da7883ec2b48641e8c1d67d7951739dd1cb8aa974efcfac553c3cee71731143b09b4e15d36f4b2f26c2c81b5cbaf2f733f1657fcb30e576500b2d1d42046fc11c1569eb91e216bcb1cfd74caf597f74a8ef0c7534940258b9635ed848b97ced8431d26aec5f0151a06329a4c0ab6f1569f2e46bd1ce7369aa844278fcaad129f2fe20132cf30e34307754777b787947a815853eee5c824276661dda37a52f5ce1dec91ef770cb6f2fab2a8edfd9769b324c7b0f9723638e37ead2a490b70045db4526b80c48310b6c6c8e0da8d9a8a9d66dada7c5a9e31e24e67fe9fa49e2f2205ec688ddfc65842bbedf9aee337d0a28184a85deb5ad776b781245967f2b9947cc9a4a8d50f412558278e65f486262b7312489d197908fd451d84a282f229b349066b5a9be9aba5519cf13adad2279655c7d8c0bbb529a268b31578bccf90cd5191bc10c65bb81f3f90045ac3b41125b032cabbd2958b0fdcbc489c92f7a0b5974780f26acad45556bcf613da99a0954242e40ef437e70b115c26e4c1c201173d9f0ba2544a8d72922b626934c49a26ef38becd3d2dd230641dda2ff01e32ae7419d92c998100fbdda6e1350e8a4bdbb1ae691d926db10acc6337cc0a9f56edbc886e0c03656146152baeea08d899ca44244e30a1e51663a3cd3f48406e3ab5a0e96156d5a4fd881ff3da02fe4c080a8faf37ff884a52f13fa6d838ded510b4b0ab66d105bb2e61483294620887753d95614128902f67c00503b2257e933a04ce29f18f78ae50f05ec8e02eed7850949bd446c4755f039935d2b231c84c46fc9e91f7b3a3a16bbf582a40bf27f470cb0dd346693939bca5755fac7241a106eb9e331ff60437b3172d4493ddb3cbd5bd6e41decfef658f281925a40e44efd5aa49249f1a02a72953379311f294f035402e959cbeb0abaf8d25640082af30d55c7c8ef2dcefa9f9ef2ed9e7cfc7e769c09f3b6c226cbe0c9730ca2a6cccdc638ef9d75c2f0ea887b73d66b04283fbf6f51c03468bf33aff098a3dbb78971b77c8ac45571e6185281ed8eb44f7d0d5e9bb0ef4d8471ef9cc63eafd965555f41b25f7209fae0b3e3d4ca4e794d6d04888347c61a4d9083d9fad0e737ca0d20de42a9000e206aba1e62e88e6de40bf0831a0dfa9a54b2daa919e575d6884cc1d9a55800361258bcea2bf872e80966999efc88147efe20e7a1723417d84a7b1e188ec94b27c1c797b5e14cd03c5a1f867cd79fde6d1386f0c35f934b1e616d0dc7f1fc3d99c7ab99b0be0c40b607ee06b852a7221e45bcf2c4992074d0bcec125be86d2eaa5631a69cbee1e29bec337c056858e4749c5717ab8d5ab76757ac7679d00081f2ed6ed4113635427de05066d71a5d0dee65166f5b39913634b71048413339528a59ad581ac9235eda7ef3c324166016a13944c33b68d3cb31a351502845dd5e82071c91ff5a90acc33a5dfa0d0ccd3603d321cbd4909b0dcb49e76273644bdeb6da73e6a84b5d8bd5d85786bd7294fdf3183ebc20489fcc72e1faef9bed28a40ff7bf02b32b092326067d1d5272a05b803ea70ddbfe16560675f6b794ea073e719f49d3ddc6056d6df8d2e271f1d4dd6da0c4ce13b64187f294334336c9ba3ef7649e7c0fc94c215dfd48f20701bf3099e12dabc3440b3773c28ca276823bc69d588fd3beba2bc470c33c231f1cc5a1954df9cd70e414eca9cff653eacf4b9ae3d4efc2591e5193f5429469d240b42e7ef1e3c7c692c88f83622f4db17baca70f8e8f88f49", 0x1000}}, 0x1006)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

10.574078251s ago: executing program 5 (id=3172):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @private=0xa010102, @remote}, 0xc) (async)
r1 = syz_open_dev$radio(&(0x7f0000000340), 0x1, 0x2)
ioctl$VIDIOC_QUERYMENU(r1, 0xc02c5625, &(0x7f0000000000)={0x98f907, 0x8000002, @value=0x67}) (async)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) (async)
syz_emit_ethernet(0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaaaa080045000028006400000202907800200000e000000211009078e0000002000000020020000000000000eed6bdae0919a06677b94cc28da0de54da81debd98bac3d6273340dee9529b80"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) (async)
r2 = openat$mice(0xffffff9c, &(0x7f0000000400), 0x10000)
recvmsg$can_j1939(r2, &(0x7f00000007c0)={&(0x7f0000000440)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000540)=""/246, 0xf6}, {&(0x7f0000000640)=""/220, 0xdc}], 0x2, &(0x7f0000000740)=""/126, 0x7e}, 0x40010020) (async)
syz_io_uring_setup(0x3779, &(0x7f0000000100)={0x0, 0x4208, 0x20000, 0x1, 0xf2}, &(0x7f0000000180), &(0x7f00000001c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (async)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000400)={0x34, 0x0, [{0x86956090991702cc, 0xfffffed6, &(0x7f0000001e80)=""/133}, {0x0, 0xfffffffffffffdd3, &(0x7f0000000500)=""/10}]}) (async)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x20400)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040), 0x6)
r5 = syz_open_dev$radio(&(0x7f0000000500), 0x2, 0x2)
ppoll(&(0x7f0000000c00)=[{r5, 0x4013}], 0x1, 0x0, 0x0, 0x0)
ioctl$sock_bt_hci(r4, 0x400448dc, 0x0) (async)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/profiling', 0x2, 0x184) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x7002})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000600)={'pim6reg1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
pread64(r6, &(0x7f0000002200)=""/89, 0x59, 0x10000) (async)
timer_create(0x7, &(0x7f0000000200)={0x0, 0x7, 0x2}, &(0x7f0000000240)) (async)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=@newsa={0x150, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@broadcast, 0x0, 0x32}, @in6=@loopback, {0x0, 0x24, 0x0, 0x0, 0x0, 0x200}, {}, {0x3}, 0x0, 0x0, 0x2, 0x1, 0x0, 0xa6}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c}]}, 0x150}}, 0x400)

10.446096824s ago: executing program 0 (id=3173):
r0 = socket$inet(0x2, 0x1, 0x100)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x400, 0x28)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="1e40c2b2f9", 0x5)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080)="11000000140025000307f4f9002304000a", 0x11)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x5, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x8031, r3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(0x0, 0x0)
getresgid(&(0x7f0000000500), &(0x7f0000000540)=<r7=>0x0, &(0x7f0000000a40))
fchownat(0xffffffffffffffff, &(0x7f0000000280)='./file1\x00', 0x0, r7, 0x400)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000100)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x2, r9}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x200ce8c4)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r9], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)

10.065668024s ago: executing program 5 (id=3174):
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x1)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
socket$inet_sctp(0x2, 0x1, 0x84)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="f8000000160001000000000000000000fe8000000000000000000000000000aaff0100000000000000000000000000010000000000000000000000a00000", @ANYRES32, @ANYBLOB], 0xf8}}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
unshare(0x6a040000)
socket$kcm(0x11, 0x2, 0x300)
syz_emit_ethernet(0x86, &(0x7f0000000380)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa2e080045008d780000000000119078000000000000000000001b59006490780200000003000000000000000002000000753904030405a024f0dd00000000000000000000000000000000009384bbeb3018ad591b661fe808b21b77694c875dfb1be5d2a0057a62022a1564a329d3a14a1d8c690000000000000000d3f83842dd0f1d8b8b05fb1a2d4c5f45f4d2888acb9657bac3e06c261be9fefc23f14f226cd475dec87f437319b696548e8af8dda5032af0"], 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

6.510463194s ago: executing program 4 (id=3175):
r0 = syz_io_uring_setup(0x47a8, &(0x7f0000000740)={0x0, 0x46b4, 0x800, 0x80000, 0x200}, &(0x7f0000000180), &(0x7f0000000700))
syz_io_uring_setup(0x7676, &(0x7f0000000100)={0x0, 0x22e8, 0x2, 0x3, 0x10f, 0x0, r0}, 0x0, 0x0)
syz_io_uring_setup(0x10278e, &(0x7f0000000000)={0x0, 0x4c1f, 0x10, 0x0, 0x200004}, &(0x7f0000000200), &(0x7f00000000c0))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x0, 0x0, 0x3, 0x1}, @enum]}}, 0x0, 0x32, 0x0, 0x1}, 0x28)
io_uring_enter(r0, 0x87, 0x0, 0x1, 0x0, 0x0)
syz_io_uring_setup(0x47a8, &(0x7f0000000740)={0x0, 0x46b4, 0x800, 0x80000, 0x200}, &(0x7f0000000180), &(0x7f0000000700)) (async)
syz_io_uring_setup(0x7676, &(0x7f0000000100)={0x0, 0x22e8, 0x2, 0x3, 0x10f, 0x0, r0}, 0x0, 0x0) (async)
syz_io_uring_setup(0x10278e, &(0x7f0000000000)={0x0, 0x4c1f, 0x10, 0x0, 0x200004}, &(0x7f0000000200), &(0x7f00000000c0)) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x0, 0x0, 0x3, 0x1}, @enum]}}, 0x0, 0x32, 0x0, 0x1}, 0x28) (async)
io_uring_enter(r0, 0x87, 0x0, 0x1, 0x0, 0x0) (async)

6.401973886s ago: executing program 6 (id=3176):
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
readahead(0xffffffffffffffff, 0x77abdcce, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1a, 0x4, 0x4, 0x10, 0x4, 0xffffffffffffffff, 0xfffffff8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2}, 0x50)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
r1 = socket$alg(0x26, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$alg(r1, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256\x00'}, 0x58)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x104)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = accept4(r1, 0x0, 0x0, 0x800)
recvmmsg$unix(r3, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000480)=ANY=[@ANYBLOB="080000000a00000000000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ae9d8cc000000000000020"], 0x5000)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000000)={0x8001}, 0x4)
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syslog(0x2, &(0x7f00000001c0)=""/229, 0xe5)
syz_emit_vhci(&(0x7f00000010c0)=ANY=[@ANYBLOB="03c900c051788be61219a090be31c9bcc50a0bee9f558d869f66cacc5a2fbbc097632bc3e0aac186d3774d3c00e1edff816335cd208c2f60f71cdd229cd75730d01a716c60b0c5459aa9a82aeb1b21d2a6935b570444fe16fd601ac317ba4ad01e34f4bddef216c00f5f65617958a5f40a703eddc9de8a24ba4e6b888f7744fdcc6f18178be99adda8ef6c687ed7b893eb3db41f323b415e8b7e5eced993d6e072972bc5bc6939899788020a848664f6c514c88f41c4cf4574e82d68810fa55c07bc9e8535684099a4d1f41bf54f698ce11357f62bc025a419c832484e133fb5e96e38cf1ebb60e6cab36a3c07fb3e9f171a732fa7e7f485fd15864f26672325a5873d70db8ac94a066459aaa4678941e977932e9500f529aeab077031c6033d75817c6c112edc9d6a48c1ca9eb777b30bf75c1e22833acdbd7c4157f6a8c2fa8be127b19f5a5d1f229519b5a52ec927b3ca7a00ae4a2d813f9a12fdd1ad1de3d3dcfc3e5dcd549a5ef4ddeb9b3fdc117a482d5969b20dc8df422b18b1adba5dffca5c25cba4566e6d6a17af3478d9a2bfb5232c7f53ec5f7ee56eac1150ddfcca49c5316e070478b75af9a060ba9ed2d3f53d17f32eda5591db9ae40929b50be368d9f274992d06d76c535efa6e793ba876637c45faa44ca285dc8fea07c82619a72248e78a3ec46b7b05416e6e47f28b768d5422e7686f15536320d4c18fb7f4f7c13abb5bb36969eabeac230b66ad1d8e8c52ba6a1271b2ec75e8525c2ca1ec9ead988516002339c2a612db6fa51611173ca6f373593fd92b0b95fb3c5aa8533b043577de80a4c2329b3217dc4d4e57b021952ce066c024a2fce9eccec83907f12bcb7839303f9adf2bd12e9a6ae3eddfca9b93ea54f30129c0371b57007374a60b0d032b38e0402c7f2bfa9fac3bc034987cb2fb044d8b4a8db4868ca9a9bd302183dc45998709270f5ac83322839025a1c9766d1e02d9d21d105aaa8bbd07c7b31c090aefe9b4f63c133daf1dbf7b2145a2d0febde75542f5e2d53f6b45abc08eef65e0d84c3b0eed5a66a29bb363cec6548429e8ca42ca4aded5444eb989b73b49be5b7000f8185de7a739b754cbbd8603ff8aa0275296523fbbc8676e69bb14c2bbfb03b743a6076b37bbe80db54395d958abba19ec6b0af5251a248f854ae65b62535a24f34367139139dc72c2c76bac1c6c637dba4881c1993a02f2d59420fc20f62b6d247d4ca1507510b1b09a1fc0cb6e62dfeba2505d9731d8df646a4bdcca6f88be3cc2f35eef920a0b6bd1c42e913ef9f65d828375d4bc9a381ce7e637d7101a27e3a50033e34fb35d733831d0ce0ac6d8221c24e008e617f6608c64ff97ca087cf6b6bdb95036bb060535211dce16d2ce2cdf0feec0f70c1c8ad7471147266d2b526df12a5bafe22bfbceec0d43513f5632aabbffaa439f66fd29ff355c88a1a0243b6aaa98731722afc7cf2e7799b002db92fc67105c449bbda4affb9d2c917794a5f54dae35030fe5cd375abc5f47a53c1f36f27300e201b5d78c7c64976f2695f1ac79636c0cb005129f0842cbc3707756643cd420f0d16a84012607cfd6cc6878f4a4cc00e81f8162e7db663367de599a669efe7c17fc4f5e32a5d7cc919ba192b42bcd3d48eaf6a1113f5023af61ea4858ef9b4a3a5d4670063c0c11e2bb28f8b49b52210bf1e83d7d13183ed03fc9e08eec02ab88ba4f9e03aa09ff4a61b74ded527b72c905d52b28f7e9ebbe09a6b6eed91050aa30ac1143254807f713faab0b0a8d6d33cc512254f90d4c74f875df2177b60558a05c1c52c952dcd8487e42048332cdc6308c9ef376a27a8a7a72424cc55424311fea62e4d738678364f918a539162d1cc0bd034780f95a14e6ba8a88ca8c1a7aaecf73bd9c3a94ac83b32a7a9c950fb346d07b2c10a54d61b1f0dfd081bdb2269667415b5e64b3cbbb88d43e0b758c75bc8ef18801b0a8f72862bab7b06d346f52db9624a2d669eaaa8561069d5ae68acc40e4388b5191e57d06ac87da45f1cdce34ddfc7493ab48a3a5515be92877bcfd24b11c22a8708f9d04aaba4ed65414e086093a9d0944abf4bc1681de61125c39556f5fcf196bde360308aa858453522d702107f26772aafbcc9915de6c1b5b16017140d56341fd55957e21dfc628a650b4385a2c092873579d751204c66a63cbd88eed20d419b4fa64a2220d6949c327bdf09d8a41aaf7803130fc9cfc102a37540c7fb3ee0b35af4408076630224aa69804148fa666856754abb4e4796f46757dbc8100ee79ebde2d6e2925df3575b16fcfb0889847ed85ed5b8969f5d5d4d55e356fd3f714b6a74d853c4e67ba2732613eec252e41208bce580866e57143542012f0e1021d0f26c9bb54799e3ce83fa3cc619c22c0b77a6fb325ea4652a2d2e0d4e63f3f561bbff9098d2f091948268226d724f27f3cf815f84f874ebe7396426ee4a0d07022058f23b57f5b780eac988715369baa077fc8b83377c3cd3e49cf8161581616d394432488b028a778a28607ad4de646fd264e49197300d1198e8e314b736ada673d382b6114b04f24b26adb38f61f1e7a6c4852f59e7f324e9952e5e8877600b49d3620090ceda741d7499831c8bae51e2f5b4f1395d464ef9cc9edfe21db1b5ffb4675226bead20fa292cf85d4dcc7c26a2032f25bf2a665014f6246530322c25fc83920de8d27f4bf37420da83a7a79afc0f3be527c847be535a8bee5804328da1657239480602013c8deaf2a76aea1c3504357ea885182b8bbcfdc07ea8372a8593f35e39d6ce809"], 0x7c4)
io_uring_setup(0x1de0, &(0x7f0000001040)={0x0, 0x9c16, 0x40, 0xfffffffe, 0x1d2})

6.155657859s ago: executing program 4 (id=3177):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000019140), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="310300000000f3ffffff0800000008000300", @ANYRES32=r2, @ANYBLOB="080006"], 0x24}}, 0x0) (fail_nth: 4)

6.09556443s ago: executing program 0 (id=3178):
r0 = eventfd(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x1, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r6, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x4, @multicast}, 0x10)
sendmmsg(r6, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000380)={0x0, &(0x7f0000000100)})
io_uring_enter(r4, 0x4e14, 0x913a, 0x41, 0x0, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0x1ff)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
mmap(&(0x7f00006c2000/0x1000)=nil, 0x1000, 0x5, 0x13, 0xffffffffffffffff, 0x1e67e000)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r7, 0xfffffffc)
socket$inet_mptcp(0x2, 0x1, 0x106)

6.095258872s ago: executing program 4 (id=3179):
r0 = socket(0x2b, 0x80801, 0x1)
r1 = socket$inet6(0xa, 0x5, 0x7fffffff)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4f23, 0x5, @empty, 0xffffffbe}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
recvfrom(r0, 0x0, 0x0, 0x12041, 0x0, 0x0)
fstat(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
quotactl_fd$Q_GETQUOTA(r0, 0x2d3275df3214d12d, r2, &(0x7f00000000c0))

5.919062971s ago: executing program 4 (id=3180):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x80000000000, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x2, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000001, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.830209381s ago: executing program 5 (id=3181):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000400"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) (fail_nth: 4)

4.484130645s ago: executing program 4 (id=3182):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000740)={'ip6_vti0\x00', 0x10})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000380), 0x2)
r4 = memfd_create(&(0x7f0000000600)='y\x105\xfb\xf7u\x83%:\x00\x00\x00\x00\x00\x00\x02\x00_\x8cZ7\xcda\x9b\x11X\x0e\x88\xe4\x18\xefS7\xc9\x00\x00\x00\x00\xf1\xff\xff\xff\x00\x00\x00\x00\x00|\x9b\x91ij\x98X\xc2\xe9(\n\xda\xb9\xcd\xb5\xceg\x00<\x18KM\xf0\x94~\xc8\xe1\b!\x93m\xcfCs\x16oX\x87HOy\xe9\x8e\x9d\xe8\x9c\xfe\xf9\f\xaf\xa4\xa1wo#~\x98\x8e\xa5\x17^\xcb\x05P\xc30\x0fK{\xb4\x92\xa3\xe5\xaa\x14\xcb\xf0\x8d\xf3\xee\xc4S9T\\\r\xf8UK\xe5\xa2\xe5', 0x2)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000000)={r4, 0x0, 0xfffffffffffff000, 0x8000})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000001c0)={'syzkaller1\x00'})
writev(r0, &(0x7f0000000500)=[{&(0x7f0000000100)="2e1221b23bb63f7f77d3df163e75963d86ddf06712e9000d2f8db0049d90491c3248040000dbb8a10000", 0x2a}, {&(0x7f0000000200)="24ff00000000", 0x6}, {&(0x7f0000000240)="a43b2eaab4000000000080006558", 0xe}, {&(0x7f0000000280)="f91d9189", 0x4}, {&(0x7f0000000cc0)="0654d8b5ff4fb33ab7cad4f27786", 0xe}], 0x5)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES16=r2, @ANYRESOCT=r2, @ANYRES16=r5, @ANYRES32=r1, @ANYRESDEC=r3], 0xb8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r7 = socket(0x2, 0x3, 0x6)
bind$inet(r7, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000000000005cfddaebe3d100000500d6f3b91c"], 0x3c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r8 = socket$packet(0x11, 0x3, 0x300)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r10)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, r12, {0x0, 0xb}, {0xffff, 0xffff}, {0x8, 0x10}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x2, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x4000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000b80)={&(0x7f00000010c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000ab80100ff020a0102000000000000000000000004ca000600e937829f286f108fb1ce5da6aa2ae41d0f22799fff85dcb170dd8753b7a420f6493da5b480d47413dbb453c59f901caa9e88124cac6aaf0c48bde99de688fd78522a9be506a2148e98aae85b7dd03e03fb1396fc350b101734a2f789aba8cb9bfb5359b9eeff54b7b6b2bd62c4f3090ba545be72b83052902bfbd5f2886190394e2a3ab0a8d7b2290dd71d9183c192acfdf319355209d20af1562cf046232b603f2d8154c0051bb4ebc194feec69766ce66b6835720e90895a77142eacd332312590a1d6e454a205c2a9925a18eb5b13430000d8000600674254517820c655772bf398cc968bff8d87941e3496480cd6f86721b90b77ae90a6486b1481ea5aa5bc8a2c68cfcb981306dcd223535e2a83f76a8e9f7e7f62aa5a7968c836f2505966c8317614e2aeb456d43e1571fffb5e4d39c7e9e1814c0374cc27dc5fd6bff7dc5736193a57a108b7761424d2c9fc9647f03882fcadc6197263094af032ca20993633364fd45b2c4ab95132e529169805e2b48e194539c1c2e8d5340f4930ffc397cb172983ad489f5617d80e8412da0f70c9941f79e9b579bb5c8a9926a395658ee1d5aeb37478ed273160140000001100010000000000000000000200000ab42acf6a0619ef5c6db0b6a23e9290a30bb4849cdfb2da6ae70476438abc959b24882950aac03c7563de68bc3feedf6ab90103a9ae9268ab7b1aaf916674a779cfe78f378b352a7235c7f08803dd4d40cc8f5b393029e70293f67e851068c874ac84299c74b75291156dfddee2b83212dac4000173d672806aef223e644af59fea5a307d8a1bb8877ebc6071b3f10e87257f2d45a9f3268cbd0a3044b6f02245f6d8"], 0x1e0}, 0x1, 0x0, 0x0, 0x4}, 0x4000080)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@gettclass={0x24, 0x2a, 0x100, 0x42, 0x25dfdbfe, {0x0, 0x0, 0x0, r12, {0x6, 0x6}, {0x4, 0xffff}, {0xd, 0xb}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20040840}, 0x2000c004)
setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)

4.286072608s ago: executing program 5 (id=3183):
r0 = eventfd(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x1, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r6, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x4, @multicast}, 0x10)
sendmmsg(r6, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000380)={0x0, &(0x7f0000000100)})
io_uring_enter(r4, 0x4e14, 0x913a, 0x41, 0x0, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0x1ff)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
mmap(&(0x7f00006c2000/0x1000)=nil, 0x1000, 0x5, 0x13, 0xffffffffffffffff, 0x1e67e000)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r7, 0xfffffffc)
socket$inet_mptcp(0x2, 0x1, 0x106)

3.64578624s ago: executing program 0 (id=3184):
r0 = eventfd(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x1, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r6, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x4, @multicast}, 0x10)
sendmmsg(r6, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000380)={0x0, &(0x7f0000000100)})
io_uring_enter(r4, 0x4e14, 0x913a, 0x41, 0x0, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0x1ff)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
mmap(&(0x7f00006c2000/0x1000)=nil, 0x1000, 0x5, 0x13, 0xffffffffffffffff, 0x1e67e000)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r7, 0xfffffffc)
socket$inet_mptcp(0x2, 0x1, 0x106)

3.562036837s ago: executing program 4 (id=3185):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000300)={@local, @random="1ab900", @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "b70bff", 0x4c, 0x2f, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, @mcast2, {[@fragment={0x3b, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffc}], {{}, {}, {}, {0x8, 0x88be, 0x0, {{}, 0x1, {0x8000}}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0x0, 0x0, 0x0, 0x1}}}}}}}}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32=<r2=>0x0, @ANYBLOB="000000000400"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="4ab0a8042e370b7f0a9258e0cd9199630b34e533c07d2491b4ecf55529f7ca72261bbcbadaea10d38ee5d42f396b77cb05db0c4564a6848d5616cb8c4cc3a77cf402924b851235d2a3817c14683b8719e50b970f98d353372e7e0ebd4f8ef134b696fa41321c403c174d664b79549fd8db4e13ce7fe31bb7dd1c6cef0f4d807675267d1d6f8c72c384f8e0a0d964e1946121929aa8a22af797b754bf6b7810c0d2ee34e71c305aafa9547198719243e3a443a17c16a2fc99e8dfc0718834c196c51cda082ad2f84b40a0357c389ccde353517ad8bc5bb0f1dcffd7b0893a076ef356f0072ea6"], 0x50)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100)=ANY=[@ANYBLOB="03e1ff0004000000040000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=r2, @ANYRES32, @ANYRESHEX=r1], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
write(r3, &(0x7f00000001c0), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x80, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r7, &(0x7f00000001c0)={0x18, 0x2, {0x3, @remote}}, 0x1e)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r8 = io_uring_setup(0x3450, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2)

1.113127523s ago: executing program 5 (id=3186):
r0 = socket$inet(0x2, 0x1, 0x100)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x400, 0x28)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="1e40c2b2f9", 0x5)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080)="11000000140025000307f4f9002304000a", 0x11)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="15a31ae9b77a306d5d3418def83421daef8bc61f50c603b6e2072bf9aa93746fe11ce6cc33ca4fe0f3cbfd228dd5b3951f1218dacfd2ccfa5939485287f216ee0e36966c9fde554cdc4ca8602ee26302ae43760573b94c", @ANYRESDEC=0x0, @ANYBLOB="2489f2ff4c07e09fa2ff00fadda8159f18b6e4e7a72114573fc922b29302bbb534ce2e14f88c00fbf1c8d7068da0bbaa4d2073fcedfab24736f8aa1b52caa9dc7e8fc210c8c61aef60dc0b6c9bde9285aab16d91f8e551fe8636d0fa2dfdeb1a19c297dc1c9e4f1a2ba4c0607082da9e4dda7c6e70034c12891fe5163a6b9cfa6f62f012b28115f42049ddbd38b7597b28f300"/159, @ANYRES64, @ANYRES64, @ANYRESHEX], &(0x7f0000000000)='GPL\x00', 0x5, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x8031, r3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(0x0, 0x0)
getresgid(&(0x7f0000000500), &(0x7f0000000540)=<r7=>0x0, &(0x7f0000000a40))
fchownat(0xffffffffffffffff, &(0x7f0000000280)='./file1\x00', 0x0, r7, 0x400)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000100)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x2, r9}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x200ce8c4)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r9], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)

0s ago: executing program 0 (id=3187):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x8, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0x0, 0x120, 0x2000, 0x0, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r4, 0x1269, &(0x7f0000000180)={0x1, 0x0, 0x98, &(0x7f0000000000)={0xfffffffffffffffd, 0x2001f, 0x3}}) (fail_nth: 8)

kernel console output (not intermixed with test programs):

pabilities
[  652.218606][T14214] IPVS: using max 44 ests per chain, 105600 per kthread
[  652.822026][T14226] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2574'.
[  652.962441][T14228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2579'.
[  653.466562][T14233] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2581'.
[  653.873989][ T6106] usb 7-1: USB disconnect, device number 60
[  654.841417][T14254] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2587'.
[  655.592326][T14263] vivid-000: =================  START STATUS  =================
[  655.595881][T14263] vivid-000: Test Pattern: 75% Colorbar
[  655.599989][T14263] vivid-000: Fill Percentage of Frame: 100
[  655.602223][T14263] vivid-000: Horizontal Movement: No Movement
[  655.604787][T14263] vivid-000: Vertical Movement: No Movement
[  655.606814][T14263] vivid-000: OSD Text Mode: All
[  655.608643][T14263] vivid-000: Show Border: false
[  655.610334][T14263] vivid-000: Show Square: false
[  655.612004][T14263] vivid-000: Sensor Flipped Horizontally: false
[  655.614112][T14263] vivid-000: Sensor Flipped Vertically: false
[  655.616166][T14263] vivid-000: Insert SAV Code in Image: false
[  655.618500][T14263] vivid-000: Insert EAV Code in Image: false
[  655.621003][T14263] vivid-000: Insert Video Guard Band: false
[  655.623023][T14263] vivid-000: Reduced Framerate: false
[  655.624826][T14263] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  655.627373][T14263] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  655.630059][T14263] vivid-000: Enable Capture Cropping: true
[  655.632028][T14263] vivid-000: Enable Capture Composing: true
[  655.634026][T14263] vivid-000: Enable Capture Scaler: true
[  655.636408][T14263] vivid-000: Timestamp Source: End of Frame
[  655.638696][T14263] vivid-000: Colorspace: sRGB
[  655.640266][T14263] vivid-000: Transfer Function: Default
[  655.642227][T14263] vivid-000: Y'CbCr Encoding: Default
[  655.644040][T14263] vivid-000: HSV Encoding: Hue 0-179
[  655.645850][T14263] vivid-000: Quantization: Default
[  655.647583][T14263] vivid-000: Apply Alpha To Red Only: false
[  655.649756][T14263] vivid-000: Standard Aspect Ratio: 4x3
[  655.651736][T14263] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  655.654337][T14263] vivid-000: DV Timings: 640x480p59 inactive
[  655.656839][T14263] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  655.660168][T14263] vivid-000: Maximum EDID Blocks: 2
[  655.662075][T14263] vivid-000: Limited RGB Range (16-235): false
[  655.664148][T14263] vivid-000: Rx RGB Quantization Range: Automatic
[  655.666705][T14263] vivid-000: Power Present: 0x00000001
[  655.668902][T14263] tpg source WxH: 3840x2160 (Y'CbCr)
[  655.670704][T14263] tpg field: 1
[  655.671865][T14263] tpg crop: (0,0)/3840x2160
[  655.673422][T14263] tpg compose: (0,0)/3840x2160
[  655.675008][T14263] tpg colorspace: 8
[  655.676274][T14263] tpg transfer function: 0/0
[  655.687318][T14263] tpg Y'CbCr encoding: 0/0
[  655.688983][T14263] tpg quantization: 0/0
[  655.690403][T14263] tpg RGB range: 0/2
[  655.691834][T14263] vivid-000: ==================  END STATUS  ==================
[  656.530126][T14271] FAULT_INJECTION: forcing a failure.
[  656.530126][T14271] name failslab, interval 1, probability 0, space 0, times 1
[  656.534814][T14271] CPU: 1 UID: 0 PID: 14271 Comm: syz.0.2591 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  656.534832][T14271] Tainted: [L]=SOFTLOCKUP
[  656.534836][T14271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  656.534842][T14271] Call Trace:
[  656.534847][T14271]  <TASK>
[  656.534851][T14271]  dump_stack_lvl+0x100/0x190
[  656.534871][T14271]  should_fail_ex.cold+0x5/0xa
[  656.534884][T14271]  should_failslab+0xc2/0x120
[  656.534895][T14271]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  656.534911][T14271]  ? skb_clone+0x190/0x400
[  656.534927][T14271]  skb_clone+0x190/0x400
[  656.534940][T14271]  netlink_deliver_tap+0xaed/0xcc0
[  656.534956][T14271]  netlink_dump+0x8ca/0xd30
[  656.534975][T14271]  ? __pfx_netlink_dump+0x10/0x10
[  656.534987][T14271]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  656.535007][T14271]  ? __pfx_ethnl_perphy_start+0x10/0x10
[  656.535020][T14271]  ? genl_start+0x67a/0x970
[  656.535037][T14271]  __netlink_dump_start+0x6d6/0x990
[  656.535052][T14271]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  656.535069][T14271]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  656.535089][T14271]  ? __pfx_genl_get_cmd+0x10/0x10
[  656.535116][T14271]  ? __pfx_genl_start+0x10/0x10
[  656.535130][T14271]  ? __pfx_genl_dumpit+0x10/0x10
[  656.535144][T14271]  ? __pfx_genl_done+0x10/0x10
[  656.535159][T14271]  ? __dev_queue_xmit+0x5af/0x4800
[  656.535176][T14271]  ? __radix_tree_lookup+0x217/0x2b0
[  656.535190][T14271]  genl_rcv_msg+0x471/0x800
[  656.535207][T14271]  ? __pfx_genl_rcv_msg+0x10/0x10
[  656.535222][T14271]  ? __pfx_ethnl_perphy_start+0x10/0x10
[  656.535233][T14271]  ? __pfx_ethnl_perphy_dumpit+0x10/0x10
[  656.535244][T14271]  ? __pfx_ethnl_perphy_done+0x10/0x10
[  656.535260][T14271]  netlink_rcv_skb+0x159/0x420
[  656.535274][T14271]  ? __pfx_genl_rcv_msg+0x10/0x10
[  656.535289][T14271]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  656.535309][T14271]  ? netlink_deliver_tap+0x1ae/0xcc0
[  656.535324][T14271]  genl_rcv+0x28/0x40
[  656.535337][T14271]  netlink_unicast+0x5aa/0x870
[  656.535353][T14271]  ? __pfx_netlink_unicast+0x10/0x10
[  656.535366][T14271]  ? __pfx___might_resched+0x10/0x10
[  656.535390][T14271]  netlink_sendmsg+0x8b0/0xda0
[  656.535407][T14271]  ? __pfx_netlink_sendmsg+0x10/0x10
[  656.535422][T14271]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  656.535440][T14271]  ____sys_sendmsg+0xa54/0xc30
[  656.535457][T14271]  ? __pfx_____sys_sendmsg+0x10/0x10
[  656.535480][T14271]  ___sys_sendmsg+0x190/0x1e0
[  656.535496][T14271]  ? __pfx____sys_sendmsg+0x10/0x10
[  656.535531][T14271]  __sys_sendmsg+0x170/0x220
[  656.535544][T14271]  ? __pfx___sys_sendmsg+0x10/0x10
[  656.535562][T14271]  ? __pfx_ksys_write+0x10/0x10
[  656.535582][T14271]  __do_fast_syscall_32+0xe3/0x8c0
[  656.535597][T14271]  do_fast_syscall_32+0x32/0x70
[  656.535610][T14271]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  656.535624][T14271] RIP: 0023:0xf705ef6c
[  656.535633][T14271] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  656.535643][T14271] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  656.535654][T14271] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  656.535660][T14271] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  656.535666][T14271] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  656.535672][T14271] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  656.535678][T14271] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  656.535692][T14271]  </TASK>
[  659.165383][T14288] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2595'.
[  660.952301][T14299] bridge_slave_0: left allmulticast mode
[  660.957179][T14299] bridge_slave_0: left promiscuous mode
[  660.961138][T14299] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.981950][T14299] bridge_slave_1: left allmulticast mode
[  660.984735][T14299] bridge_slave_1: left promiscuous mode
[  660.988600][T14299] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.004292][T10624] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  661.023498][T14299] bond0: (slave bond_slave_0): Releasing backup interface
[  661.097157][T14299] bond0: (slave bond_slave_1): Releasing backup interface
[  661.134283][T14299] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  661.191287][T14299] batman_adv: batadv0: Removing interface: batadv_slave_0
[  661.207218][T14299] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  661.243830][T14299] batman_adv: batadv0: Removing interface: batadv_slave_1
[  661.269457][T14299] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  661.398009][T10624] usb 5-1: unable to get BOS descriptor or descriptor too short
[  661.414506][T10624] usb 5-1: unable to read config index 0 descriptor/start: -71
[  661.422448][T10624] usb 5-1: can't read configurations, error -71
[  664.098317][ T7053] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[  664.259884][ T7053] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  664.264047][ T7053] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  664.268372][ T7053] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  664.271616][ T7053] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  664.275944][ T7053] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  664.281543][ T7053] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  664.284994][ T7053] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  664.288686][ T7053] usb 7-1: Product: syz
[  664.290676][ T7053] usb 7-1: Manufacturer: syz
[  664.298265][ T7053] cdc_wdm 7-1:1.0: skipping garbage
[  664.300888][ T7053] cdc_wdm 7-1:1.0: skipping garbage
[  664.307010][ T7053] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  664.309128][ T7053] cdc_wdm 7-1:1.0: Unknown control protocol
[  664.561312][    C2] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  664.561549][   T10] usb 7-1: USB disconnect, device number 61
[  664.564173][    C2] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  664.564193][    C2] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  664.566423][T14325] cdc_wdm 7-1:1.0: Tx URB error: -19
[  665.105444][T14348] binder: 14347:14348 ioctl 402c542b 80000200 returned -22
[  665.110163][T14348] binder: 14347:14348 ioctl c0306201 800004c0 returned -22
[  665.183252][   T40] kauditd_printk_skb: 332 callbacks suppressed
[  665.183271][   T40] audit: type=1400 audit(1772448568.467:956): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=14349 comm="syz.0.2612"
[  668.977634][   T40] audit: type=1400 audit(1772449085.262:957): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=14387 comm="syz.2.2621"
[  669.618579][T10624] usb 7-1: new full-speed USB device number 62 using dummy_hcd
[  669.809427][T10624] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  669.813044][T10624] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  669.817287][T10624] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  669.828080][T10624] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  669.956188][ T7053] IPVS: starting estimator thread 0...
[  670.048046][T14405] IPVS: using max 44 ests per chain, 105600 per kthread
[  670.098942][T14393] netlink: 'syz.2.2623': attribute type 1 has an invalid length.
[  670.101364][T14393] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2623'.
[  670.107051][T10624] usb 7-1: usb_control_msg returned -32
[  670.110157][T10624] usbtmc 7-1:16.0: can't read capabilities
[  671.104057][T14425] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2623'.
[  672.014468][T14438] syzkaller0: entered promiscuous mode
[  672.016913][T14438] syzkaller0: entered allmulticast mode
[  672.030648][T14438] tipc: Started in network mode
[  672.033064][T14438] tipc: Node identity a6a38d08348b, cluster identity 4711
[  672.036804][T14438] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  672.180186][T14436] tipc: Resetting bearer <eth:syzkaller0>
[  672.200255][T14436] tipc: Disabling bearer <eth:syzkaller0>
[  672.392687][ T6005] usb 7-1: USB disconnect, device number 62
[  675.097936][T12536] usb 5-1: new full-speed USB device number 88 using dummy_hcd
[  675.249505][T12536] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  675.252842][T12536] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  675.257421][T12536] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  675.260988][T12536] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  675.488014][T14474] netlink: 'syz.0.2645': attribute type 1 has an invalid length.
[  675.490816][T14474] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2645'.
[  675.546893][T12536] usb 5-1: usb_control_msg returned -32
[  675.549705][T12536] usbtmc 5-1:16.0: can't read capabilities
[  675.678933][   T40] audit: type=1400 audit(1772450117.971:958): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=14494 comm="syz.1.2651"
[  676.147930][ T6005] usb 6-1: new high-speed USB device number 83 using dummy_hcd
[  676.252813][T14500] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2645'.
[  676.315350][ T6005] usb 6-1: unable to get BOS descriptor or descriptor too short
[  676.319532][ T6005] usb 6-1: unable to read config index 0 descriptor/start: -71
[  676.322391][ T6005] usb 6-1: can't read configurations, error -71
[  677.257314][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2657'.
[  677.263400][T14515] dummy0: entered promiscuous mode
[  677.266775][T14515] dummy0: left promiscuous mode
[  677.502607][   T40] audit: type=1400 audit(1772450119.791:959): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=14524 comm="syz.2.2660"
[  677.658287][   T29] usb 6-1: new high-speed USB device number 85 using dummy_hcd
[  677.817963][   T29] usb 6-1: Using ep0 maxpacket: 8
[  677.824037][   T29] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  677.828077][   T29] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  677.832596][   T29] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  677.844050][   T29] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  677.848348][   T29] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  677.854064][   T29] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  677.858632][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.874940][T13404] usb 5-1: USB disconnect, device number 88
[  678.070266][   T29] usb 6-1: GET_CAPABILITIES returned 0
[  678.073020][   T29] usbtmc 6-1:16.0: can't read capabilities
[  678.344953][T14538] tmpfs: Bad value for 'mpol'
[  678.491161][  T840] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  678.666640][  T840] usb 5-1: unable to get BOS descriptor or descriptor too short
[  678.914549][  T840] usb 5-1: unable to read config index 0 descriptor/start: -71
[  678.917068][  T840] usb 5-1: can't read configurations, error -71
[  679.402164][T14550] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2666'.
[  680.492828][   T50] usb 6-1: USB disconnect, device number 85
[  680.688050][ T6005] usb 7-1: new high-speed USB device number 63 using dummy_hcd
[  680.837698][T14580] netlink: 'syz.1.2677': attribute type 6 has an invalid length.
[  680.868736][T14580] netlink: 'syz.1.2677': attribute type 6 has an invalid length.
[  680.872441][T14581] netlink: 'syz.1.2677': attribute type 6 has an invalid length.
[  681.083617][T14580] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  681.088143][T14580] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  681.097642][T14580] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  681.101073][T14580] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  681.105683][T14580] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  681.112270][T14580] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  681.116118][T14580] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  681.120491][T14580] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  681.124759][T14580] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  681.127519][T14580] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  681.131926][T14580] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  683.128170][T12941] Bluetooth: hci0: command 0x0c1a tx timeout
[  683.130256][T12941] Bluetooth: hci1: command 0x0c1a tx timeout
[  683.132260][T12941] Bluetooth: hci3: command 0x0c1a tx timeout
[  683.134383][ T5953] Bluetooth: hci4: command 0x0406 tx timeout
[  683.177954][ T7053] usb 6-1: new high-speed USB device number 86 using dummy_hcd
[  683.331556][ T7053] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  683.331901][ T6005] usb 7-1: unable to get BOS descriptor or descriptor too short
[  683.337113][ T7053] usb 6-1: config 0 has no interfaces?
[  683.338854][ T6005] usb 7-1: unable to read config index 0 descriptor/start: -71
[  683.342847][ T6005] usb 7-1: can't read configurations, error -71
[  683.353386][ T7053] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  683.356914][ T7053] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  683.366462][ T7053] usb 6-1: Product: syz
[  683.372236][ T7053] usb 6-1: Manufacturer: syz
[  683.377941][ T7053] usb 6-1: SerialNumber: syz
[  683.386632][ T7053] usb 6-1: config 0 descriptor??
[  683.495791][T14605] IPv6: NLM_F_CREATE should be specified when creating new route
[  683.501181][T14607] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  685.210405][   T63] Bluetooth: hci3: command 0x0c1a tx timeout
[  685.213671][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  685.216399][   T63] Bluetooth: hci0: command 0x0c1a tx timeout
[  685.217208][T12941] Bluetooth: hci4: command 0x0406 tx timeout
[  685.341518][   T50] usb 6-1: USB disconnect, device number 86
[  685.867895][   T50] usb 6-1: new full-speed USB device number 87 using dummy_hcd
[  686.020335][   T50] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  686.024761][   T50] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  686.031282][   T50] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  686.035341][   T50] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  686.268751][T14630] netlink: 'syz.1.2689': attribute type 1 has an invalid length.
[  686.272079][T14630] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2689'.
[  686.295772][   T50] usb 6-1: usb_control_msg returned -32
[  686.297691][   T50] usbtmc 6-1:16.0: can't read capabilities
[  686.999907][T14639] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2689'.
[  687.288091][T12941] Bluetooth: hci3: command 0x0c1a tx timeout
[  687.291506][T14626] Bluetooth: hci1: command 0x0c1a tx timeout
[  687.294188][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[  688.557687][ T7053] usb 6-1: USB disconnect, device number 87
[  688.573770][T14654] netlink: 'syz.0.2694': attribute type 1 has an invalid length.
[  688.577325][T14654] nbd: error processing sock list
[  688.586589][T14657] FAULT_INJECTION: forcing a failure.
[  688.586589][T14657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  688.596588][T14657] CPU: 2 UID: 0 PID: 14657 Comm: syz.1.2695 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  688.596619][T14657] Tainted: [L]=SOFTLOCKUP
[  688.596627][T14657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  688.596636][T14657] Call Trace:
[  688.596642][T14657]  <TASK>
[  688.596650][T14657]  dump_stack_lvl+0x100/0x190
[  688.596728][T14657]  should_fail_ex.cold+0x5/0xa
[  688.596751][T14657]  _copy_from_user+0x2e/0xd0
[  688.596807][T14657]  input_event_from_user+0x137/0x290
[  688.596857][T14657]  ? __pfx_input_event_from_user+0x10/0x10
[  688.596885][T14657]  ? input_inject_event+0x1c9/0x3b0
[  688.596910][T14657]  evdev_write+0x27a/0x430
[  688.596936][T14657]  ? __pfx_evdev_write+0x10/0x10
[  688.596956][T14657]  ? bpf_lsm_file_permission+0x9/0x10
[  688.596983][T14657]  ? security_file_permission+0x76/0x210
[  688.597000][T14657]  ? rw_verify_area+0xce/0x6d0
[  688.597027][T14657]  vfs_write+0x2aa/0x1070
[  688.597055][T14657]  ? __pfx_evdev_write+0x10/0x10
[  688.597078][T14657]  ? __pfx_vfs_write+0x10/0x10
[  688.597102][T14657]  ? find_held_lock+0x2b/0x80
[  688.597117][T14657]  ? __fget_files+0x215/0x3d0
[  688.597137][T14657]  ? __fget_files+0x215/0x3d0
[  688.597156][T14657]  ? __fget_files+0x21f/0x3d0
[  688.597179][T14657]  ksys_write+0x1f8/0x250
[  688.597210][T14657]  ? __pfx_ksys_write+0x10/0x10
[  688.597237][T14657]  ? __pfx_ksys_write+0x10/0x10
[  688.597268][T14657]  __do_fast_syscall_32+0xe3/0x8c0
[  688.597321][T14657]  do_fast_syscall_32+0x32/0x70
[  688.597342][T14657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  688.597365][T14657] RIP: 0023:0xf7f28f6c
[  688.597379][T14657] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  688.597396][T14657] RSP: 002b:00000000f53e650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  688.597413][T14657] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  688.597425][T14657] RDX: 000000000000ff0f RSI: 0000000000000000 RDI: 0000000000000000
[  688.597434][T14657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  688.597443][T14657] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  688.597454][T14657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  688.597477][T14657]  </TASK>
[  688.697207][ T6106] usb 8-1: new high-speed USB device number 50 using dummy_hcd
[  688.868064][ T6106] usb 8-1: Using ep0 maxpacket: 16
[  688.872036][ T6106] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  688.875751][ T6106] usb 8-1: config 0 has no interface number 0
[  688.878941][ T6106] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  688.883580][ T6106] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  688.892277][ T6106] usb 8-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d
[  688.896869][ T6106] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.905660][ T6106] usb 8-1: Product: syz
[  688.907638][ T6106] usb 8-1: Manufacturer: syz
[  688.909891][ T6106] usb 8-1: SerialNumber: syz
[  688.923978][ T6106] usb 8-1: config 0 descriptor??
[  688.930544][ T6106] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  689.265163][T14665] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  689.269595][  T840] usb 8-1: USB disconnect, device number 50
[  689.787895][T14677] bridge_slave_0: left allmulticast mode
[  689.789972][T14677] bridge_slave_0: left promiscuous mode
[  689.792228][T14677] bridge0: port 1(bridge_slave_0) entered disabled state
[  689.808547][T14677] bridge_slave_1: left allmulticast mode
[  689.811049][T14677] bridge_slave_1: left promiscuous mode
[  689.813828][T14677] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.839991][T14677] bond0: (slave bond_slave_0): Releasing backup interface
[  689.849977][T14677] bond0: (slave bond_slave_1): Releasing backup interface
[  689.863964][T14677] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  689.866915][T14677] batman_adv: batadv0: Removing interface: batadv_slave_0
[  689.873463][T14677] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  689.876627][T14677] batman_adv: batadv0: Removing interface: batadv_slave_1
[  689.884175][T14677] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  690.573123][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  691.134031][T14692] fuse: Bad value for 'user_id'
[  691.136444][T14692] fuse: Bad value for 'user_id'
[  691.173469][T14692] mac80211_hwsim hwsim11 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  692.154749][T14703] netlink: 'syz.0.2706': attribute type 6 has an invalid length.
[  692.726951][T14711] syzkaller0: entered promiscuous mode
[  692.729184][T14711] syzkaller0: entered allmulticast mode
[  692.791428][T14711] nbd: socks must be embedded in a SOCK_ITEM attr
[  692.798004][T14711] block nbd0: shutting down sockets
[  693.252996][T14726] random: crng reseeded on system resumption
[  693.370565][T14730] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2713'.
[  693.533879][   T46] wlan1: Trigger new scan to find an IBSS to join
[  693.699708][T14734] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2714'.
[  693.733586][T14734] netlink: 'syz.3.2714': attribute type 16 has an invalid length.
[  693.737032][T14734] netlink: 'syz.3.2714': attribute type 17 has an invalid length.
[  693.773518][T14734] bridge0: port 2(bridge_slave_1) entered disabled state
[  693.777135][T14734] bridge0: port 1(bridge_slave_0) entered disabled state
[  693.822113][T14734] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  693.827643][T14734] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  693.894029][T14734] bond2: left allmulticast mode
[  693.896372][ T1147] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  693.907055][ T1147] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  693.910970][ T1147] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  693.914488][ T1147] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.022805][T14740] FAULT_INJECTION: forcing a failure.
[  694.022805][T14740] name failslab, interval 1, probability 0, space 0, times 0
[  694.029313][T14740] CPU: 3 UID: 0 PID: 14740 Comm: syz.1.2716 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  694.029341][T14740] Tainted: [L]=SOFTLOCKUP
[  694.029346][T14740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  694.029356][T14740] Call Trace:
[  694.029362][T14740]  <TASK>
[  694.029368][T14740]  dump_stack_lvl+0x100/0x190
[  694.029396][T14740]  should_fail_ex.cold+0x5/0xa
[  694.029415][T14740]  should_failslab+0xc2/0x120
[  694.029432][T14740]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  694.029455][T14740]  ? __alloc_skb+0x140/0x710
[  694.029475][T14740]  __alloc_skb+0x140/0x710
[  694.029490][T14740]  ? __alloc_skb+0x5b7/0x710
[  694.029505][T14740]  ? __pfx___alloc_skb+0x10/0x10
[  694.029528][T14740]  netlink_alloc_large_skb+0x69/0x150
[  694.029550][T14740]  netlink_sendmsg+0x680/0xda0
[  694.029574][T14740]  ? __pfx_netlink_sendmsg+0x10/0x10
[  694.029596][T14740]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  694.029620][T14740]  ____sys_sendmsg+0xa54/0xc30
[  694.029645][T14740]  ? __pfx_____sys_sendmsg+0x10/0x10
[  694.029676][T14740]  ___sys_sendmsg+0x190/0x1e0
[  694.029699][T14740]  ? __pfx____sys_sendmsg+0x10/0x10
[  694.029750][T14740]  __sys_sendmsg+0x170/0x220
[  694.029770][T14740]  ? __pfx___sys_sendmsg+0x10/0x10
[  694.029796][T14740]  ? __pfx_ksys_write+0x10/0x10
[  694.029826][T14740]  __do_fast_syscall_32+0xe3/0x8c0
[  694.029849][T14740]  do_fast_syscall_32+0x32/0x70
[  694.029868][T14740]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  694.029889][T14740] RIP: 0023:0xf7f28f6c
[  694.029903][T14740] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  694.029918][T14740] RSP: 002b:00000000f53e650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  694.029934][T14740] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  694.029946][T14740] RDX: 000000002000c884 RSI: 0000000000000000 RDI: 0000000000000000
[  694.029955][T14740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  694.029964][T14740] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  694.029973][T14740] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  694.029995][T14740]  </TASK>
[  694.812947][T14750] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  694.821933][T14750] random: crng reseeded on system resumption
[  697.299351][T14777] 9p: Bad value for 'wfdno'
[  700.095148][T14792] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  700.937798][T14804] binder: 14803:14804 ioctl c0306201 80000180 returned -14
[  701.198019][ T7053] IPVS: starting estimator thread 0...
[  701.298008][T14815] IPVS: using max 44 ests per chain, 105600 per kthread
[  701.608061][   T34] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  701.678069][T14825] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2737'.
[  701.774471][   T34] usb 5-1: unable to get BOS descriptor or descriptor too short
[  701.783506][   T34] usb 5-1: unable to read config index 0 descriptor/start: -71
[  701.786890][   T34] usb 5-1: can't read configurations, error -71
[  702.258667][T14829] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  702.261739][T14829] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  702.265783][T14829] vhci_hcd vhci_hcd.0: Device attached
[  702.516906][T14836] openvswitch: netlink: Key type 67 is out of range max 32
[  702.570756][   T29] usb 42-1: SetAddress Request (6) to port 0
[  702.577662][   T29] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd
[  702.949978][T14840] loop2: detected capacity change from 0 to 7
[  703.129001][T14794] Dev loop2: unable to read RDB block 7
[  703.131100][T14794]  loop2: AHDI p1 p2 p3
[  703.379656][T14794] loop2: partition table partially beyond EOD, truncated
[  703.394975][T14794] loop2: p1 start 1601398130 is beyond EOD, truncated
[  703.407085][T14794] loop2: p2 start 1702059890 is beyond EOD, truncated
[  703.534188][T14840] Dev loop2: unable to read RDB block 7
[  703.536844][T14840]  loop2: AHDI p1 p2 p3
[  703.539274][T14840] loop2: partition table partially beyond EOD, truncated
[  703.543195][T14840] loop2: p1 start 1601398130 is beyond EOD, truncated
[  703.557954][T14840] loop2: p2 start 1702059890 is beyond EOD, truncated
[  703.587126][T14847] xt_cgroup: invalid path, errno=-2
[  704.206438][T14830] vhci_hcd: connection reset by peer
[  704.268056][T14280] vhci_hcd vhci_hcd.2: stop threads
[  704.270475][T14280] vhci_hcd vhci_hcd.2: release socket
[  704.274254][T14280] vhci_hcd vhci_hcd.2: disconnect device
[  704.928031][   T50] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[  705.767937][   T50] usb 6-1: Using ep0 maxpacket: 8
[  705.771503][   T50] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  705.774181][   T50] usb 6-1: config 0 has no interface number 0
[  705.776276][   T50] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  705.780766][   T50] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  705.785035][   T50] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  705.792500][   T50] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  705.809759][   T50] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  705.826768][   T50] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  705.837507][   T50] usb 6-1: config 0 descriptor??
[  705.861736][   T50] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  706.038011][   T50] usb 8-1: new high-speed USB device number 51 using dummy_hcd
[  706.114160][ T7053] usb 6-1: USB disconnect, device number 88
[  706.116428][    C2] ldusb 6-1:0.55: usb_submit_urb failed (-19)
[  706.119207][T14861] ldusb 6-1:0.55: Couldn't submit interrupt_out_urb -19
[  706.125463][ T7053] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  706.207210][   T50] usb 8-1: unable to get BOS descriptor or descriptor too short
[  706.218232][   T50] usb 8-1: unable to read config index 0 descriptor/start: -71
[  706.229612][   T50] usb 8-1: can't read configurations, error -71
[  706.451347][T14882] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2752'.
[  706.454915][T14882] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2752'.
[  706.674831][T14884] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2753'.
[  706.719674][T14886] netlink: 'syz.1.2754': attribute type 10 has an invalid length.
[  706.786354][T14888] openvswitch: netlink: Key type 67 is out of range max 32
[  706.989926][T14892] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2756'.
[  706.993755][T14892] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2756'.
[  707.389858][   T40] audit: type=1326 audit(1772452714.674:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.398145][   T40] audit: type=1326 audit(1772452714.674:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.406698][   T40] audit: type=1326 audit(1772452714.674:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=298 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.414668][   T40] audit: type=1326 audit(1772452714.674:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.438274][   T40] audit: type=1326 audit(1772452714.674:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.445523][   T40] audit: type=1326 audit(1772452714.674:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.452983][   T40] audit: type=1326 audit(1772452714.674:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.461182][   T40] audit: type=1326 audit(1772452714.674:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.468569][   T40] audit: type=1326 audit(1772452714.674:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.475666][   T40] audit: type=1326 audit(1772452714.674:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14897 comm="syz.1.2759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28f6c code=0x7ffc0000
[  707.544923][T14904] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2760'.
[  708.450133][   T29] usb 42-1: device descriptor read/8, error -110
[  708.742564][T14926] binder: 14925:14926 ioctl 402c542b 80000200 returned -22
[  708.754492][T14926] binder: 14925:14926 ioctl c0306201 800004c0 returned -22
[  708.859473][   T29] usb usb42-port1: attempt power cycle
[  709.011837][ T5953] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  709.117994][   T34] usb 8-1: new high-speed USB device number 53 using dummy_hcd
[  709.301797][   T34] usb 8-1: unable to get BOS descriptor or descriptor too short
[  709.305072][   T34] usb 8-1: unable to read config index 0 descriptor/start: -71
[  709.308965][   T34] usb 8-1: can't read configurations, error -71
[  709.337908][T12536] usb 6-1: new high-speed USB device number 89 using dummy_hcd
[  709.517912][T12536] usb 6-1: Using ep0 maxpacket: 16
[  709.528762][T12536] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  709.533801][T12536] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  709.537563][T12536] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  709.541037][T12536] usb 6-1: Product: syz
[  709.542776][T12536] usb 6-1: Manufacturer: syz
[  709.544709][T12536] usb 6-1: SerialNumber: syz
[  709.551495][T12536] usb 6-1: config 0 descriptor??
[  709.557743][T12536] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  709.561244][T12536] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  709.860830][T14944] netlink: 35 bytes leftover after parsing attributes in process `syz.3.2771'.
[  709.913458][T14946] ip6gre1: entered promiscuous mode
[  709.915243][T14946] ip6gre1: entered allmulticast mode
[  709.927505][T14946] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2772'.
[  710.009082][ T1147] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  710.012273][ T1147] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  710.038172][T14482] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  710.042789][T14947] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  710.188590][   T29] usb usb42-port1: unable to enumerate USB device
[  710.221098][T12536] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  710.238127][T14482] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  710.458042][   T34] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  710.638765][T12536] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  710.649542][T12536] em28xx 6-1:0.0: board has no eeprom
[  710.937981][T12536] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  710.940931][T12536] em28xx 6-1:0.0: dvb set to bulk mode.
[  710.954726][T14971] binder: 14970:14971 ioctl 402c542b 80000200 returned -22
[  710.959368][T14971] binder: 14970:14971 ioctl c0306201 800004c0 returned -22
[  710.960655][T14482] em28xx 6-1:0.0: Binding DVB extension
[  710.970718][T12536] usb 6-1: USB disconnect, device number 89
[  710.973377][T14971] input: syz0 as /devices/virtual/input/input74
[  710.974830][T12536] em28xx 6-1:0.0: Disconnecting em28xx
[  711.007329][T14482] em28xx 6-1:0.0: Registering input extension
[  711.012065][T12536] em28xx 6-1:0.0: Closing input extension
[  711.025519][T12536] em28xx 6-1:0.0: Freeing device
[  711.095552][T14973] bond1: (slave vxcan1): Device is not bonding slave
[  711.097976][T14973] bond1: option active_slave: invalid value (vxcan1)
[  711.141051][T14973] bond1 (unregistering): Released all slaves
[  713.147592][T15000] nr0: entered promiscuous mode
[  713.184287][T15002] input: syz0 as /devices/virtual/input/input76
[  713.198327][T15003] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  713.200513][T15003] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  713.208494][T15003] vhci_hcd vhci_hcd.0: Device attached
[  713.283024][T15008] binder: 15006:15008 ioctl 402c542b 80000200 returned -22
[  713.295268][T15008] binder: 15006:15008 ioctl c0306201 800004c0 returned -22
[  713.313780][T15008] input: syz0 as /devices/virtual/input/input78
[  713.508178][ T5985] usb 44-1: SetAddress Request (6) to port 0
[  713.519040][ T5985] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  713.697948][ T6106] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[  713.766039][T15004] vhci_hcd: connection reset by peer
[  713.769682][ T1147] vhci_hcd vhci_hcd.3: stop threads
[  713.771493][ T1147] vhci_hcd vhci_hcd.3: release socket
[  713.777991][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  713.778203][ T1147] vhci_hcd vhci_hcd.3: disconnect device
[  713.863414][ T6106] usb 5-1: unable to get BOS descriptor or descriptor too short
[  713.868064][ T6106] usb 5-1: unable to read config index 0 descriptor/start: -71
[  713.871378][ T6106] usb 5-1: can't read configurations, error -71
[  714.007976][   T50] usb 7-1: new high-speed USB device number 65 using dummy_hcd
[  714.186780][   T50] usb 7-1: unable to get BOS descriptor or descriptor too short
[  714.192319][   T50] usb 7-1: unable to read config index 0 descriptor/start: -71
[  714.195870][   T50] usb 7-1: can't read configurations, error -71
[  715.809999][T15045] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2802'.
[  717.004661][T15052] input: syz0 as /devices/virtual/input/input79
[  717.655337][T15059] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2806'.
[  718.647992][ T5985] usb 44-1: device descriptor read/8, error -110
[  718.990129][T15077] siw: device registration error -23
[  719.150422][ T5985] usb usb44-port1: attempt power cycle
[  719.423847][T15082] overlayfs: failed to resolve './bus': -2
[  719.552175][T15088] bond1: Removing last ns target with arp_interval on
[  719.625047][T15088] netlink: 'syz.1.2816': attribute type 13 has an invalid length.
[  719.632741][T15088] veth0_macvtap: left promiscuous mode
[  719.635222][T15088] macvtap0: entered promiscuous mode
[  719.637391][T15088] macvtap0: entered allmulticast mode
[  719.718500][ T5985] usb usb44-port1: unable to enumerate USB device
[  721.001270][T15120] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  721.011567][T15120] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  721.025125][T15120] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  721.038163][T15120] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  721.299719][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  721.511169][T15131] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2830'.
[  721.630899][   T40] kauditd_printk_skb: 13 callbacks suppressed
[  721.630911][   T40] audit: type=1804 audit(1772453754.920:983): pid=15122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2826" name="/newroot/108/bus/file0" dev="overlay" ino=607 res=1 errno=0
[  721.670990][T15132] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2830'.
[  721.688335][T15132] mac80211_hwsim hwsim16 wlan0: entered promiscuous mode
[  721.715723][   T40] audit: type=1804 audit(1772453755.000:984): pid=15120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2826" name="/newroot/108/bus/file0" dev="overlay" ino=607 res=1 errno=0
[  722.592563][T15144] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2835'.
[  722.657569][T15146] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x1
[  723.048188][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[  723.048397][T12941] Bluetooth: hci3: command 0x0c1a tx timeout
[  723.051030][ T5953] Bluetooth: hci4: command 0x0406 tx timeout
[  723.055248][T14626] Bluetooth: hci1: command 0x0c1a tx timeout
[  723.098075][T12536] usb 6-1: new high-speed USB device number 90 using dummy_hcd
[  723.278073][T12536] usb 6-1: unable to get BOS descriptor or descriptor too short
[  723.303914][T12536] usb 6-1: unable to read config index 0 descriptor/start: -71
[  723.306546][T12536] usb 6-1: can't read configurations, error -71
[  723.365650][T15152] tmpfs: Bad value for 'mpol'
[  723.924201][T15161] fuse: root generation should be zero
[  724.088034][ T7053] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[  724.243008][T15169] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2843'.
[  724.288358][T15171] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  724.291294][T15171] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  724.301559][T15174] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2843'.
[  724.308085][T15171] vhci_hcd vhci_hcd.0: Device attached
[  724.388372][ T7053] usb 5-1: unable to get BOS descriptor or descriptor too short
[  724.391638][ T7053] usb 5-1: unable to read config index 0 descriptor/start: -71
[  724.394110][ T7053] usb 5-1: can't read configurations, error -71
[  724.579338][T14470] usb 40-1: SetAddress Request (7) to port 0
[  724.581414][T14470] usb 40-1: new SuperSpeed USB device number 7 using vhci_hcd
[  724.859072][T15172] vhci_hcd: connection reset by peer
[  724.861942][   T12] vhci_hcd vhci_hcd.1: stop threads
[  724.863702][   T12] vhci_hcd vhci_hcd.1: release socket
[  724.865937][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  725.868697][T15207] random: crng reseeded on system resumption
[  726.030640][T15211] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2855'.
[  726.367963][ T7053] usb 8-1: new full-speed USB device number 55 using dummy_hcd
[  726.507967][ T7053] usb 8-1: device descriptor read/64, error -71
[  726.758038][ T7053] usb 8-1: new full-speed USB device number 56 using dummy_hcd
[  726.887920][ T7053] usb 8-1: device descriptor read/64, error -71
[  726.965342][T15224] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2859'.
[  726.999295][ T7053] usb usb8-port1: attempt power cycle
[  727.338119][ T7053] usb 8-1: new full-speed USB device number 57 using dummy_hcd
[  727.358730][ T7053] usb 8-1: device descriptor read/8, error -71
[  727.618054][ T7053] usb 8-1: new full-speed USB device number 58 using dummy_hcd
[  727.638723][ T7053] usb 8-1: device descriptor read/8, error -71
[  727.758311][ T7053] usb usb8-port1: unable to enumerate USB device
[  728.295997][T15247] binder: 15246:15247 ioctl 402c542b 80000200 returned -22
[  728.302961][T15247] binder: 15246:15247 ioctl c0306201 800004c0 returned -22
[  728.328089][T15247] input: syz0 as /devices/virtual/input/input82
[  728.352964][T14978] udevd[14978]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory
[  728.357741][T14978] udevd[14978]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  728.656839][T15251] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2867'.
[  728.987116][T15259] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.090806][T15259] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.225404][T15259] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.329772][T15259] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  729.429241][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  729.442163][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  729.452562][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  729.464306][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  729.608291][T14470] usb 40-1: device descriptor read/8, error -110
[  729.640067][T15274] vivid-000: disconnect
[  729.680578][T15277] vivid-000: reconnect
[  729.765546][T15281] netlink: 120 bytes leftover after parsing attributes in process `syz.3.2872'.
[  729.769178][T15281] netlink: 'syz.3.2872': attribute type 1 has an invalid length.
[  729.998437][T14470] usb usb40-port1: attempt power cycle
[  730.659777][T14470] usb usb40-port1: unable to enumerate USB device
[  730.758864][T15303] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  730.762718][T15303] IPv6: NLM_F_CREATE should be set when creating new route
[  731.069389][T15318] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2884'.
[  731.670554][T15325] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2888'.
[  731.850804][T15325] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2888'.
[  731.983572][T15345] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  731.986471][T15345] IPv6: NLM_F_CREATE should be set when creating new route
[  732.010845][T15347] netlink: 'syz.1.2895': attribute type 1 has an invalid length.
[  732.030309][T15349] netlink: 'syz.2.2898': attribute type 1 has an invalid length.
[  732.047035][T15349] bond2: entered promiscuous mode
[  732.049326][T15349] 8021q: adding VLAN 0 to HW filter on device bond2
[  732.267791][T15359] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2899'.
[  732.271150][T15359] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2899'.
[  732.658473][T15363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2900'.
[  732.666214][T15363] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2900'.
[  734.473129][T15378] 9p: Bad value for 'rfdno'
[  734.497803][T15390] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2910'.
[  734.552629][T15393] syzkaller0: entered promiscuous mode
[  734.555150][T15393] syzkaller0: entered allmulticast mode
[  734.598952][T15395] syz.2.2905 (15395): /proc/15379/oom_adj is deprecated, please use /proc/15379/oom_score_adj instead.
[  734.985186][T15410] tmpfs: Bad value for 'mpol'
[  735.031802][T15395] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  736.659561][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  736.912167][T15455] NILFS (nbd2): device size too small
[  736.980317][T15458] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2917'.
[  738.509745][T15478] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1617207373 (3234414746 ns) > initial count (443187862 ns). Using initial count to start timer.
[  739.033073][T15493] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2921'.
[  739.190045][T10624] IPVS: starting estimator thread 0...
[  739.288086][T15498] IPVS: using max 25 ests per chain, 60000 per kthread
[  741.448210][   T46] wlan1: Trigger new scan to find an IBSS to join
[  743.448002][   T40] audit: type=1326 audit(1772455315.401:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15542 comm="syz.0.2938" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef6c code=0x0
[  743.645746][T15553] netlink: 'syz.1.2940': attribute type 2 has an invalid length.
[  743.648938][T15553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2940'.
[  743.953414][T15561] FAULT_INJECTION: forcing a failure.
[  743.953414][T15561] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  743.960288][T15561] CPU: 1 UID: 0 PID: 15561 Comm: syz.0.2943 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  743.960347][T15561] Tainted: [L]=SOFTLOCKUP
[  743.960354][T15561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  743.960364][T15561] Call Trace:
[  743.960373][T15561]  <TASK>
[  743.960381][T15561]  dump_stack_lvl+0x100/0x190
[  743.960417][T15561]  should_fail_ex.cold+0x5/0xa
[  743.960436][T15561]  ? prepare_alloc_pages+0x16d/0x5f0
[  743.960460][T15561]  should_fail_alloc_page+0xeb/0x140
[  743.960482][T15561]  prepare_alloc_pages+0x1f0/0x5f0
[  743.960507][T15561]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  743.960538][T15561]  ? rcu_is_watching+0x12/0xc0
[  743.960565][T15561]  ? trace_mm_page_alloc+0x17a/0x1d0
[  743.960585][T15561]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  743.960615][T15561]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  743.960643][T15561]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  743.960666][T15561]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  743.960686][T15561]  ? stack_depot_save_flags+0x479/0x9d0
[  743.960710][T15561]  ? kasan_save_stack+0x3f/0x50
[  743.960739][T15561]  ? kasan_save_track+0x14/0x30
[  743.960763][T15561]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  743.960789][T15561]  ? alloc_vmap_area+0x640/0x2bd0
[  743.960806][T15561]  ? __get_vm_area_node+0x1ca/0x330
[  743.960823][T15561]  ? __vmalloc_node_range_noprof+0x213/0x1530
[  743.960850][T15561]  ? __vmalloc_node_noprof+0xad/0xf0
[  743.960869][T15561]  ? __vmalloc_noprof+0xa3/0x120
[  743.960887][T15561]  ? vmalloc_array_noprof+0x43/0x70
[  743.960904][T15561]  ? do_update_counters.isra.0+0x53/0x9c0
[  743.960930][T15561]  ? do_ebt_set_ctl+0x35b/0x3f0
[  743.960956][T15561]  ? __sys_setsockopt+0x119/0x190
[  743.960976][T15561]  ? __ia32_sys_setsockopt+0xbc/0x160
[  743.960999][T15561]  alloc_pages_bulk_noprof+0x782/0x1490
[  743.961037][T15561]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  743.961074][T15561]  ? alloc_pages_noprof+0x233/0x390
[  743.961096][T15561]  __kasan_populate_vmalloc+0xf0/0x210
[  743.961129][T15561]  alloc_vmap_area+0x95d/0x2bd0
[  743.961159][T15561]  ? __pfx_alloc_vmap_area+0x10/0x10
[  743.961185][T15561]  __get_vm_area_node+0x1ca/0x330
[  743.961210][T15561]  __vmalloc_node_range_noprof+0x213/0x1530
[  743.961233][T15561]  ? vmalloc_array_noprof+0x43/0x70
[  743.961258][T15561]  ? vmalloc_array_noprof+0x43/0x70
[  743.961276][T15561]  ? find_held_lock+0x2b/0x80
[  743.961293][T15561]  ? is_bpf_text_address+0x8a/0x1a0
[  743.961320][T15561]  ? is_bpf_text_address+0x8a/0x1a0
[  743.961344][T15561]  ? bpf_ksym_find+0x124/0x1c0
[  743.961364][T15561]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  743.961389][T15561]  ? __lock_acquire+0x4a5/0x2630
[  743.961412][T15561]  ? register_lock_class+0x40/0x560
[  743.961435][T15561]  ? arch_stack_walk+0xa6/0xf0
[  743.961455][T15561]  ? vmalloc_array_noprof+0x43/0x70
[  743.961473][T15561]  __vmalloc_node_noprof+0xad/0xf0
[  743.961494][T15561]  ? vmalloc_array_noprof+0x43/0x70
[  743.961514][T15561]  __vmalloc_noprof+0xa3/0x120
[  743.961535][T15561]  ? __pfx___vmalloc_noprof+0x10/0x10
[  743.961560][T15561]  ? find_held_lock+0x2b/0x80
[  743.961576][T15561]  ? __might_fault+0xc5/0x140
[  743.961602][T15561]  vmalloc_array_noprof+0x43/0x70
[  743.961619][T15561]  do_update_counters.isra.0+0x53/0x9c0
[  743.961652][T15561]  do_ebt_set_ctl+0x35b/0x3f0
[  743.961679][T15561]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[  743.961714][T15561]  ? nf_sockopt_find.isra.0+0x222/0x290
[  743.961745][T15561]  nf_setsockopt+0x8d/0xf0
[  743.961773][T15561]  ip_setsockopt+0xcb/0xf0
[  743.961803][T15561]  tcp_setsockopt+0xa7/0x100
[  743.961830][T15561]  smc_setsockopt+0x1b6/0xa10
[  743.961858][T15561]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  743.961886][T15561]  ? __pfx_smc_setsockopt+0x10/0x10
[  743.961915][T15561]  ? aa_sock_opt_perm+0xfe/0x1b0
[  743.961940][T15561]  ? __pfx_smc_setsockopt+0x10/0x10
[  743.961968][T15561]  do_sock_setsockopt+0xf3/0x1d0
[  743.961997][T15561]  __sys_setsockopt+0x119/0x190
[  743.962022][T15561]  __ia32_sys_setsockopt+0xbc/0x160
[  743.962041][T15561]  ? __do_fast_syscall_32+0x94/0x8c0
[  743.962065][T15561]  ? lockdep_hardirqs_on+0x78/0x100
[  743.962086][T15561]  __do_fast_syscall_32+0xe3/0x8c0
[  743.962111][T15561]  do_fast_syscall_32+0x32/0x70
[  743.962134][T15561]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  743.962157][T15561] RIP: 0023:0xf705ef6c
[  743.962174][T15561] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  743.962191][T15561] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  743.962210][T15561] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000000
[  743.962221][T15561] RDX: 0000000000000081 RSI: 0000000080000100 RDI: 0000000000000090
[  743.962231][T15561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  743.962241][T15561] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  743.962250][T15561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  743.962273][T15561]  </TASK>
[  743.963073][T15561] syz.0.2943: vmalloc error: size 64, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  744.179676][T15561] CPU: 1 UID: 0 PID: 15561 Comm: syz.0.2943 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  744.179705][T15561] Tainted: [L]=SOFTLOCKUP
[  744.179711][T15561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  744.179721][T15561] Call Trace:
[  744.179728][T15561]  <TASK>
[  744.179736][T15561]  dump_stack_lvl+0x100/0x190
[  744.179766][T15561]  warn_alloc.cold+0x95/0x1c1
[  744.179797][T15561]  ? __pfx_warn_alloc+0x10/0x10
[  744.179820][T15561]  ? lockdep_hardirqs_on+0x78/0x100
[  744.179843][T15561]  ? __get_vm_area_node+0x2c5/0x330
[  744.179868][T15561]  ? __get_vm_area_node+0x208/0x330
[  744.179893][T15561]  __vmalloc_node_range_noprof+0xbf4/0x1530
[  744.179923][T15561]  ? vmalloc_array_noprof+0x43/0x70
[  744.179943][T15561]  ? find_held_lock+0x2b/0x80
[  744.179959][T15561]  ? is_bpf_text_address+0x8a/0x1a0
[  744.179984][T15561]  ? is_bpf_text_address+0x8a/0x1a0
[  744.180010][T15561]  ? bpf_ksym_find+0x124/0x1c0
[  744.180030][T15561]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  744.180053][T15561]  ? __lock_acquire+0x4a5/0x2630
[  744.180074][T15561]  ? register_lock_class+0x40/0x560
[  744.180096][T15561]  ? arch_stack_walk+0xa6/0xf0
[  744.180117][T15561]  ? vmalloc_array_noprof+0x43/0x70
[  744.180140][T15561]  __vmalloc_node_noprof+0xad/0xf0
[  744.180162][T15561]  ? vmalloc_array_noprof+0x43/0x70
[  744.180183][T15561]  __vmalloc_noprof+0xa3/0x120
[  744.180205][T15561]  ? __pfx___vmalloc_noprof+0x10/0x10
[  744.180231][T15561]  ? find_held_lock+0x2b/0x80
[  744.180247][T15561]  ? __might_fault+0xc5/0x140
[  744.180275][T15561]  vmalloc_array_noprof+0x43/0x70
[  744.180293][T15561]  do_update_counters.isra.0+0x53/0x9c0
[  744.180352][T15561]  do_ebt_set_ctl+0x35b/0x3f0
[  744.180382][T15561]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[  744.180416][T15561]  ? nf_sockopt_find.isra.0+0x222/0x290
[  744.180445][T15561]  nf_setsockopt+0x8d/0xf0
[  744.180471][T15561]  ip_setsockopt+0xcb/0xf0
[  744.180499][T15561]  tcp_setsockopt+0xa7/0x100
[  744.180519][T15561]  smc_setsockopt+0x1b6/0xa10
[  744.180545][T15561]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  744.180573][T15561]  ? __pfx_smc_setsockopt+0x10/0x10
[  744.180602][T15561]  ? aa_sock_opt_perm+0xfe/0x1b0
[  744.180627][T15561]  ? __pfx_smc_setsockopt+0x10/0x10
[  744.180657][T15561]  do_sock_setsockopt+0xf3/0x1d0
[  744.180687][T15561]  __sys_setsockopt+0x119/0x190
[  744.180714][T15561]  __ia32_sys_setsockopt+0xbc/0x160
[  744.180735][T15561]  ? __do_fast_syscall_32+0x94/0x8c0
[  744.180758][T15561]  ? lockdep_hardirqs_on+0x78/0x100
[  744.180780][T15561]  __do_fast_syscall_32+0xe3/0x8c0
[  744.180807][T15561]  do_fast_syscall_32+0x32/0x70
[  744.180831][T15561]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  744.180856][T15561] RIP: 0023:0xf705ef6c
[  744.180872][T15561] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  744.180890][T15561] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  744.180909][T15561] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000000
[  744.180920][T15561] RDX: 0000000000000081 RSI: 0000000080000100 RDI: 0000000000000090
[  744.180932][T15561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  744.180942][T15561] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  744.180953][T15561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  744.180980][T15561]  </TASK>
[  744.180987][T15561] Mem-Info:
[  744.321044][T15561] active_anon:33338 inactive_anon:1106 isolated_anon:7
[  744.321044][T15561]  active_file:8620 inactive_file:13003 isolated_file:0
[  744.321044][T15561]  unevictable:1761 dirty:1244 writeback:0
[  744.321044][T15561]  slab_reclaimable:7519 slab_unreclaimable:64030
[  744.321044][T15561]  mapped:39029 shmem:32800 pagetables:1245
[  744.321044][T15561]  sec_pagetables:329 bounce:0
[  744.321044][T15561]  kernel_misc_reclaimable:0
[  744.321044][T15561]  free:25051 free_pcp:17545 free_cma:0
[  744.339043][T15561] Node 0 active_anon:48kB inactive_anon:408kB active_file:1092kB inactive_file:2060kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1440kB dirty:60kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7796kB pagetables:1128kB sec_pagetables:1164kB all_unreclaimable? yes Balloon:0kB
[  744.350227][T15561] Node 1 active_anon:137204kB inactive_anon:4016kB active_file:33388kB inactive_file:49952kB unevictable:3508kB isolated(anon):28kB isolated(file):0kB mapped:154676kB dirty:4916kB writeback:0kB shmem:131464kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6420kB pagetables:3852kB sec_pagetables:152kB all_unreclaimable? no Balloon:0kB
[  744.363270][T15561] Node 0 DMA free:4024kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:0kB free_cma:0kB
[  744.373390][T15561] lowmem_reserve[]: 0 285 285 285 285
[  744.375372][T15561] Node 0 DMA32 free:16192kB boost:0kB min:13072kB low:16340kB high:19608kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:408kB active_file:1092kB inactive_file:2060kB unevictable:3536kB writepending:60kB zspages:1664kB present:1032196kB managed:292624kB mlocked:0kB bounce:0kB free_pcp:6928kB local_pcp:2676kB free_cma:0kB
[  744.388240][T15561] lowmem_reserve[]: 0 0 0 0 0
[  744.390214][T15561] Node 1 DMA32 free:78036kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:142304kB inactive_anon:4016kB active_file:33388kB inactive_file:49752kB unevictable:3508kB writepending:4916kB zspages:3708kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:56636kB local_pcp:20096kB free_cma:0kB
[  744.403893][T15561] lowmem_reserve[]: 0 0 0 0 0
[  744.405814][T15561] Node 0 DMA: 226*4kB (UM) 58*8kB (UM) 16*16kB (UM) 23*32kB (UM) 10*64kB (UM) 2*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 4024kB
[  744.412386][T15561] Node 0 DMA32: 66*4kB (ME) 59*8kB (UME) 28*16kB (UME) 109*32kB (UME) 58*64kB (UME) 17*128kB (UME) 4*256kB (UM) 5*512kB (UME) 2*1024kB (UM) 0*2048kB 0*4096kB = 16192kB
[  744.419524][T15561] Node 1 DMA32: 1381*4kB (UME) 1536*8kB (UME) 1289*16kB (UE) 68*32kB (U) 9*64kB (UME) 31*128kB (UME) 27*256kB (UME) 46*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 75620kB
[  744.426748][T15561] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  744.431140][T15561] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  744.435343][T15561] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  744.439592][T15561] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  744.443675][T15561] 59066 total pagecache pages
[  744.446116][T15561] 1722 pages in swap cache
[  744.448141][T15561] Free swap  = 101492kB
[  744.449555][T15561] Total swap = 124996kB
[  744.450932][T15561] 524155 pages RAM
[  744.452279][T15561] 0 pages HighMem/MovableOnly
[  744.453920][T15561] 210106 pages reserved
[  744.455675][T15561] 0 pages cma reserved
[  744.774567][   T46] wlan1: Trigger new scan to find an IBSS to join
[  745.008803][T15568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2945'.
[  745.022027][T15568] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.2945'.
[  745.034475][T15568] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2945'.
[  745.040393][T15568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2945'.
[  746.307925][T15577] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  746.310319][T15577] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  746.314012][T15577] vhci_hcd vhci_hcd.0: Device attached
[  746.353149][T15577] ieee802154 phy1 wpan1: encryption failed: -22
[  746.582450][T15582] binder: 15581:15582 ioctl 402c542b 80000200 returned -22
[  746.586102][T15582] binder: 15581:15582 ioctl c0306201 800004c0 returned -22
[  746.598048][   T34] usb 40-1: SetAddress Request (11) to port 0
[  746.608017][   T34] usb 40-1: new SuperSpeed USB device number 11 using vhci_hcd
[  746.947332][T15579] vhci_hcd: connection reset by peer
[  746.951501][   T60] vhci_hcd vhci_hcd.1: stop threads
[  746.958037][   T60] vhci_hcd vhci_hcd.1: release socket
[  746.960839][   T60] vhci_hcd vhci_hcd.1: disconnect device
[  747.143994][T15597] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2951'.
[  747.347988][T14482] usb 7-1: new high-speed USB device number 67 using dummy_hcd
[  747.507896][T14482] usb 7-1: Using ep0 maxpacket: 32
[  747.511292][T14482] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  747.514298][T14482] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  747.517538][T14482] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  747.520913][T14482] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  747.524209][T14482] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  747.527468][T14482] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  747.532138][T14482] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  747.535366][T14482] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.549444][T14482] usb 7-1: config 0 descriptor??
[  747.646578][T15601] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2953'.
[  747.653373][T15601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2953'.
[  747.770386][T14482] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 67 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  747.788021][T14482] usb 7-1: USB disconnect, device number 67
[  747.795806][T14482] usblp0: removed
[  749.177947][T14482] usb 7-1: new high-speed USB device number 68 using dummy_hcd
[  749.778023][T14482] usb 7-1: device descriptor read/64, error -71
[  750.028200][T14482] usb 7-1: new high-speed USB device number 69 using dummy_hcd
[  750.048325][   T10] usb 8-1: new high-speed USB device number 59 using dummy_hcd
[  750.069517][   T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  750.177914][T14482] usb 7-1: device descriptor read/64, error -71
[  750.188593][T15621] mkiss: ax0: crc mode is auto.
[  750.283058][   T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  750.299261][T14482] usb usb7-port1: attempt power cycle
[  751.026268][   T10] usb 8-1: unable to get BOS descriptor or descriptor too short
[  751.038157][   T10] usb 8-1: unable to read config index 0 descriptor/start: -71
[  751.043288][   T10] usb 8-1: can't read configurations, error -71
[  751.305248][   T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  751.379100][   T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  751.448731][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  751.458113][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  751.462827][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  751.469379][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  751.483640][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  751.688333][   T34] usb 40-1: device descriptor read/8, error -110
[  751.872545][   T13] smc: removing net device bond0 with user defined pnetid SYZ2
[  751.875831][   T13] bond0 (unregistering): Released all slaves
[  751.881236][   T13] bond1 (unregistering): Released all slaves
[  751.948197][T15636] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2965'.
[  752.028707][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  752.088876][   T34] usb usb40-port1: attempt power cycle
[  752.528734][T14482] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[  752.547049][T15629] chnl_net:caif_netlink_parms(): no params data found
[  752.669500][   T34] usb usb40-port1: unable to enumerate USB device
[  752.688282][T14482] usb 5-1: Using ep0 maxpacket: 8
[  752.692675][T14482] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  752.696329][T14482] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  752.708212][T14482] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  752.712895][T14482] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  752.717275][T14482] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  752.726251][T14482] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  752.730849][T14482] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  752.865937][   T13] hsr_slave_0: left promiscuous mode
[  752.874108][   T13] hsr_slave_1: left promiscuous mode
[  752.892181][   T13] veth1_macvtap: left promiscuous mode
[  752.895715][   T13] veth1_vlan: left promiscuous mode
[  752.950432][T14482] usb 5-1: usb_control_msg returned -32
[  752.952502][T14482] usbtmc 5-1:16.0: can't read capabilities
[  753.304062][T15629] bridge0: port 1(bridge_slave_0) entered blocking state
[  753.307286][T15629] bridge0: port 1(bridge_slave_0) entered disabled state
[  753.310979][T15629] bridge_slave_0: entered allmulticast mode
[  753.312601][T15675] trusted_key: encrypted_key: insufficient parameters specified
[  753.315123][T15629] bridge_slave_0: entered promiscuous mode
[  753.323709][T15629] bridge0: port 2(bridge_slave_1) entered blocking state
[  753.326983][T15629] bridge0: port 2(bridge_slave_1) entered disabled state
[  753.330592][T15629] bridge_slave_1: entered allmulticast mode
[  753.336705][T15629] bridge_slave_1: entered promiscuous mode
[  753.375062][T15629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  753.382320][T15629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  753.407563][T15629] team0: Port device team_slave_0 added
[  753.414139][T15629] team0: Port device team_slave_1 added
[  753.439085][T15629] batman_adv: batadv0: Adding interface: batadv_slave_0
[  753.442449][T15629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  753.454043][T15629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  753.460702][T15629] batman_adv: batadv0: Adding interface: batadv_slave_1
[  753.463689][T15629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  753.482484][T15629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  753.543248][T15629] hsr_slave_0: entered promiscuous mode
[  753.546725][T15629] hsr_slave_1: entered promiscuous mode
[  753.557492][T15629] debugfs: 'hsr0' already exists in 'hsr'
[  753.559973][T15629] Cannot create hsr debugfs directory
[  753.742325][T15629] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  753.751178][T15629] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  753.757676][T15629] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  753.764764][T15629] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  753.788134][T15150] Bluetooth: hci0: command tx timeout
[  753.863444][T15629] 8021q: adding VLAN 0 to HW filter on device bond0
[  753.903477][T15629] 8021q: adding VLAN 0 to HW filter on device team0
[  753.912097][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  753.914736][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  753.932964][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  753.935541][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  753.987366][   T13] IPVS: stop unused estimator thread 0...
[  754.125672][T15629] 8021q: adding VLAN 0 to HW filter on device batadv0
[  754.206964][T15695] binder: 15694:15695 ioctl 402c542b 80000200 returned -22
[  754.211052][T15695] binder: 15694:15695 ioctl c0306201 800004c0 returned -22
[  754.379619][T15629] veth0_vlan: entered promiscuous mode
[  754.392178][T15629] veth1_vlan: entered promiscuous mode
[  754.426653][T15629] veth0_macvtap: entered promiscuous mode
[  754.432312][T15629] veth1_macvtap: entered promiscuous mode
[  754.446148][T15629] batman_adv: batadv0: Interface activated: batadv_slave_0
[  754.458785][T15629] batman_adv: batadv0: Interface activated: batadv_slave_1
[  754.473511][   T46] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  754.477201][   T46] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  754.483130][   T46] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  754.489154][   T46] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  754.560371][T15703] kvm: user requested TSC rate below hardware speed
[  754.592960][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  754.596627][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  754.675262][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  754.679283][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  754.828046][   T10] usb 8-1: new high-speed USB device number 61 using dummy_hcd
[  754.978030][   T10] usb 8-1: Using ep0 maxpacket: 8
[  754.983091][   T10] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  754.986397][   T10] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  754.993587][   T10] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  755.001583][   T10] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  755.013721][   T10] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  755.024365][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.270512][   T54] usb 5-1: USB disconnect, device number 97
[  755.351892][   T10] usb 8-1: GET_CAPABILITIES returned 0
[  755.353940][   T10] usbtmc 8-1:16.0: can't read capabilities
[  755.377942][T14470] usb 7-1: new high-speed USB device number 71 using dummy_hcd
[  755.484973][ T7053] e1000 0000:00:06.0 eth0: Reset adapter
[  755.580431][T14470] usb 7-1: unable to get BOS descriptor or descriptor too short
[  755.588511][T14470] usb 7-1: unable to read config index 0 descriptor/start: -71
[  755.602132][T14470] usb 7-1: can't read configurations, error -71
[  755.698726][    C0] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  755.703817][T15702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  755.707611][T15702] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  755.858054][T15150] Bluetooth: hci0: command tx timeout
[  755.860072][   T10] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[  756.146536][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  756.155657][   T10] usb 5-1: unable to read config index 0 descriptor/start: -71
[  756.158639][   T10] usb 5-1: can't read configurations, error -71
[  757.052890][T15749] binder: 15748:15749 ioctl 402c542b 80000200 returned -22
[  757.056722][T15749] binder: 15748:15749 ioctl c0306201 800004c0 returned -22
[  757.284006][ T6005] usb 8-1: USB disconnect, device number 61
[  757.802912][ T6106] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  757.928218][T15150] Bluetooth: hci0: command tx timeout
[  760.008101][T15150] Bluetooth: hci0: command tx timeout
[  764.287363][T15792] Bluetooth: MGMT ver 1.23
[  764.395911][T15804] binder: 15803:15804 ioctl 402c542b 80000200 returned -22
[  764.798545][T12344] usb 7-1: new high-speed USB device number 73 using dummy_hcd
[  764.967999][   T10] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[  765.324671][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  765.338620][   T10] usb 5-1: unable to read config index 0 descriptor/start: -71
[  765.341842][   T10] usb 5-1: can't read configurations, error -71
[  765.471233][T12344] usb 7-1: unable to get BOS descriptor or descriptor too short
[  765.475500][T12344] usb 7-1: unable to read config index 0 descriptor/start: -71
[  765.479170][T12344] usb 7-1: can't read configurations, error -71
[  766.088193][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  766.327943][   T63] Bluetooth: hci0: command 0x0c1a tx timeout
[  766.328112][T15150] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  767.768016][   T40] audit: type=1326 audit(1772455339.871:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.3.2992" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70bef6c code=0x0
[  768.020070][T15850] syzkaller1: entered promiscuous mode
[  768.028038][T15850] syzkaller1: entered allmulticast mode
[  768.046350][T15850] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324
[  768.277721][T15859] binder: 15858:15859 ioctl 402c542b 80000200 returned -22
[  771.365341][   T40] audit: type=1800 audit(1772455856.636:987): pid=15885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3003" name="file0" dev="9p" ino=74973481 res=0 errno=0
[  771.618149][   T10] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  771.780904][   T10] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  771.785176][   T10] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  771.795165][   T10] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  771.801617][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  772.370516][   T40] audit: type=1326 audit(1772455857.656:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15889 comm="syz.0.3005" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef6c code=0x0
[  773.116662][   T10] usb 9-1: usb_control_msg returned -32
[  773.119905][   T10] usbtmc 9-1:16.0: can't read capabilities
[  774.404502][ T5985] usb 9-1: USB disconnect, device number 2
[  774.578046][   T50] usb 8-1: new high-speed USB device number 62 using dummy_hcd
[  774.759418][   T50] usb 8-1: Using ep0 maxpacket: 8
[  774.793930][   T50] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  774.801213][   T50] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  774.804804][   T50] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  774.818159][   T50] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  774.871260][   T50] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  774.888699][   T50] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  774.892729][   T50] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.913285][   T40] audit: type=1326 audit(1772455860.196:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  774.920860][   T40] audit: type=1326 audit(1772455860.196:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  774.930117][   T40] audit: type=1326 audit(1772455860.216:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=402 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  774.937469][   T40] audit: type=1326 audit(1772455860.216:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  774.945207][   T40] audit: type=1326 audit(1772455860.216:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  774.958931][   T40] audit: type=1326 audit(1772455860.216:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  774.974903][   T40] audit: type=1326 audit(1772455860.216:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  774.986183][   T40] audit: type=1326 audit(1772455860.216:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  774.995949][   T40] audit: type=1326 audit(1772455860.226:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  775.006487][   T40] audit: type=1326 audit(1772455860.226:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15908 comm="syz.0.3010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  775.189679][   T50] usb 8-1: GET_CAPABILITIES returned 0
[  775.192653][   T50] usbtmc 8-1:16.0: can't read capabilities
[  775.378012][   T34] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  775.420345][T15905] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  775.425021][T15926] tipc: Resetting bearer <eth:syzkaller0>
[  775.429204][   T54] usb 8-1: USB disconnect, device number 62
[  775.542028][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  775.546925][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  775.550789][   T34] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  775.556057][   T34] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  775.561057][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.568259][   T34] usb 9-1: config 0 descriptor??
[  775.639536][T15904] tipc: Disabling bearer <eth:syzkaller0>
[  775.662942][T15931] syzkaller0: entered promiscuous mode
[  775.664918][T15931] syzkaller0: entered allmulticast mode
[  775.877607][T14470] libceph: connect (1)[c::]:6789 error -101
[  775.885653][T14470] libceph: mon0 (1)[c::]:6789 connect error
[  775.903563][T15935] ceph: No mds server is up or the cluster is laggy
[  776.310655][   T34] usbhid 9-1:0.0: can't add hid device: -71
[  776.312775][   T34] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  776.316413][   T34] usb 9-1: USB disconnect, device number 3
[  776.364144][T15945] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  776.367379][T15945] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  776.374658][T15945] vhci_hcd vhci_hcd.0: Device attached
[  776.381087][T15945] sg_read: process 413 (syz.2.3019) changed security contexts after opening file descriptor, this is not allowed.
[  776.608065][T14470] usb 41-1: new high-speed USB device number 2 using vhci_hcd
[  777.115825][T15946] vhci_hcd: connection reset by peer
[  777.119152][   T13] vhci_hcd vhci_hcd.2: stop threads
[  777.121665][   T13] vhci_hcd vhci_hcd.2: release socket
[  777.124291][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  777.533728][T15961] ip6erspan0: entered allmulticast mode
[  777.660642][T15967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3027'.
[  778.388070][   T50] usb 7-1: new high-speed USB device number 75 using dummy_hcd
[  778.512035][T15993] binder: 15992:15993 ioctl c0306201 800004c0 returned -22
[  778.898165][   T50] usb 7-1: unable to get BOS descriptor or descriptor too short
[  778.901722][   T50] usb 7-1: unable to read config index 0 descriptor/start: -71
[  778.903984][   T50] usb 7-1: can't read configurations, error -71
[  778.967927][   T54] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[  779.098031][   T54] usb 5-1: device descriptor read/64, error -71
[  779.159977][T16006] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  779.303961][T16006] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  779.338023][   T54] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[  779.401414][T16006] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  779.477963][   T54] usb 5-1: device descriptor read/64, error -71
[  779.598503][   T54] usb usb5-port1: attempt power cycle
[  779.806646][T16006] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  779.905786][   T13] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  779.916824][   T13] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  779.932550][   T13] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  779.947969][   T54] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[  779.981959][   T54] usb 5-1: device descriptor read/8, error -71
[  780.084439][   T70] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  781.088079][   T54] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[  781.629100][T16033] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  781.631306][T16033] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  781.634686][T16033] vhci_hcd vhci_hcd.0: Device attached
[  781.771777][   T54] usb 5-1: device descriptor read/8, error -71
[  781.818076][T14470] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  781.855677][T16035] vhci_hcd: connection closed
[  781.855882][ T1147] vhci_hcd vhci_hcd.4: stop threads
[  781.866848][ T1147] vhci_hcd vhci_hcd.4: release socket
[  781.878155][   T54] usb usb5-port1: unable to enumerate USB device
[  781.881288][ T1147] vhci_hcd vhci_hcd.4: disconnect device
[  781.908251][T13404] usb 46-1: enqueue for inactive port 0
[  782.203501][T16041] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3047'.
[  782.208003][   T54] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[  782.369630][   T54] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  782.373423][   T54] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  782.377043][   T54] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  782.381084][   T54] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  782.387703][   T54] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  782.391677][   T54] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.394624][   T54] usb 5-1: Product: syz
[  782.396145][   T54] usb 5-1: Manufacturer: syz
[  782.397771][   T54] usb 5-1: SerialNumber: syz
[  782.398614][T13404] usb usb46-port1: attempt power cycle
[  782.404337][   T54] cdc_mbim 5-1:1.0: skipping garbage
[  782.608598][T16038] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  782.723767][T16048] batadv_slave_1: entered promiscuous mode
[  782.770563][T16046] batadv_slave_1: left promiscuous mode
[  782.968487][T13404] usb usb46-port1: unable to enumerate USB device
[  783.235134][T16038] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  783.441225][   T54] cdc_mbim 5-1:1.0: bind() failure
[  783.445751][   T54] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  783.448543][   T54] cdc_ncm 5-1:1.1: bind() failure
[  783.648601][   T54] usb 5-1: USB disconnect, device number 106
[  784.586311][T16073] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  784.589394][T16073] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  784.594322][T16073] vhci_hcd vhci_hcd.0: Device attached
[  784.599570][T16074] vhci_hcd: connection closed
[  784.600179][ T1147] vhci_hcd vhci_hcd.4: stop threads
[  784.604623][ T1147] vhci_hcd vhci_hcd.4: release socket
[  784.606993][ T1147] vhci_hcd vhci_hcd.4: disconnect device
[  785.604043][T12344] libceph: connect (1)[c::]:6789 error -101
[  785.607037][T12344] libceph: mon0 (1)[c::]:6789 connect error
[  785.646528][T16089] ceph: No mds server is up or the cluster is laggy
[  785.785132][T16094] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  785.900432][T16098] netlink: 'syz.3.3064': attribute type 10 has an invalid length.
[  785.914598][T16098] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  786.408318][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  786.408333][   T40] audit: type=1326 audit(1772456384.685:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16103 comm="syz.0.3066" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef6c code=0x0
[  786.610079][T16115] syzkaller0: entered promiscuous mode
[  786.612611][T16115] syzkaller0: entered allmulticast mode
[  787.481188][T16129] overlay: Unknown parameter 'fscontext'
[  787.772763][T16136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3076'.
[  789.235344][T16173] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3086'.
[  789.576411][T16180] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  789.578610][T16180] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  789.581907][T16180] vhci_hcd vhci_hcd.0: Device attached
[  789.861686][   T50] usb 46-1: SetAddress Request (6) to port 0
[  789.888079][   T50] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd
[  790.191449][T16181] vhci_hcd: connection reset by peer
[  790.193508][   T60] vhci_hcd vhci_hcd.4: stop threads
[  790.195566][   T60] vhci_hcd vhci_hcd.4: release socket
[  790.198671][   T60] vhci_hcd vhci_hcd.4: disconnect device
[  790.516322][T16208] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3095'.
[  791.317975][   T40] audit: type=1326 audit(1772456902.588:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16211 comm="syz.0.3097" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef6c code=0x0
[  791.425518][T16219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3099'.
[  791.952282][T16225] netlink: 'syz.0.3100': attribute type 5 has an invalid length.
[  792.909075][T13404] IPVS: starting estimator thread 0...
[  793.008457][T16252] IPVS: using max 44 ests per chain, 105600 per kthread
[  793.319274][   T40] audit: type=1326 audit(1772456904.608:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16249 comm="syz.2.3108" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707ef6c code=0x0
[  793.698998][T16265] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.3112'.
[  794.217074][T16274] syzkaller0: entered promiscuous mode
[  794.225277][T16274] syzkaller0: entered allmulticast mode
[  794.238157][   T60] syzkaller0: tun_net_xmit 48
[  794.261639][T16280] Cannot find add_set index 2 as target
[  794.739450][T16299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3121'.
[  795.068821][   T50] usb 46-1: device descriptor read/8, error -110
[  795.611226][   T50] usb usb46-port1: attempt power cycle
[  795.729483][T16303] x_tables: ip_tables: osf match: only valid for protocol 6
[  796.198456][   T50] usb usb46-port1: unable to enumerate USB device
[  807.788409][T16305] FAULT_INJECTION: forcing a failure.
[  807.788409][T16305] name failslab, interval 1, probability 0, space 0, times 0
[  807.793238][T16305] CPU: 0 UID: 0 PID: 16305 Comm: syz.0.3124 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  807.793261][T16305] Tainted: [L]=SOFTLOCKUP
[  807.793265][T16305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  807.793272][T16305] Call Trace:
[  807.793279][T16305]  <TASK>
[  807.793284][T16305]  dump_stack_lvl+0x100/0x190
[  807.793308][T16305]  should_fail_ex.cold+0x5/0xa
[  807.793331][T16305]  should_failslab+0xc2/0x120
[  807.793384][T16305]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  807.793409][T16305]  ? security_inode_alloc+0x3b/0x2c0
[  807.793429][T16305]  ? lockdep_init_map_type+0x5c/0x250
[  807.793455][T16305]  security_inode_alloc+0x3b/0x2c0
[  807.793480][T16305]  inode_init_always_gfp+0xced/0x1040
[  807.793501][T16305]  alloc_inode+0x8e/0x250
[  807.793520][T16305]  new_inode+0x22/0x1c0
[  807.793543][T16305]  __debugfs_create_file+0x105/0x4f0
[  807.793574][T16305]  debugfs_create_file_full+0x41/0x60
[  807.793598][T16305]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  807.793611][T16305]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  807.793634][T16305]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  807.793650][T16305]  ? alloc_netdev_mqs+0xd7/0x14f0
[  807.793664][T16305]  ? lockdep_init_map_type+0x5c/0x250
[  807.793679][T16305]  ? __pfx_vlan_setup+0x10/0x10
[  807.793719][T16305]  alloc_netdev_mqs+0x314/0x14f0
[  807.793736][T16305]  rtnl_create_link+0xc13/0xf80
[  807.793788][T16305]  rtnl_newlink+0x13b8/0x2380
[  807.793815][T16305]  ? __pfx_rtnl_newlink+0x10/0x10
[  807.793827][T16305]  ? rcu_is_watching+0x12/0xc0
[  807.793844][T16305]  ? kasan_quarantine_put+0x104/0x240
[  807.793863][T16305]  ? kfree_skbmem+0x19a/0x210
[  807.793878][T16305]  ? kmem_cache_free+0x124/0x6a0
[  807.793899][T16305]  ? find_held_lock+0x2b/0x80
[  807.793922][T16305]  ? find_held_lock+0x2b/0x80
[  807.793932][T16305]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  807.793945][T16305]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  807.793959][T16305]  ? __pfx_rtnl_newlink+0x10/0x10
[  807.793973][T16305]  rtnetlink_rcv_msg+0x95e/0xe90
[  807.793988][T16305]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  807.794006][T16305]  ? ref_tracker_free+0x37e/0x6c0
[  807.794020][T16305]  netlink_rcv_skb+0x159/0x420
[  807.794036][T16305]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  807.794051][T16305]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  807.794070][T16305]  ? netlink_deliver_tap+0x1ae/0xcc0
[  807.794087][T16305]  netlink_unicast+0x5aa/0x870
[  807.794104][T16305]  ? __pfx_netlink_unicast+0x10/0x10
[  807.794124][T16305]  netlink_sendmsg+0x8b0/0xda0
[  807.794141][T16305]  ? __pfx_netlink_sendmsg+0x10/0x10
[  807.794157][T16305]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  807.794175][T16305]  ____sys_sendmsg+0xa54/0xc30
[  807.794194][T16305]  ? __pfx_____sys_sendmsg+0x10/0x10
[  807.794217][T16305]  ___sys_sendmsg+0x190/0x1e0
[  807.794235][T16305]  ? __pfx____sys_sendmsg+0x10/0x10
[  807.794270][T16305]  __sys_sendmsg+0x170/0x220
[  807.794284][T16305]  ? __pfx___sys_sendmsg+0x10/0x10
[  807.794303][T16305]  ? __pfx_ksys_write+0x10/0x10
[  807.794324][T16305]  __do_fast_syscall_32+0xe3/0x8c0
[  807.794342][T16305]  do_fast_syscall_32+0x32/0x70
[  807.794356][T16305]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  807.794370][T16305] RIP: 0023:0xf705ef6c
[  807.794382][T16305] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  807.794393][T16305] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  807.794404][T16305] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000280
[  807.794411][T16305] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  807.794417][T16305] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  807.794424][T16305] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  807.794430][T16305] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  807.794445][T16305]  </TASK>
[  807.794543][T16305] debugfs: out of free dentries, can not create file 'netdev@ffff8880138d2620'
[  808.048164][T16307] ip6gre1: left promiscuous mode
[  808.050448][T16307] ip6gre1: left allmulticast mode
[  808.419781][T16328] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3131'.
[  810.439634][T16334] 9p: Bad value for 'rfdno'
[  810.525222][   T63] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  810.530314][   T63] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  810.535442][   T63] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  810.543270][   T63] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  810.548947][   T63] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  810.948842][T16334] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3133'.
[  811.203257][T15150] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  811.207340][T15150] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  811.212746][T15150] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  811.220026][T15150] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  811.223618][T15150] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  811.318014][   T54] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[  811.479868][   T54] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  811.485102][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  811.490831][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  811.495043][   T54] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  811.500642][   T54] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  811.504324][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  811.515369][   T54] usb 5-1: config 0 descriptor??
[  811.655181][T16335] chnl_net:caif_netlink_parms(): no params data found
[  811.705947][T16347] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  811.710324][T16347] overlayfs: failed to set xattr on upper
[  811.712395][T16347] overlayfs: ...falling back to redirect_dir=nofollow.
[  811.714737][T16347] overlayfs: ...falling back to index=off.
[  811.716744][T16347] overlayfs: ...falling back to uuid=null.
[  811.719173][T16347] overlayfs: maximum fs stacking depth exceeded
[  811.841103][T16335] bridge0: port 1(bridge_slave_0) entered blocking state
[  811.843794][T16335] bridge0: port 1(bridge_slave_0) entered disabled state
[  811.846514][T16335] bridge_slave_0: entered allmulticast mode
[  811.851357][T16335] bridge_slave_0: entered promiscuous mode
[  811.920841][T16335] bridge0: port 2(bridge_slave_1) entered blocking state
[  811.923480][T16335] bridge0: port 2(bridge_slave_1) entered disabled state
[  811.926202][T16335] bridge_slave_1: entered allmulticast mode
[  811.930691][T16335] bridge_slave_1: entered promiscuous mode
[  811.940892][   T54] plantronics 0003:047F:FFFF.0008: ignoring exceeding usage max
[  811.964871][   T54] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  812.050300][T16335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  812.061338][T16335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  812.173213][T16345] chnl_net:caif_netlink_parms(): no params data found
[  812.208905][T16335] team0: Port device team_slave_0 added
[  812.214830][T16335] team0: Port device team_slave_1 added
[  812.295322][T16335] batman_adv: batadv0: Adding interface: batadv_slave_0
[  812.298133][T16335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  812.306644][T16335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  812.324333][T16335] batman_adv: batadv0: Adding interface: batadv_slave_1
[  812.326763][T16335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  812.336834][T16335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  812.568018][T15150] Bluetooth: hci2: command tx timeout
[  812.825208][   T40] audit: type=1326 audit(1772456924.108:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16362 comm="syz.4.3137" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa2f6c code=0x0
[  812.859130][T16308] bond0: (slave syz_tun): Releasing backup interface
[  813.288214][T15150] Bluetooth: hci5: command tx timeout
[  813.450192][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  813.536115][T16345] bridge0: port 1(bridge_slave_0) entered blocking state
[  813.539707][T16345] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.543219][T16345] bridge_slave_0: entered allmulticast mode
[  813.547368][T16345] bridge_slave_0: entered promiscuous mode
[  813.559504][T16345] bridge0: port 2(bridge_slave_1) entered blocking state
[  813.562830][T16345] bridge0: port 2(bridge_slave_1) entered disabled state
[  813.566059][T16345] bridge_slave_1: entered allmulticast mode
[  813.571002][T16345] bridge_slave_1: entered promiscuous mode
[  813.590530][T16335] hsr_slave_0: entered promiscuous mode
[  813.598777][T16335] hsr_slave_1: entered promiscuous mode
[  813.601942][T16335] debugfs: 'hsr0' already exists in 'hsr'
[  813.604627][T16335] Cannot create hsr debugfs directory
[  814.231509][   T40] audit: type=1326 audit(1772456925.518:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.246425][   T40] audit: type=1326 audit(1772456925.528:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.255823][   T40] audit: type=1326 audit(1772456925.528:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.265590][   T40] audit: type=1326 audit(1772456925.528:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.274780][   T40] audit: type=1326 audit(1772456925.528:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.284243][   T40] audit: type=1326 audit(1772456925.528:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.293330][   T40] audit: type=1326 audit(1772456925.528:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.302831][   T40] audit: type=1326 audit(1772456925.528:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.311983][   T40] audit: type=1326 audit(1772456925.528:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16375 comm="syz.0.3139" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  814.579126][   T70] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  814.648256][T15150] Bluetooth: hci2: command tx timeout
[  814.721802][T16345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  814.801788][ T6005] usb 5-1: USB disconnect, device number 107
[  814.926488][T16345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  815.312898][   T70] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  815.368405][T15150] Bluetooth: hci5: command tx timeout
[  815.394716][T16345] team0: Port device team_slave_0 added
[  815.406069][T16345] team0: Port device team_slave_1 added
[  815.434026][T16384] syzkaller0: entered promiscuous mode
[  815.436514][T16384] syzkaller0: entered allmulticast mode
[  816.728073][T15150] Bluetooth: hci2: command tx timeout
[  817.448243][T15150] Bluetooth: hci5: command tx timeout
[  818.361836][T16402] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3143'.
[  818.808052][T15150] Bluetooth: hci2: command tx timeout
[  819.528003][T15150] Bluetooth: hci5: command tx timeout
[  828.609233][T16345] batman_adv: batadv0: Adding interface: batadv_slave_0
[  828.612322][T16345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  828.623786][T16345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  828.710924][T16404] ipt_ECN: cannot use operation on non-tcp rule
[  828.821736][   T70] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  828.996072][T16401] bridge1: entered allmulticast mode
[  829.030079][T16345] batman_adv: batadv0: Adding interface: batadv_slave_1
[  829.032817][T16345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  829.042844][T16345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  829.133803][T16345] hsr_slave_0: entered promiscuous mode
[  829.136779][T16345] hsr_slave_1: entered promiscuous mode
[  829.139974][T16345] debugfs: 'hsr0' already exists in 'hsr'
[  829.142235][T16345] Cannot create hsr debugfs directory
[  829.260576][T16406] xt_connbytes: Forcing CT accounting to be enabled
[  829.263792][T16406] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  829.351801][   T70] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.416963][T16410] loop5: detected capacity change from 0 to 7
[  829.429368][T16410] Dev loop5: unable to read RDB block 7
[  829.431796][T16410]  loop5: unable to read partition table
[  829.434205][T16410] loop5: partition table beyond EOD, truncated
[  829.443834][T16410] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  829.632246][T16335] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  829.786093][T16335] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  830.022601][T16335] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  830.138697][T16335] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  831.375785][   T70] smc: removing net device bond0 with user defined pnetid SYZ2
[  831.392900][   T70] bond0 (unregistering): Released all slaves
[  831.402227][   T70] bond1 (unregistering): Released all slaves
[  831.416297][   T70] bond2 (unregistering): Released all slaves
[  831.580986][T16345] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  831.670320][T16345] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  831.719383][T16345] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  831.739500][T16441] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3149'.
[  831.789076][T16345] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  832.082525][T16335] 8021q: adding VLAN 0 to HW filter on device bond0
[  832.115548][T16335] 8021q: adding VLAN 0 to HW filter on device team0
[  832.128626][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  832.131462][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  832.200056][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  832.203225][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  833.684354][T16345] 8021q: adding VLAN 0 to HW filter on device bond0
[  833.705808][T16345] 8021q: adding VLAN 0 to HW filter on device team0
[  833.743231][T16345] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  833.747075][T16345] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  834.012498][   T40] kauditd_printk_skb: 15 callbacks suppressed
[  834.012511][   T40] audit: type=1326 audit(1772456945.298:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16461 comm="syz.4.3151" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa2f6c code=0x0
[  834.198075][   T70] hsr_slave_0: left promiscuous mode
[  834.257961][   T70] hsr_slave_1: left promiscuous mode
[  834.318748][   T70] veth1_macvtap: left promiscuous mode
[  834.321217][   T70] veth0_macvtap: left promiscuous mode
[  834.323939][   T70] veth1_vlan: left promiscuous mode
[  834.326475][   T70] veth0_vlan: left promiscuous mode
[  835.219230][T16483] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3152'.
[  835.515295][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[  835.518953][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  835.523734][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[  835.526811][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  835.563093][T16335] 8021q: adding VLAN 0 to HW filter on device batadv0
[  835.677548][T16345] 8021q: adding VLAN 0 to HW filter on device batadv0
[  835.816690][T16335] veth0_vlan: entered promiscuous mode
[  835.844698][T16335] veth1_vlan: entered promiscuous mode
[  835.865317][T16335] veth0_macvtap: entered promiscuous mode
[  835.869289][T16335] veth1_macvtap: entered promiscuous mode
[  835.877409][T16335] batman_adv: batadv0: Interface activated: batadv_slave_0
[  835.882632][T16335] batman_adv: batadv0: Interface activated: batadv_slave_1
[  836.766003][   T95] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  836.770186][   T95] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  836.773992][   T95] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  836.777747][   T95] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  837.076004][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  837.083860][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  837.340517][   T95] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  837.344071][   T95] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  837.389843][T16345] veth0_vlan: entered promiscuous mode
[  837.517792][T16345] veth1_vlan: entered promiscuous mode
[  837.529250][   T70] IPVS: stop unused estimator thread 0...
[  837.578036][T16345] veth0_macvtap: entered promiscuous mode
[  837.590083][T16345] veth1_macvtap: entered promiscuous mode
[  837.602592][T16345] batman_adv: batadv0: Interface activated: batadv_slave_0
[  837.610165][T16345] batman_adv: batadv0: Interface activated: batadv_slave_1
[  837.616912][   T46] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  837.622498][   T46] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  837.626844][   T46] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  837.630871][   T46] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  838.119786][   T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  838.123158][   T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  838.143625][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  838.146584][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  839.399745][T16540] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3135'.
[  841.519174][T16553] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  841.632411][T16560] FAULT_INJECTION: forcing a failure.
[  841.632411][T16560] name failslab, interval 1, probability 0, space 0, times 0
[  841.638006][T16560] CPU: 2 UID: 0 PID: 16560 Comm: syz.0.3162 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  841.638035][T16560] Tainted: [L]=SOFTLOCKUP
[  841.638042][T16560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  841.638050][T16560] Call Trace:
[  841.638056][T16560]  <TASK>
[  841.638063][T16560]  dump_stack_lvl+0x100/0x190
[  841.638096][T16560]  should_fail_ex.cold+0x5/0xa
[  841.638118][T16560]  ? __alloc_workqueue+0x148/0x1880
[  841.638136][T16560]  should_failslab+0xc2/0x120
[  841.638154][T16560]  __kmalloc_noprof+0xe0/0x850
[  841.638177][T16560]  ? __mutex_lock+0x26a/0x1b90
[  841.638201][T16560]  __alloc_workqueue+0x148/0x1880
[  841.638222][T16560]  ? __pfx___mutex_lock+0x10/0x10
[  841.638247][T16560]  alloc_workqueue_noprof+0xd2/0x200
[  841.638266][T16560]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  841.638301][T16560]  loop_configure+0xdf6/0x15b0
[  841.638337][T16560]  ? __lock_acquire+0x4a5/0x2630
[  841.638362][T16560]  ? __pfx_loop_configure+0x10/0x10
[  841.638380][T16560]  ? __lock_acquire+0x4a5/0x2630
[  841.638423][T16560]  lo_ioctl+0xcf3/0x1bc0
[  841.638447][T16560]  ? __pfx_lo_ioctl+0x10/0x10
[  841.638472][T16560]  ? tomoyo_path_number_perm+0x46d/0x580
[  841.638501][T16560]  ? kasan_quarantine_put+0x104/0x240
[  841.638525][T16560]  ? blk_get_meta_cap+0xd4/0x6c0
[  841.638545][T16560]  ? __pfx_blk_get_meta_cap+0x10/0x10
[  841.638564][T16560]  ? find_held_lock+0x2b/0x80
[  841.638579][T16560]  ? tomoyo_path_number_perm+0x28f/0x580
[  841.638689][T16560]  lo_compat_ioctl+0xf3/0x160
[  841.638718][T16560]  ? __pfx_lo_compat_ioctl+0x10/0x10
[  841.638735][T16560]  compat_blkdev_ioctl+0x682/0x7b0
[  841.638760][T16560]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  841.638786][T16560]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  841.638807][T16560]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  841.638836][T16560]  __do_fast_syscall_32+0xe3/0x8c0
[  841.638862][T16560]  do_fast_syscall_32+0x32/0x70
[  841.638883][T16560]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  841.638906][T16560] RIP: 0023:0xf705ef6c
[  841.638921][T16560] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  841.638939][T16560] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  841.638956][T16560] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004c0a
[  841.638969][T16560] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  841.638979][T16560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  841.638988][T16560] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  841.639000][T16560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  841.639045][T16560]  </TASK>
[  841.763618][   T70] bridge_slave_1: left allmulticast mode
[  841.765729][   T70] bridge_slave_1: left promiscuous mode
[  841.767802][   T70] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.859536][   T70] bridge_slave_0: left allmulticast mode
[  841.862156][   T70] bridge_slave_0: left promiscuous mode
[  841.864946][   T70] bridge0: port 1(bridge_slave_0) entered disabled state
[  842.018501][T14470] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  842.118073][ T6005] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  842.279944][ T6005] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  842.284173][ T6005] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  842.287706][ T6005] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  842.294329][ T6005] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  842.297477][ T6005] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.300869][ T6005] usb 10-1: Product: syz
[  842.302503][ T6005] usb 10-1: Manufacturer: syz
[  842.304317][ T6005] usb 10-1: SerialNumber: syz
[  842.309795][ T6005] hub 10-1:1.0: bad descriptor, ignoring hub
[  842.311836][ T6005] hub 10-1:1.0: probe with driver hub failed with error -5
[  842.501396][   T70] smc: removing net device bond0 with user defined pnetid SYZ2
[  842.518635][   T70] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  842.528792][ T6005] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  842.628973][   T70] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  842.668519][   T70] bond0 (unregistering): Released all slaves
[  842.673649][   T70] bond1 (unregistering): Released all slaves
[  842.683368][   T70] bond2 (unregistering): Released all slaves
[  842.889276][   T70] tipc: Left network mode
[  843.113405][T14470] usb 9-1: Using ep0 maxpacket: 16
[  843.116854][T14470] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  843.122562][T14470] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  843.125840][T14470] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  843.128979][T14470] usb 9-1: Product: syz
[  843.130411][T14470] usb 9-1: Manufacturer: syz
[  843.131991][T14470] usb 9-1: SerialNumber: syz
[  843.135168][T14470] usb 9-1: config 0 descriptor??
[  843.142114][T14470] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  843.145540][T14470] em28xx 9-1:0.0: DVB interface 0 found: bulk
[  843.256910][T12992] usb 10-1: USB disconnect, device number 2
[  843.261032][T12992] usblp0: removed
[  843.342997][T16557] random: crng reseeded on system resumption
[  843.397980][T12992] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  843.528561][T12992] usb 10-1: device descriptor read/64, error -71
[  843.748391][   T70] hsr_slave_0: left promiscuous mode
[  843.770141][T12992] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[  843.805898][T16609] IPv6: addrconf: prefix option has invalid lifetime
[  843.808294][   T70] hsr_slave_1: left promiscuous mode
[  843.811890][   T70] batman_adv: batadv0: Removing interface: batadv_slave_0
[  843.849016][   T70] batman_adv: batadv0: Removing interface: batadv_slave_1
[  843.909988][T12992] usb 10-1: device descriptor read/64, error -71
[  844.018180][T12992] usb usb10-port1: attempt power cycle
[  844.672696][   T40] audit: type=1326 audit(1772456955.898:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16612 comm="syz.6.3169" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc6f6c code=0x0
[  844.719878][T14470] em28xx 9-1:0.0: unknown em28xx chip ID (0)
[  844.781887][T14470] em28xx 9-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  844.785933][T14470] em28xx 9-1:0.0: board has no eeprom
[  844.847964][T14470] em28xx 9-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  844.851621][T14470] em28xx 9-1:0.0: dvb set to bulk mode.
[  844.855167][   T39] em28xx 9-1:0.0: Binding DVB extension
[  844.900576][   T39] em28xx 9-1:0.0: Registering input extension
[  844.945728][   T39] usb 9-1: USB disconnect, device number 4
[  844.951075][   T39] em28xx 9-1:0.0: Disconnecting em28xx
[  844.953750][   T39] em28xx 9-1:0.0: Closing input extension
[  845.031153][   T39] em28xx 9-1:0.0: Freeing device
[  845.428218][T16631] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3171'.
[  847.510259][T16637] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3174'.
[  847.824678][   T70] IPVS: stop unused estimator thread 0...
[  849.332923][T16680] FAULT_INJECTION: forcing a failure.
[  849.332923][T16680] name failslab, interval 1, probability 0, space 0, times 0
[  849.338854][T16680] CPU: 2 UID: 0 PID: 16680 Comm: syz.4.3177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  849.338885][T16680] Tainted: [L]=SOFTLOCKUP
[  849.338891][T16680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  849.338903][T16680] Call Trace:
[  849.338909][T16680]  <TASK>
[  849.338917][T16680]  dump_stack_lvl+0x100/0x190
[  849.338952][T16680]  should_fail_ex.cold+0x5/0xa
[  849.338973][T16680]  should_failslab+0xc2/0x120
[  849.338990][T16680]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  849.339013][T16680]  ? skb_clone+0x190/0x400
[  849.339039][T16680]  skb_clone+0x190/0x400
[  849.339061][T16680]  netlink_deliver_tap+0xaed/0xcc0
[  849.339090][T16680]  netlink_unicast+0x650/0x870
[  849.339115][T16680]  ? __pfx_netlink_unicast+0x10/0x10
[  849.339136][T16680]  ? __pfx___might_resched+0x10/0x10
[  849.339172][T16680]  netlink_sendmsg+0x8b0/0xda0
[  849.339199][T16680]  ? __pfx_netlink_sendmsg+0x10/0x10
[  849.339225][T16680]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  849.339255][T16680]  ____sys_sendmsg+0xa54/0xc30
[  849.339291][T16680]  ? __pfx_____sys_sendmsg+0x10/0x10
[  849.339334][T16680]  ___sys_sendmsg+0x190/0x1e0
[  849.339400][T16680]  ? __pfx____sys_sendmsg+0x10/0x10
[  849.339458][T16680]  __sys_sendmsg+0x170/0x220
[  849.339481][T16680]  ? __pfx___sys_sendmsg+0x10/0x10
[  849.339511][T16680]  ? __pfx_ksys_write+0x10/0x10
[  849.339544][T16680]  __do_fast_syscall_32+0xe3/0x8c0
[  849.339571][T16680]  do_fast_syscall_32+0x32/0x70
[  849.339592][T16680]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  849.339615][T16680] RIP: 0023:0xf7fa2f6c
[  849.339631][T16680] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  849.339648][T16680] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  849.339666][T16680] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004340
[  849.339677][T16680] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  849.339687][T16680] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  849.339696][T16680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  849.339707][T16680] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  849.339731][T16680]  </TASK>
[  850.788068][   T40] audit: type=1326 audit(1772456961.498:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.0.3178" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef6c code=0x0
[  852.017947][   T40] audit: type=1326 audit(1772456963.258:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16720 comm="syz.5.3183" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffef6c code=0x0
[  852.045913][T16732] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  854.497251][   T40] audit: type=1326 audit(1772456965.778:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16727 comm="syz.0.3184" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef6c code=0x0
[  855.534192][T16746] team0 (unregistering): Port device team_slave_0 removed
[  855.598611][T16746] team0 (unregistering): Port device team_slave_1 removed
[  855.682648][T16748] mtd partition "" doesn't have enough space: 0x20003 < 0x2001f, disabled
[  855.689706][T16748] FAULT_INJECTION: forcing a failure.
[  855.689706][T16748] name failslab, interval 1, probability 0, space 0, times 0
[  855.695536][T16748] CPU: 2 UID: 0 PID: 16748 Comm: syz.0.3187 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  855.695566][T16748] Tainted: [L]=SOFTLOCKUP
[  855.695572][T16748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  855.695582][T16748] Call Trace:
[  855.695590][T16748]  <TASK>
[  855.695600][T16748]  dump_stack_lvl+0x100/0x190
[  855.695634][T16748]  should_fail_ex.cold+0x5/0xa
[  855.695657][T16748]  should_failslab+0xc2/0x120
[  855.695678][T16748]  __kmalloc_cache_noprof+0x7a/0x6f0
[  855.695700][T16748]  ? device_add+0xd3a/0x1950
[  855.695726][T16748]  ? __pfx___debug_object_init+0x10/0x10
[  855.695758][T16748]  device_add+0xd3a/0x1950
[  855.695786][T16748]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  855.695815][T16748]  ? lockdep_init_map_type+0x5c/0x250
[  855.695839][T16748]  ? __pfx_device_add+0x10/0x10
[  855.695866][T16748]  ? lockdep_init_map_type+0x5c/0x250
[  855.695889][T16748]  ? __init_waitqueue_head+0xca/0x150
[  855.695923][T16748]  add_mtd_device+0x928/0x17a0
[  855.695952][T16748]  ? __pfx_add_mtd_device+0x10/0x10
[  855.695981][T16748]  mtd_add_partition+0x30a/0x660
[  855.696008][T16748]  ? __pfx_mtd_add_partition+0x10/0x10
[  855.696029][T16748]  ? __might_fault+0xc5/0x140
[  855.696052][T16748]  ? __might_fault+0xc5/0x140
[  855.696084][T16748]  mtdchar_blkpg_ioctl+0x207/0x250
[  855.696108][T16748]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  855.696158][T16748]  mtdchar_compat_ioctl+0x3d6/0x440
[  855.696186][T16748]  ? find_held_lock+0x2b/0x80
[  855.696204][T16748]  ? __pfx_mtdchar_compat_ioctl+0x10/0x10
[  855.696253][T16748]  ? __pfx_mtdchar_compat_ioctl+0x10/0x10
[  855.696281][T16748]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  855.696312][T16748]  __do_fast_syscall_32+0xe3/0x8c0
[  855.696340][T16748]  do_fast_syscall_32+0x32/0x70
[  855.696364][T16748]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  855.696387][T16748] RIP: 0023:0xf705ef6c
[  855.696403][T16748] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  855.696419][T16748] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  855.696437][T16748] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000001269
[  855.696450][T16748] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  855.696461][T16748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  855.696471][T16748] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  855.696482][T16748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  855.696509][T16748]  </TASK>
[  855.697268][T16748] ------------[ cut here ]------------
[  855.814829][T16748] !list_empty(&mtd->part.node)
[  855.814843][T16748] WARNING: drivers/mtd/mtdpart.c:37 at release_mtd_partition+0x71/0x90, CPU#2: syz.0.3187/16748
[  855.821721][T16748] Modules linked in:
[  855.825400][T16748] CPU: 2 UID: 0 PID: 16748 Comm: syz.0.3187 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  855.830400][T16748] Tainted: [L]=SOFTLOCKUP
[  855.832429][T16748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  855.837088][T16748] RIP: 0010:release_mtd_partition+0x71/0x90
[  855.839875][T16748] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 8f 04 dd fb 48 89 df 5b 5d e9 85 04 dd fb e8 40 94 7d fb 90 <0f> 0b 90 eb c2 e8 15 15 e9 fb eb db 48 89 ef e8 0b 15 e9 fb eb a5
[  855.847987][T16748] RSP: 0000:ffffc900064879c0 EFLAGS: 00010293
[  855.850696][T16748] RAX: 0000000000000000 RBX: ffff88800060d000 RCX: ffffffff8b882df3
[  855.854229][T16748] RDX: ffff888024e38000 RSI: ffffffff868a6660 RDI: ffff88800060d000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  855.858086][T16748] RBP: ffff88800060d650 R08: 0000000000000005 R09: 0000000000000000
[  855.862110][T16748] R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000000
[  855.865793][T16748] R13: dffffc0000000000 R14: ffff88802041ade0 R15: 0000000000000000
[  855.869318][T16748] FS:  0000000000000000(0000) GS:ffff88809734c000(0063) knlGS:00000000f544db40
[  855.873648][T16748] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  855.876533][T16748] CR2: 00000000f7335220 CR3: 000000004e138000 CR4: 0000000000352ef0
[  855.880839][T16748] Call Trace:
[  855.882422][T16748]  <TASK>
[  855.883784][T16748]  mtd_release+0xa0/0xd0
[  855.885760][T16748]  ? __pfx_mtd_release+0x10/0x10
[  855.888101][T16748]  device_release+0xa4/0x240
[  855.890222][T16748]  kobject_put+0x1f7/0x640
[  855.892082][T16748]  put_device+0x1f/0x30
[  855.893683][T16748]  add_mtd_device+0xbd7/0x17a0
[  855.895871][T16748]  ? __pfx_add_mtd_device+0x10/0x10
[  855.898363][T16748]  mtd_add_partition+0x30a/0x660
[  855.900765][T16748]  ? __pfx_mtd_add_partition+0x10/0x10
[  855.902661][T16748]  ? __might_fault+0xc5/0x140
[  855.904692][T16748]  ? __might_fault+0xc5/0x140
[  855.907002][T16748]  mtdchar_blkpg_ioctl+0x207/0x250
[  855.909462][T16748]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  855.911903][T16748]  mtdchar_compat_ioctl+0x3d6/0x440
[  855.914369][T16748]  ? find_held_lock+0x2b/0x80
[  855.916701][T16748]  ? __pfx_mtdchar_compat_ioctl+0x10/0x10
[  855.919670][T16748]  ? __pfx_mtdchar_compat_ioctl+0x10/0x10
[  855.922206][T16748]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  855.924704][T16748]  __do_fast_syscall_32+0xe3/0x8c0
[  855.926973][T16748]  do_fast_syscall_32+0x32/0x70
[  855.929256][T16748]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  855.932131][T16748] RIP: 0023:0xf705ef6c
[  855.933884][T16748] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  855.940926][T16748] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  855.943975][T16748] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000001269
[  855.947378][T16748] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  855.951266][T16748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  855.954826][T16748] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  855.958253][T16748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  855.961794][T16748]  </TASK>
[  855.962857][T16748] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  855.966175][T16748] CPU: 2 UID: 0 PID: 16748 Comm: syz.0.3187 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  855.971112][T16748] Tainted: [L]=SOFTLOCKUP
[  855.973409][T16748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  855.977921][T16748] Call Trace:
[  855.979343][T16748]  <TASK>
[  855.980612][T16748]  dump_stack_lvl+0x100/0x190
[  855.982700][T16748]  vpanic+0x552/0x970
[  855.984453][T16748]  ? __pfx_vpanic+0x10/0x10
[  855.986354][T16748]  panic+0xd1/0xe0
[  855.987837][T16748]  ? __pfx_panic+0x10/0x10
[  855.989685][T16748]  ? check_panic_on_warn+0x1f/0x90
[  855.992055][T16748]  check_panic_on_warn.cold+0x19/0x34
[  855.994542][T16748]  ? release_mtd_partition+0x71/0x90
[  855.996977][T16748]  __warn.cold+0x191/0x348
[  855.998898][T16748]  __report_bug+0x296/0x3d0
[  856.000669][T16748]  ? release_mtd_partition+0x71/0x90
[  856.003208][T16748]  ? __pfx___report_bug+0x10/0x10
[  856.005843][T16748]  ? irqentry_exit+0x180/0x670
[  856.008002][T16748]  ? lockdep_hardirqs_on+0x78/0x100
[  856.010462][T16748]  ? irqentry_exit+0x180/0x670
[  856.012716][T16748]  ? release_mtd_partition+0x71/0x90
[  856.015064][T16748]  ? release_mtd_partition+0x71/0x90
[  856.017226][T16748]  report_bug+0xb2/0x220
[  856.018801][T16748]  ? release_mtd_partition+0x71/0x90
[  856.021208][T16748]  handle_bug+0x166/0x2a0
[  856.023130][T16748]  exc_invalid_op+0x17/0x50
[  856.025439][T16748]  asm_exc_invalid_op+0x1a/0x20
[  856.027495][T16748] RIP: 0010:release_mtd_partition+0x71/0x90
[  856.030046][T16748] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 8f 04 dd fb 48 89 df 5b 5d e9 85 04 dd fb e8 40 94 7d fb 90 <0f> 0b 90 eb c2 e8 15 15 e9 fb eb db 48 89 ef e8 0b 15 e9 fb eb a5
[  856.038102][T16748] RSP: 0000:ffffc900064879c0 EFLAGS: 00010293
[  856.040591][T16748] RAX: 0000000000000000 RBX: ffff88800060d000 RCX: ffffffff8b882df3
[  856.044256][T16748] RDX: ffff888024e38000 RSI: ffffffff868a6660 RDI: ffff88800060d000
[  856.047954][T16748] RBP: ffff88800060d650 R08: 0000000000000005 R09: 0000000000000000
[  856.051656][T16748] R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000000
[  856.055273][T16748] R13: dffffc0000000000 R14: ffff88802041ade0 R15: 0000000000000000
[  856.058702][T16748]  ? delete_node+0x2f3/0x8f0
[  856.060266][T16748]  ? release_mtd_partition+0x70/0x90
[  856.062087][T16748]  mtd_release+0xa0/0xd0
[  856.063656][T16748]  ? __pfx_mtd_release+0x10/0x10
[  856.065824][T16748]  device_release+0xa4/0x240
[  856.067884][T16748]  kobject_put+0x1f7/0x640
[  856.069867][T16748]  put_device+0x1f/0x30
[  856.071831][T16748]  add_mtd_device+0xbd7/0x17a0
[  856.074288][T16748]  ? __pfx_add_mtd_device+0x10/0x10
[  856.076663][T16748]  mtd_add_partition+0x30a/0x660
[  856.078815][T16748]  ? __pfx_mtd_add_partition+0x10/0x10
[  856.081208][T16748]  ? __might_fault+0xc5/0x140
[  856.083426][T16748]  ? __might_fault+0xc5/0x140
[  856.085545][T16748]  mtdchar_blkpg_ioctl+0x207/0x250
[  856.087906][T16748]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  856.090693][T16748]  mtdchar_compat_ioctl+0x3d6/0x440
[  856.093059][T16748]  ? find_held_lock+0x2b/0x80
[  856.095210][T16748]  ? __pfx_mtdchar_compat_ioctl+0x10/0x10
[  856.097693][T16748]  ? __pfx_mtdchar_compat_ioctl+0x10/0x10
[  856.100392][T16748]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  856.102978][T16748]  __do_fast_syscall_32+0xe3/0x8c0
[  856.105386][T16748]  do_fast_syscall_32+0x32/0x70
[  856.107623][T16748]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  856.110518][T16748] RIP: 0023:0xf705ef6c
[  856.112387][T16748] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  856.120960][T16748] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  856.124411][T16748] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000001269
[  856.128018][T16748] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  856.131752][T16748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  856.135314][T16748] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  856.138804][T16748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  856.142375][T16748]  </TASK>
[  856.144653][T16748] Kernel Offset: disabled
[  856.146883][T16748] Rebooting in 86400 seconds..