last executing test programs:

1m42.410408811s ago: executing program 1 (id=1464):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xb0)
socket$xdp(0x2c, 0x3, 0x0)
sync_file_range(r0, 0x800000000976, 0x80, 0x3) (async)
sync_file_range(r0, 0x800000000976, 0x80, 0x3)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2f, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x401, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1m42.309508039s ago: executing program 1 (id=1468):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
r2 = fsopen(&(0x7f0000000180)='gfs2meta\x00', 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f00000000c0)='veth1_to_team\x00', 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendto$inet(r4, 0x0, 0x0, 0x804, &(0x7f0000000080)={0x2, 0xce22, @multicast1}, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x8}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x7f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0x6f, 0x2, [@TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @broadcast}, @TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8035}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000}, 0x44010)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', r5}, 0x94)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8080)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r6, 0xc0f85403, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x3}, 0x0, 0x0, 'id0\x00', 'timer0\x00'})
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='rdma.current\x00', 0x26e1, 0x0)
close(r7)
socket$kcm(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r7, 0x8b19, &(0x7f0000000040)={'batadv_slave_1\x00', @random})
socket(0x25, 0x80000, 0xc)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000140)={@private2, 0x56, r9})
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c000000040601010000000000000000030000050500010007000000050001000700000005000100070000005ad57c0f88bbde32768b636a94b95d1175aaf1ced7372a5de99a666a5276f226c4eb53b6973a603b9d9463bab00ac0dcdb85b74c8804eb0a334f9073061a10d5de37b4edf732a7366d75ec4719e052b5d54eba943ea54fba11607c3dfa838826a85d4211c41570aa709caeedd02dba11106b5a58636e8c77862255df2b496ac05052f00214a62fd30084130c4fa91fcaf83601dda525482ce02a09682894f0c94aceff974813607fefbe16762182ec9c50524a85afdbe57f7cd67d23f3794a8d0b349b0f0bacac7f2696c0ca18f776ac2ed76285beb139eca4c20fe1af3b32d16f12c4430ddcb5ae18a8dedf5c683f3ada306b0ebc96a4b7f3d6297e9168018057cdc95578305548dac50e6f7e6897490c1b32fdffd3351221c93481da1ea343ce1f096edd3198256b0580"], 0x2c}, 0x1, 0x0, 0x0, 0x20000011}, 0x20000084)

1m41.863788242s ago: executing program 1 (id=1469):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x12, r0, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0xca)
setsockopt$ax25_SO_BINDTODEVICE(r1, 0x101, 0x19, &(0x7f0000000240)=@bpq0, 0x10)

1m41.86174456s ago: executing program 1 (id=1471):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r1, 0x5404)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
r2 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1000001, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f00000000c0)={0x980929, 0x800})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r3 = openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000140)={0x40, 0x110, 0x2}, 0x18)
ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000007, 0x40032, 0xffffffffffffffff, 0x40000000)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000380)={0x28, 0x10, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd=r3}, @nested={0x10, 0xf8, 0x0, 0x1, [@typed={0x4, 0xb1}, @typed={0x8, 0x21, 0x0, 0x0, @pid}]}]}, 0x28}], 0x1}, 0x0)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000000c0))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

1m41.628421142s ago: executing program 1 (id=1472):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000008340)={0x2020, 0x0, <r1=>0x0}, 0x206f)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x2000000000000000, {0x0, 0x1b}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)
readv(r2, 0x0, 0x0)

1m41.444437569s ago: executing program 1 (id=1477):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r0, 0x8800000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x53)
close(r1)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
syz_io_uring_setup(0x3d7b, &(0x7f0000000500)={0x0, 0xc04a, 0x800, 0x0, 0x1e6}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000600))
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000040)={&(0x7f0000002000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x80, &(0x7f0000000100)=0xffffffff, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=@newtaction={0xa38, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000, 0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x24c4436d5a174b6d, 0x3}}}}]}, {0x994, 0x1, [@m_csum={0x11c, 0xa, 0x0, 0x0, {{0x9}, {0xc8, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0x2, 0x6, 0x2, 0xb}, 0x1a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7ff, 0x5, 0x0, 0x100}, 0x5d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x7, 0x20000000, 0x800, 0x8f8}, 0xf}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffffffd, 0xff, 0x20000000, 0x3, 0x46}, 0x5c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x800, 0x3, 0xc, 0x5}, 0x8}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x20a, 0x3, 0x1200, 0x8001}, 0x66}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x81, 0x3, 0x0, 0x9}, 0x80}}]}, {0x2a, 0x6, "e94aa55267e187440746537c88d96c8b2c2e69576219b14781faf230d6d290f24fc3cef3f5d5"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_sample={0xe0, 0x13, 0x0, 0x0, {{0xb}, {0x6c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x2, 0x2, 0x20000000, 0xffff}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xa00}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0xfffff801, 0x6, 0xce, 0x3}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xffffffd7}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x1}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x800}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x6}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xecb}]}, {0x4b, 0x6, "a369c531cec0f32a3c10fbf877ec5f486c2b60ce2f574ac006d58b441a32d9d191e225cc817318ff4ba564592662ec80acd1054d82b68403002ab65f9aa377b73c3e6525adf53f"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_skbmod={0x13c, 0x12, 0x0, 0x0, {{0xb}, {0xa8, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x20, 0x2, {{0xfffffffd, 0xfffff0b1, 0x8, 0x7, 0xb}, 0x2}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x4}, @TCA_SKBMOD_DMAC={0xa, 0x3, @random="4119dee80d6f"}, @TCA_SKBMOD_DMAC={0xa, 0x3, @remote}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0xd, 0x1, 0x20000000, 0x401, 0x3ec5}, 0xd}}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0x6, 0x2, 0x2, 0x200, 0x9}, 0x9}}, @TCA_SKBMOD_SMAC={0xa}, @TCA_SKBMOD_SMAC={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}, @TCA_SKBMOD_DMAC={0xa, 0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}}]}, {0x69, 0x6, "e4af2ba8015fc2b74576e5a457bff2f351af08b7e03d59a99f3fa72570f49e969133ef231a30f582890003103bf2e59f3effdb6c0cfbac690a852c5c5bc165a2009426145164443c09a31c47e30b55c410fb41aca456efcb126d52636c3dc253dc3a0e5c55"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_sample={0x11c, 0xe, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x2}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xe0}]}, {0xd5, 0x6, "34afbe24e3ee14af1460a9687f25504744ac54723a1dfce191aa56b6eb6ccf7043589ed4b2b3a850ab0c372ac85f4887c855220c6397ea66c80b017eb9b5aaf2882b05f1dd2f6758a163c97f762be468689f58b482f28afbefe0d8ba44c7ed9343cfa6432720662bffbd29467380b24a2b1eecf10ab52c41888f848e2d5a4996e539fbf920f1db2420be99fcfc8728522e0b6a60aa9c63466d6fdf1170768d9a3734e3b9f396c57c4387ae07756d45f8d570e1008f2e5bdbf2cb3c23b1fd10b57a901b9f330a4b29810363fddcfd842e80"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_sample={0x80, 0x0, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x8000}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x9089}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x4, 0x60, 0x0, 0x9, 0xba}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x2}]}, {0x21, 0x6, "826284b383be548f5cdf92cd77abfc618b3a01bf0a6dc67e19dc0e0b3d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_vlan={0x118, 0x8, 0x0, 0x0, {{0x9}, {0x9c, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0xc, 0x80000000, 0x8, 0x1ff, 0x800000}, 0x3}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xbc4}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x8c3}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x2, 0x5, 0x3, 0x5, 0xad}, 0x2}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x7dc4ff2b0f50e521}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x7, 0x40, 0x6, 0x5, 0x6}, 0x3}}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x1, 0x8, 0x1, 0x3ff, 0x90000}, 0x3}}]}, {0x51, 0x6, "8d9ae37c19e66a2c50705b196a861dc6ee6146206f8c700b366fc891a96d2d8c226be6ce84e37b1ab3e75200ca4c32be9855c13759de87ed6d0a79ca8ad5f8ef8338f2c8bda2ba13ee5d6f0ed4"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_csum={0x1cc, 0x19, 0x0, 0x0, {{0x9}, {0xe4, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x4, 0x2, 0x1, 0xffff0001}, 0x32}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7, 0xd, 0x20000000, 0x401, 0x7}, 0x2}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x2, 0xffffffffffffffff, 0x8, 0xc}, 0x1f}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x80, 0x80, 0xffffffffffffffff, 0x2, 0x6}, 0x63}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x8001, 0x46c5, 0xffffffffffffffff, 0x200, 0xba}, 0x5b}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x830, 0x10, 0x6, 0x0, 0x8}, 0x12}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x61ef, 0xc, 0x8, 0xa, 0x1ccc}, 0x6c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x81, 0x9, 0x4, 0xfffffffe, 0x3de}, 0xe}}]}, {0xbe, 0x6, "ae920733f80009b44206f16be169bdb463c05e9ac426d90e0ed2be7bca85aa08246e4014d227cf7e15f2aea0a7928f47f223c3c415b7ee7c1c70b0fa112d8d2a155000dba8319ef95702d7d4cc7658afc190e8e4c4c9eb202c84bd1ba87e12dce0e961f865317427ce4a297b3db9da21a8361911065a689756b3caa75934e706292ca04ff2817c100731d6b22c8db4ede5629fb7dda7d5b5939bd9034d838fbaa2b711154914a4f3486403c4fc95bd063a17aa96dca2cecc2f1a"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_simple={0x108, 0x1e, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x5, 0x4, 0x8, 0x9, 0x8000}}]}, {0xc4, 0x6, "41aaec8064dfc0cadb524e41c1a339e0d503b65f88a4f64c65f8e989e38623b485e7956a9c7f494dd64fddb0817ba40ed34a593a4863c5fd8db070719bcd0bcaabf592a77cd8c7271ae44e55d8c7d77ac0f067c8466ace7fcf855a934e77ae01369430ce7489c9a51b019e5cd62472b360f3b2ef33fa715d15de62638fe8a3f1598597178aec0bcc66d58a133bf82bd855121dc755bcea63afeeeab5c106e31569128e6fd6c1384af1de274abeb663584ab85848e6e93c0e21a0e2e14bfd5393"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ife={0xd0, 0x19, 0x0, 0x0, {{0x8}, {0x34, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x24, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x9}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0x3}, @IFE_META_PRIO={0x8, 0x3, @val=0xfffffffa}]}, @TCA_IFE_DMAC={0xa, 0x3, @broadcast}]}, {0x76, 0x6, "0cc86c739af982dde4c4039787cc7e0b23ef75bed96313329980b0a468620dcff3d288b95cb3298ba8858d092d0b5030bf967b3a3b1f8a2cee2078dc518e012518f87fd270f7a903f54307de97c9a145ef656c64d724b7c7a621768ecdc5d973911d13b9415961404829e562ce3d0e8f0000"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0xa38}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0)
r8 = accept4(r7, 0x0, 0x0, 0x800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/81, 0x51}], 0x1}, 0x0)
r9 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_INFO(r9, 0x0, 0x80, &(0x7f00000003c0)={'broute\x00', 0x0, 0x0, 0x0, [0x61, 0x10000, 0x9c9, 0xf, 0x4, 0x3]}, &(0x7f00000001c0)=0x50)

1m41.374110182s ago: executing program 32 (id=1477):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r0, 0x8800000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x53)
close(r1)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
syz_io_uring_setup(0x3d7b, &(0x7f0000000500)={0x0, 0xc04a, 0x800, 0x0, 0x1e6}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000600))
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000040)={&(0x7f0000002000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x80, &(0x7f0000000100)=0xffffffff, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=@newtaction={0xa38, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000, 0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x24c4436d5a174b6d, 0x3}}}}]}, {0x994, 0x1, [@m_csum={0x11c, 0xa, 0x0, 0x0, {{0x9}, {0xc8, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0x2, 0x6, 0x2, 0xb}, 0x1a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7ff, 0x5, 0x0, 0x100}, 0x5d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x7, 0x20000000, 0x800, 0x8f8}, 0xf}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffffffd, 0xff, 0x20000000, 0x3, 0x46}, 0x5c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x800, 0x3, 0xc, 0x5}, 0x8}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x20a, 0x3, 0x1200, 0x8001}, 0x66}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x81, 0x3, 0x0, 0x9}, 0x80}}]}, {0x2a, 0x6, "e94aa55267e187440746537c88d96c8b2c2e69576219b14781faf230d6d290f24fc3cef3f5d5"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_sample={0xe0, 0x13, 0x0, 0x0, {{0xb}, {0x6c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x2, 0x2, 0x20000000, 0xffff}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xa00}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0xfffff801, 0x6, 0xce, 0x3}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xffffffd7}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x1}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x800}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x6}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xecb}]}, {0x4b, 0x6, "a369c531cec0f32a3c10fbf877ec5f486c2b60ce2f574ac006d58b441a32d9d191e225cc817318ff4ba564592662ec80acd1054d82b68403002ab65f9aa377b73c3e6525adf53f"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_skbmod={0x13c, 0x12, 0x0, 0x0, {{0xb}, {0xa8, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x20, 0x2, {{0xfffffffd, 0xfffff0b1, 0x8, 0x7, 0xb}, 0x2}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x4}, @TCA_SKBMOD_DMAC={0xa, 0x3, @random="4119dee80d6f"}, @TCA_SKBMOD_DMAC={0xa, 0x3, @remote}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0xd, 0x1, 0x20000000, 0x401, 0x3ec5}, 0xd}}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0x6, 0x2, 0x2, 0x200, 0x9}, 0x9}}, @TCA_SKBMOD_SMAC={0xa}, @TCA_SKBMOD_SMAC={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}, @TCA_SKBMOD_DMAC={0xa, 0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}}]}, {0x69, 0x6, "e4af2ba8015fc2b74576e5a457bff2f351af08b7e03d59a99f3fa72570f49e969133ef231a30f582890003103bf2e59f3effdb6c0cfbac690a852c5c5bc165a2009426145164443c09a31c47e30b55c410fb41aca456efcb126d52636c3dc253dc3a0e5c55"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_sample={0x11c, 0xe, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x2}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xe0}]}, {0xd5, 0x6, "34afbe24e3ee14af1460a9687f25504744ac54723a1dfce191aa56b6eb6ccf7043589ed4b2b3a850ab0c372ac85f4887c855220c6397ea66c80b017eb9b5aaf2882b05f1dd2f6758a163c97f762be468689f58b482f28afbefe0d8ba44c7ed9343cfa6432720662bffbd29467380b24a2b1eecf10ab52c41888f848e2d5a4996e539fbf920f1db2420be99fcfc8728522e0b6a60aa9c63466d6fdf1170768d9a3734e3b9f396c57c4387ae07756d45f8d570e1008f2e5bdbf2cb3c23b1fd10b57a901b9f330a4b29810363fddcfd842e80"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_sample={0x80, 0x0, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x8000}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x9089}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x4, 0x60, 0x0, 0x9, 0xba}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x2}]}, {0x21, 0x6, "826284b383be548f5cdf92cd77abfc618b3a01bf0a6dc67e19dc0e0b3d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_vlan={0x118, 0x8, 0x0, 0x0, {{0x9}, {0x9c, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0xc, 0x80000000, 0x8, 0x1ff, 0x800000}, 0x3}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xbc4}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x8c3}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x2, 0x5, 0x3, 0x5, 0xad}, 0x2}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x7dc4ff2b0f50e521}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x7, 0x40, 0x6, 0x5, 0x6}, 0x3}}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x1, 0x8, 0x1, 0x3ff, 0x90000}, 0x3}}]}, {0x51, 0x6, "8d9ae37c19e66a2c50705b196a861dc6ee6146206f8c700b366fc891a96d2d8c226be6ce84e37b1ab3e75200ca4c32be9855c13759de87ed6d0a79ca8ad5f8ef8338f2c8bda2ba13ee5d6f0ed4"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_csum={0x1cc, 0x19, 0x0, 0x0, {{0x9}, {0xe4, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x4, 0x2, 0x1, 0xffff0001}, 0x32}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7, 0xd, 0x20000000, 0x401, 0x7}, 0x2}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x2, 0xffffffffffffffff, 0x8, 0xc}, 0x1f}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x80, 0x80, 0xffffffffffffffff, 0x2, 0x6}, 0x63}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x8001, 0x46c5, 0xffffffffffffffff, 0x200, 0xba}, 0x5b}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x830, 0x10, 0x6, 0x0, 0x8}, 0x12}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x61ef, 0xc, 0x8, 0xa, 0x1ccc}, 0x6c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x81, 0x9, 0x4, 0xfffffffe, 0x3de}, 0xe}}]}, {0xbe, 0x6, "ae920733f80009b44206f16be169bdb463c05e9ac426d90e0ed2be7bca85aa08246e4014d227cf7e15f2aea0a7928f47f223c3c415b7ee7c1c70b0fa112d8d2a155000dba8319ef95702d7d4cc7658afc190e8e4c4c9eb202c84bd1ba87e12dce0e961f865317427ce4a297b3db9da21a8361911065a689756b3caa75934e706292ca04ff2817c100731d6b22c8db4ede5629fb7dda7d5b5939bd9034d838fbaa2b711154914a4f3486403c4fc95bd063a17aa96dca2cecc2f1a"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_simple={0x108, 0x1e, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x5, 0x4, 0x8, 0x9, 0x8000}}]}, {0xc4, 0x6, "41aaec8064dfc0cadb524e41c1a339e0d503b65f88a4f64c65f8e989e38623b485e7956a9c7f494dd64fddb0817ba40ed34a593a4863c5fd8db070719bcd0bcaabf592a77cd8c7271ae44e55d8c7d77ac0f067c8466ace7fcf855a934e77ae01369430ce7489c9a51b019e5cd62472b360f3b2ef33fa715d15de62638fe8a3f1598597178aec0bcc66d58a133bf82bd855121dc755bcea63afeeeab5c106e31569128e6fd6c1384af1de274abeb663584ab85848e6e93c0e21a0e2e14bfd5393"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ife={0xd0, 0x19, 0x0, 0x0, {{0x8}, {0x34, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x24, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x9}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0x3}, @IFE_META_PRIO={0x8, 0x3, @val=0xfffffffa}]}, @TCA_IFE_DMAC={0xa, 0x3, @broadcast}]}, {0x76, 0x6, "0cc86c739af982dde4c4039787cc7e0b23ef75bed96313329980b0a468620dcff3d288b95cb3298ba8858d092d0b5030bf967b3a3b1f8a2cee2078dc518e012518f87fd270f7a903f54307de97c9a145ef656c64d724b7c7a621768ecdc5d973911d13b9415961404829e562ce3d0e8f0000"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0xa38}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0)
r8 = accept4(r7, 0x0, 0x0, 0x800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/81, 0x51}], 0x1}, 0x0)
r9 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_INFO(r9, 0x0, 0x80, &(0x7f00000003c0)={'broute\x00', 0x0, 0x0, 0x0, [0x61, 0x10000, 0x9c9, 0xf, 0x4, 0x3]}, &(0x7f00000001c0)=0x50)

8.164793728s ago: executing program 3 (id=2003):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000600)=ANY=[@ANYBLOB="24000000000000005a836182c94e8ce04d480ed33826692e4405667af562b242a328eeb9cf7cd6bae2d9a66928c6c2399fe1dd80feba49858b7850f76ef0ddd21c8ca79137874dcdfe5a37b471f3e215fe2aa89b6ad56894046b6536b9d253cf1a0c7a00000001c5e8b44198068d70af71a2a7fb7c6d96213eb5b29d8d08080a05740a9fdd0bb3b1cfa23acbededba90105d15dbf724dfe4bb53eae30bc72500afc039b2ee15b05deec7cfd37738d1e9c627feb7a750252dd847e58870b062023380e1e3c4385b54f65b06d36ca7b5c00743fc2cd897c3c1d1bc1df8390d197e5a5a82"], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r0, &(0x7f0000000200)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0xfffff7ff}, 0x80, 0x0}, 0x5b4}], 0x1, 0x0)

8.081624306s ago: executing program 3 (id=2004):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r0 = socket$l2tp(0x2, 0x2, 0x73)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10167, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000019100)={{{@in=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast2}, 0x0, @in=@initdev}}, 0x0)
lsetxattr$security_capability(&(0x7f0000019080)='./file0\x00', &(0x7f00000190c0), &(0x7f0000019240)=@v3={0x3000000, [{0x9, 0xff6}, {0xd, 0x1000}], r3}, 0x18, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r4, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x4000010)
r6 = syz_open_dev$video4linux(&(0x7f00000007c0), 0x5, 0x20040)
ioctl$VIDIOC_SUBDEV_S_FMT(r6, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x1, 0x0, 0x3009, 0x4, 0x3, 0x0, 0x1, 0x4}})
socket$l2tp(0x2, 0x2, 0x73)
close_range(r0, 0xffffffffffffffff, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, 0x0, 0x40)

6.738477808s ago: executing program 3 (id=2008):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r0 = socket$l2tp(0x2, 0x2, 0x73)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10167, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000019100)={{{@in=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast2}, 0x0, @in=@initdev}}, 0x0)
lsetxattr$security_capability(&(0x7f0000019080)='./file0\x00', &(0x7f00000190c0), &(0x7f0000019240)=@v3={0x3000000, [{0x9, 0xff6}, {0xd, 0x1000}], r3}, 0x18, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r4, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x4000010)
r6 = syz_open_dev$video4linux(&(0x7f00000007c0), 0x5, 0x20040)
ioctl$VIDIOC_SUBDEV_S_FMT(r6, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x1, 0x0, 0x3009, 0x4, 0x3, 0x0, 0x1, 0x4}})
socket$l2tp(0x2, 0x2, 0x73)
close_range(r0, 0xffffffffffffffff, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, 0x0, 0x40)

6.012006807s ago: executing program 3 (id=2013):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) (fail_nth: 2)

5.826221159s ago: executing program 3 (id=2015):
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi2\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000300)={'pcl816\x00', [0x101, 0x2, 0x1, 0x4, 0x1001, 0x4, 0x4, 0xffff, 0x3, 0x104, 0xffffffff, 0x6, 0x101, 0x800800, 0xa239, 0x7fffffff, 0xded9, 0xc7d5, 0x7, 0x40000003, 0x89, 0xcaa7, 0x0, 0x5ca3, 0xb, 0x3, 0x3c, 0xb, 0x6, 0xefcb, 0x8]})
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000bcb7f620e90f01d55023010203010902"], 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

4.500579206s ago: executing program 2 (id=2022):
socket(0x10, 0x803, 0x0) (async)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
close_range(r1, 0xffffffffffffffff, 0x0) (async)
close_range(r1, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r3, 0x4188aec6, &(0x7f0000000040))
dup2(r2, r3)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000003850000002c000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfd, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r5=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x68, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x6}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x3c, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth1_to_team\x00'}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xffc, 0xb709, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004884}, 0x24040084) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x68, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x6}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x3c, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth1_to_team\x00'}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xffc, 0xb709, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004884}, 0x24040084)

3.955397958s ago: executing program 2 (id=2023):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r1 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000140), 0x341941, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'veth1_to_bond\x00', 0x400})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ff4000/0x9000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x9000, 0x2})

3.913747932s ago: executing program 2 (id=2024):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000007d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffff"], 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r2, &(0x7f0000000080)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0xe}, 0x5}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000340)="f2", 0x1}], 0x1}}, {{&(0x7f0000000180)={0xa, 0x4e24, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, 0x1c, &(0x7f0000000400)=[{&(0x7f00000001c0)="17", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r2, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x1000, 0x30}, &(0x7f0000000040)=0xc)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="0c010000160001000000000000000000fe8000000000000000000000000000aaff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe880000000000000000000000000001000000006c000000ffffffff00000000000000000000000000000000000000000900000000000000000000000000000000000000000000000800000000000000000000000000000003000000000000000800000000000000000000000000000000000000000000000000000000040000090400000000000000000000010000000000000000000000000000000a0000000000000000000000000000000c0015005a0735001d0a000008001f0001000000e4b0025824f52ecfa0a851cacbc2c4951f843b27cc665a152bb795fcec672cd83c0e69d67030bcce68b22c7413b2b99735601cd2eef9e808e377c1897ed99cf4485dafff302e1cc72faf6fa462549f459a133321e14d310e30ad1be13ba16867d652eed5dc640bff9bfa37ea770d4a45cb4cc8638c3d34ce3be9cf5a6d3acd88c15358a7f3a3fec00616a751f0"], 0x10c}, 0x1, 0x0, 0x0, 0xc1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r1)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000540)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="10c32900000000dbdf253700000008005700020000000800342b675bd3758e792c34cc5bf858e26599e2cb3688532661feb890f64900270002000000a75f59d89d3639214e59f560db111da535aced570a3768b9995bbd315f65ade2"], 0x2c}, 0x1, 0x0, 0x0, 0x4004000}, 0x40010)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000005c0))
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, 0x0, 0x48050)

3.009633891s ago: executing program 4 (id=2026):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r0 = socket$l2tp(0x2, 0x2, 0x73)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10167, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000019100)={{{@in=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast2}, 0x0, @in=@initdev}}, 0x0)
lsetxattr$security_capability(&(0x7f0000019080)='./file0\x00', &(0x7f00000190c0), &(0x7f0000019240)=@v3={0x3000000, [{0x9, 0xff6}, {0xd, 0x1000}], r3}, 0x18, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r4, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x4000010)
r6 = syz_open_dev$video4linux(&(0x7f00000007c0), 0x5, 0x20040)
ioctl$VIDIOC_SUBDEV_S_FMT(r6, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x1, 0x0, 0x3009, 0x4, 0x3, 0x0, 0x1, 0x4}})
socket$l2tp(0x2, 0x2, 0x73)
close_range(r0, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x8031, 0xffffffffffffffff, 0x0)

2.937415646s ago: executing program 2 (id=2027):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000007d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffff"], 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r2, &(0x7f0000000080)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0xe}, 0x5}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000340)="f2", 0x1}], 0x1}}, {{&(0x7f0000000180)={0xa, 0x4e24, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, 0x1c, &(0x7f0000000400)=[{&(0x7f00000001c0)="17", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r2, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x1000, 0x30}, &(0x7f0000000040)=0xc)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="0c010000160001000000000000000000fe8000000000000000000000000000aaff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe880000000000000000000000000001000000006c000000ffffffff00000000000000000000000000000000000000000900000000000000000000000000000000000000000000000800000000000000000000000000000003000000000000000800000000000000000000000000000000000000000000000000000000040000090400000000000000000000010000000000000000000000000000000a0000000000000000000000000000000c0015005a0735001d0a000008001f0001000000e4b0025824f52ecfa0a851cacbc2c4951f843b27cc665a152bb795fcec672cd83c0e69d67030bcce68b22c7413b2b99735601cd2eef9e808e377c1897ed99cf4485dafff302e1cc72faf6fa462549f459a133321e14d310e30ad1be13ba16867d652eed5dc640bff9bfa37ea770d4a45cb4cc8638c3d34ce3be9cf5a6d3acd88c15358a7f3a3fec00616a751f0"], 0x10c}, 0x1, 0x0, 0x0, 0xc1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r1)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000540)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="10c32900000000dbdf253700000008005700020000000800342b675bd3758e792c34cc5bf858e26599e2cb3688532661feb890f64900270002000000a75f59d89d3639214e59f560db111da535aced570a3768b9995bbd315f65ade2"], 0x2c}, 0x1, 0x0, 0x0, 0x4004000}, 0x40010)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000005c0))
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, 0x0, 0x48050)

2.512868435s ago: executing program 0 (id=2029):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0x9)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x80, @remote}, 0x10)
r1 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r1, 0x88, 0xa, &(0x7f00000002c0), 0x4)
sendmsg(r1, &(0x7f0000000280)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0x6, @remote, 0x8}, 0x80, 0x0}, 0x20000004)
close(r0)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000040)={@rand_addr=0x64010101, 0x1, 0x0, 0x30, 0x0, [{@remote}, {@private}, {@broadcast}]}})

2.378795254s ago: executing program 0 (id=2030):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2042, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4600040000ff1e8c000000000003003e00ecffffff9a0300000000000040000000000000805609000000000000000000000000380001"], 0x78)
close(r0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r1 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x194)
quotactl_fd$Q_QUOTAOFF(r1, 0xffffffff80000301, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f00000004c0)={'#! ', './file0/file0'}, 0x11)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000300)={0x2, {{0x2, 0x2, @multicast2}}, 0x1, 0x3, [{{0x2, 0x4e03, @empty}}, {{0x2, 0x4e22, @remote}}, {{0x2, 0x4e20, @rand_addr=0x64010100}}]}, 0x210)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000840)}, {&(0x7f0000000140)="11d6cb557c8496a2fe7a81f38210bfa9b70ee09c", 0x14}], 0x2}, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

2.36934749s ago: executing program 3 (id=2031):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_80211_inject_frame(0x0, &(0x7f0000000280)=@data_frame={@msdu=@type01={{0x0, 0x2, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0xd}, @device_a, @from_mac=@device_b, @device_b, {0x1, 0xb}, "", @value={0x8, 0x0, 0x1, 0x0, 0x6}, @value=@ver_80211n={0x0, 0x8, 0x1, 0x2, 0x0, 0x2}}, @random="d3507f8507f21e73105585fc7071f90c1533f9dbe3851078e68124875fb35a2545ec52b4fc84d0248956f751ab0887ae24a384ddef35e1f18f8f06c354f77adbf63f8966d14dcf4d25ed70145d6c683312672620f938af1b11f2255255b46704dc745171a4d6b3ed628014fea1d46de7e7e2537d773a2144eab59b0805c4edd1f65b33badddd70312d6190836666e20b4e1f1c045b336fea844431113e693801a3c17afb31fbaf1bd10a5767e105eba51c535423ed86acf1594f4ed458b5e004180a1f46931c670d15643287fbb222382058c3217b5fcb29c7d3229242995c44b535758324b3ac7cdfe260b4c913413a650014698355d0bbc30eb5596d6c30298825d72b0be789439774552c7023c84da975436e0e1c3613daf9fdcd5e8d850fab213c04046fff4058ece51a750666b0f3d7406a669fe246d0a1d199a6bd8b10f155604e4b05db7b185978022807dd5dc0a770d1e3cb3934f27a67808a96d38d07bb83f549d4f56d8e0a58761543d00e12f1d41f6478adc07111d847d9e647f0b9cb10941cec849e329dc93879dc91b69a0406eac96eb95fa504d667af359a2f4c85c523970334e07122b5d344ec754849fe06f57a39a02ebf969f2c20200941033349fd587b96367cccad34710347711066f86d7e011433741de297c0c15db6fd99e17e7325477ce056bf99c8140a12498e7ce9858a4fa7c29449aa4ef5f7dc285448432e53decf930b5100d30e6feb2174db6bd5a60cc0b04dcc47b55c456c95a1460da9bd906e426a4f2bf99e26fb6d9799fa42334f4dd9d7bd8465120d30435d32b00d3c00b373238a5fa1231dec1e6c953b9bc1788077562872d3e93db1ae3f2c78c4013e4a8a7877d7f184a3e8c00196667a594cdceeb292b8296f6916fb65a6d0a4349d37176863844f61946c933da9ffcafdde132e38611d2ff4b788f5236ad73899bbde4d151834d41768ac9673a6be5b461f45d397750b87abf051bc9b70aacc2e2603aed39441018e07f02457b0c1387ac080ec17d4b3f85ed43ecc4420d54aef33419505a148fea2ccabd6199e3cb2e30fcbc01267fe020115aed4c389ade535a521b119fb2ab03a9a14307d7736cada45381fe2e0a9b5b31387f541ba6e873db32124e3d4c8fad79466c558c2c26c74e6574264fd91c556e2dc31e21abeaeefaf2e2f398b8698a64d723158c6b605def8c4c1287df7ccd14da611f698a12225040ff4cc8399969c37e727f1ad3a94fb1519438745d56577944e0afd059bd57a99a5c9d4cc07bf8f205dee3bcf0c70867a6dd9e8020a41db7186c2f48bf404a678f66da73b8a250d51772f66f54ea371ceae59b495a3cba8a570681968ef9251b4ae502b0d8a4f58ba034290bbd4237aee9714871b6e27497ec0bc34eccdaebc19f21eb5504d8f8a156f42d32eea43034fd8456c6d507e98d119319c3c3540e6c481ee76e5abea77495facdab904e7856464b851461c4ab97b9e487a7bcfb26011c104cc1652adfc2524ededae396f9b71283f077a9489578e9100a6d735e8b3f1c7ad01fdc5a6d0692c6aadcba048fe9672c379e4da7c908375c6799cf409e4ad8cd013"}, 0x488)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_test', 0x84c0, 0x1a2)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000740)="a6cdcb01272242119cdefa2dce0b776ee08609bc6a5a717ce7462ad0d6e1bf888fb03c97d88a8cfb3b7b6960a2cebb1eb6196cb790bb9719f1f2b91024b5e0778d3c321e2b9c4c217b9d7bcc27c4ae9c4f1360d53432f636798923cf398ff44f0c69271093261b1a2de696c6352d0c40c647d88716e35c7ee14b3a676ff87a296ab94a8aaf16ff6a531ee87bc52e190817dbf70b78ace06116e051e36fe462774226912301db9a8d02e04888ea674e43814b5ed30b2692797b587e761490b1a19a368cd7d20382b66e9180a814a0ea238038ee7487d4f73dd31520d6adef8df6f87a49ecd6b1172097b6591955f6fe767615fb863d8ef8e82a7b97a02086", 0xfe}, {&(0x7f0000000900)="19dbf161133f4ea2da7fcf587a61c87aab346831164f642b1d581646b9e38fb7e709a8ccc1172b1feec7cda13785ddc3b78f51e44d25bf5278d8366d2c6a9b4be786cf31ead661108ae7909b975d5a77f879cd53a3446fda26d78efc74de50c7d7ab87dc164d58be12d1885fd00c9050893df5a08ce7d58b2a5303ad21ce5ea7d41f7b81c3e4b2bc380541dbd5b6e4b1faecfe8d47b076636dd55f9c1ade257ed5c4aa620cf0f879cae2f93907019f3bce789e07912a38a637461647e84260ad8537adf0d633c7daaba4cca06e6289b751", 0xfffffffffffffea0}, {&(0x7f00000000c0)}], 0x3)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'veth0_to_bridge\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0xffe5}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x12}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2004c849}, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r7, 0x0, 0x83, &(0x7f0000000480)={'broute\x00', 0x0, 0xfffffffc, 0x30, [0x2, 0xfffffffffffffffc, 0x4e83, 0x8, 0x9, 0x4], 0xfffffdb4, 0x0, 0x0}, &(0x7f0000000c80)=0xa8)

2.261782779s ago: executing program 0 (id=2032):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000004580)=@raw={'raw\x00', 0x9, 0x3, 0x240, 0x0, 0xffffffff, 0xffffffff, 0xf8, 0xffffffff, 0x1f8, 0xffffffff, 0xffffffff, 0x1f8, 0xffffffff, 0x3, 0x0, {[{{@ip={@broadcast, @broadcast, 0xff, 0xffffff00, 'team0\x00', 'veth0\x00', {}, {0xff}, 0x11, 0x2, 0x8ec61fc4e1c84de5}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @multicast, 0x5, 0xa, [0x2, 0xc, 0x3e, 0x2a, 0x24, 0x18, 0x3d, 0x38, 0xc, 0xf, 0x33, 0x2d, 0x0, 0x29, 0x3f, 0x27], 0x2, 0x2, 0x9}}}, {{@ip={@empty, @empty, 0xff000000, 0xff, 'ip6gretap0\x00', 'bond_slave_1\x00', {0xff}, {}, 0x21, 0x2, 0x40}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x8, 0x1, 0x5, 0x3, 'syz0\x00', 'syz1\x00', {0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)

2.1600098s ago: executing program 4 (id=2033):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000300)={0x0, "030000000000000023000000debd12ffff00000004000000001020000400"})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000100)=0x2c0000)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x20000, 0x0}, &(0x7f0000000240)="948d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r4, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32340d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x40080)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xfffff000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

2.159757439s ago: executing program 0 (id=2034):
mq_open(&(0x7f0000000000)='e_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x7, 0x10000, 0x8})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, 0x0, 0x0}, 0x20)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x845, 0x9, 0xfffffffffffffffd, 0x8, 0x10000, 0x0, 0x4002004c2, 0x2000000000fff, 0x1400000000000000, 0x0, 0x3fd, 0x80, 0x3, 0x0, 0x8, 0x4000000000008d], 0x100000, 0x80})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.055747775s ago: executing program 2 (id=2035):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000007d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffff"], 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r2, &(0x7f0000000080)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x9, @dev={0xfe, 0x80, '\x00', 0xe}, 0x5}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000340)="f2", 0x1}], 0x1}}, {{&(0x7f0000000180)={0xa, 0x4e24, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, 0x1c, &(0x7f0000000400)=[{&(0x7f00000001c0)="17", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r2, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x1000, 0x30}, &(0x7f0000000040)=0xc)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="0c010000160001000000000000000000fe8000000000000000000000000000aaff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe880000000000000000000000000001000000006c000000ffffffff00000000000000000000000000000000000000000900000000000000000000000000000000000000000000000800000000000000000000000000000003000000000000000800000000000000000000000000000000000000000000000000000000040000090400000000000000000000010000000000000000000000000000000a0000000000000000000000000000000c0015005a0735001d0a000008001f0001000000e4b0025824f52ecfa0a851cacbc2c4951f843b27cc665a152bb795fcec672cd83c0e69d67030bcce68b22c7413b2b99735601cd2eef9e808e377c1897ed99cf4485dafff302e1cc72faf6fa462549f459a133321e14d310e30ad1be13ba16867d652eed5dc640bff9bfa37ea770d4a45cb4cc8638c3d34ce3be9cf5a6d3acd88c15358a7f3a3fec00616a751f0"], 0x10c}, 0x1, 0x0, 0x0, 0xc1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r1)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000540)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="10c32900000000dbdf253700000008005700020000000800342b675bd3758e792c34cc5bf858e26599e2cb3688532661feb890f64900270002000000a75f59d89d3639214e59f560db111da535aced570a3768b9995bbd315f65ade2"], 0x2c}, 0x1, 0x0, 0x0, 0x4004000}, 0x40010)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000005c0))
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, 0x0, 0x48050)

970.150412ms ago: executing program 4 (id=2036):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="140100002f00011b00000000ecdbdf2501"], 0x114}], 0x1, 0x0, 0x0, 0x4001}, 0x20000000)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0xa8, 0x2f, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x96, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bf", @typed={0x4, 0xe9}]}]}, 0xa8}], 0x1, 0x0, 0x0, 0x1}, 0x0)
recvfrom(r0, 0x0, 0x0, 0x42, 0x0, 0x0)

845.198337ms ago: executing program 4 (id=2037):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r0 = socket$l2tp(0x2, 0x2, 0x73)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10167, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000019100)={{{@in=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast2}, 0x0, @in=@initdev}}, 0x0)
lsetxattr$security_capability(&(0x7f0000019080)='./file0\x00', &(0x7f00000190c0), &(0x7f0000019240)=@v3={0x3000000, [{0x9, 0xff6}, {0xd, 0x1000}], r3}, 0x18, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r4, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x4000010)
r6 = syz_open_dev$video4linux(&(0x7f00000007c0), 0x5, 0x20040)
ioctl$VIDIOC_SUBDEV_S_FMT(r6, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x1, 0x0, 0x3009, 0x4, 0x3, 0x0, 0x1, 0x4}})
socket$l2tp(0x2, 0x2, 0x73)
close_range(r0, 0xffffffffffffffff, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, 0x0, 0x40)

228.890662ms ago: executing program 4 (id=2038):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000080))
syz_open_dev$admmidi(&(0x7f00000001c0), 0x20, 0x0)
r2 = socket$caif_seqpacket(0x25, 0x5, 0x7)
tee(0xffffffffffffffff, r2, 0x8, 0x6)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x402c4580, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0xa, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))
sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="f257a8ea7bc273dfaeab96", 0xb, 0x0, 0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010000000000000000000000ffffac1414eb09bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900891823ed51b1ac9b5f"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45)
r5 = accept4(r3, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0xfffffffffffffcf5)
readv(r5, &(0x7f0000000140)=[{&(0x7f0000000600)=""/152, 0x98}], 0x1)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000280)={0x2c, @broadcast, 0x4e22, 0x2, 'nq\x00', 0x20, 0x5735cfcd, 0x52}, 0x2c)
recvmmsg(r5, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000740)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20,serpent)\x00'}, 0x4e)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x3, 0x44, 0x0, 0x7fff0026}]})
close_range(r6, 0xffffffffffffffff, 0x0)

156.946649ms ago: executing program 4 (id=2039):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000300)={0x0, "030000000000000023000000debd12ffff00000004000000001020000400"})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000100)=0x2c0000)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x20000, 0x0}, &(0x7f0000000240)="948d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff0800090000000000080011000000000008000e00800000000800", @ANYRES64=r3], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r5, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32340d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x40080)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

73.70512ms ago: executing program 0 (id=2040):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x15, 0x1, 0x70bd26, 0x25dfdbff, {0xa}, [@typed={0x8, 0x1, 0x0, 0x0, @ipv4=@broadcast}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x40010) (async)
mprotect(&(0x7f0000bdf000/0x1000)=nil, 0x1000, 0x2000000)
syz_clone(0x110e2400, 0x0, 0x0, 0x0, 0x0, 0x0)

72.876965ms ago: executing program 2 (id=2041):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r0 = socket$l2tp(0x2, 0x2, 0x73)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10167, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000019100)={{{@in=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast2}, 0x0, @in=@initdev}}, 0x0)
lsetxattr$security_capability(&(0x7f0000019080)='./file0\x00', &(0x7f00000190c0), &(0x7f0000019240)=@v3={0x3000000, [{0x9, 0xff6}, {0xd, 0x1000}], r3}, 0x18, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r4, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x4000010)
r6 = syz_open_dev$video4linux(&(0x7f00000007c0), 0x5, 0x20040)
ioctl$VIDIOC_SUBDEV_S_FMT(r6, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x1, 0x0, 0x3009, 0x4, 0x3, 0x0, 0x1, 0x4}})
socket$l2tp(0x2, 0x2, 0x73)
close_range(r0, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x8031, 0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=2042):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000004580)=@raw={'raw\x00', 0x9, 0x3, 0x240, 0x0, 0xffffffff, 0xffffffff, 0xf8, 0xffffffff, 0x1f8, 0xffffffff, 0xffffffff, 0x1f8, 0xffffffff, 0x3, 0x0, {[{{@ip={@broadcast, @broadcast, 0xff, 0xffffff00, 'team0\x00', 'veth0\x00', {}, {0xff}, 0x11, 0x2, 0x8ec61fc4e1c84de5}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @multicast, 0x5, 0xa, [0x2, 0xc, 0x3e, 0x2a, 0x24, 0x18, 0x3d, 0x38, 0xc, 0xf, 0x33, 0x2d, 0x0, 0x29, 0x3f, 0x27], 0x2, 0x2, 0x9}}}, {{@ip={@empty, @empty, 0xff000000, 0xff, 'ip6gretap0\x00', 'bond_slave_1\x00', {0xff}, {}, 0x21, 0x2, 0x40}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x8, 0x1, 0x5, 0x3, 'syz0\x00', 'syz1\x00', {0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0) (fail_nth: 2)

kernel console output (not intermixed with test programs):

             L      syzkaller #0 PREEMPT(full) 
[  385.653513][T11184] Tainted: [L]=SOFTLOCKUP
[  385.653517][T11184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  385.653523][T11184] Call Trace:
[  385.653527][T11184]  <TASK>
[  385.653532][T11184]  dump_stack_lvl+0x100/0x190
[  385.653551][T11184]  should_fail_ex.cold+0x5/0xa
[  385.653564][T11184]  ? tomoyo_encode2+0xfb/0x3c0
[  385.653577][T11184]  should_failslab+0xc2/0x120
[  385.653594][T11184]  __kmalloc_noprof+0xe0/0x850
[  385.653613][T11184]  tomoyo_encode2+0xfb/0x3c0
[  385.653629][T11184]  tomoyo_encode+0x29/0x50
[  385.653641][T11184]  tomoyo_realpath_from_path+0x18c/0x690
[  385.653658][T11184]  tomoyo_path_number_perm+0x23c/0x580
[  385.653669][T11184]  ? tomoyo_path_number_perm+0x22e/0x580
[  385.653681][T11184]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  385.653706][T11184]  ? find_held_lock+0x2b/0x80
[  385.653715][T11184]  ? hook_file_ioctl_common+0x146/0x410
[  385.653727][T11184]  ? __fget_files+0x215/0x3d0
[  385.653739][T11184]  ? __fget_files+0x21f/0x3d0
[  385.653751][T11184]  security_file_ioctl_compat+0xd3/0x230
[  385.653764][T11184]  __ia32_compat_sys_ioctl+0xc2/0x360
[  385.653781][T11184]  __do_fast_syscall_32+0xe3/0x8c0
[  385.653799][T11184]  do_fast_syscall_32+0x32/0x70
[  385.653815][T11184]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  385.653832][T11184] RIP: 0023:0xf706ef6c
[  385.653844][T11184] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  385.653859][T11184] RSP: 002b:00000000f543c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  385.653878][T11184] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  385.653890][T11184] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  385.653900][T11184] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  385.653908][T11184] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  385.653914][T11184] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  385.653928][T11184]  </TASK>
[  385.653939][T11184] ERROR: Out of memory at tomoyo_realpath_from_path.
[  385.743623][T11174] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.755567][  T100] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.810270][ T6212] usb usb40-port1: unable to enumerate USB device
[  385.847131][T11174] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.926649][T11179] chnl_net:caif_netlink_parms(): no params data found
[  385.954139][  T100] bridge_slave_1: left allmulticast mode
[  385.957571][  T100] bridge_slave_1: left promiscuous mode
[  385.961899][  T100] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.967132][  T100] bridge_slave_0: left allmulticast mode
[  385.969052][  T100] bridge_slave_0: left promiscuous mode
[  385.971136][  T100] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.211345][T11190] fuse: Invalid rootmode
[  386.231134][  T100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  386.237666][  T100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  386.243135][  T100] bond0 (unregistering): Released all slaves
[  386.271303][ T7346] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.290793][T11179] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.293374][T11179] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.294270][T11196] FAULT_INJECTION: forcing a failure.
[  386.294270][T11196] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.296317][T11179] bridge_slave_0: entered allmulticast mode
[  386.300607][T11196] CPU: 2 UID: 0 PID: 11196 Comm: syz.3.1481 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  386.300624][T11196] Tainted: [L]=SOFTLOCKUP
[  386.300628][T11196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  386.300634][T11196] Call Trace:
[  386.300639][T11196]  <TASK>
[  386.300643][T11196]  dump_stack_lvl+0x100/0x190
[  386.300663][T11196]  should_fail_ex.cold+0x5/0xa
[  386.300675][T11196]  strncpy_from_user+0x3b/0x2d0
[  386.300690][T11196]  do_getname+0x78/0x390
[  386.300704][T11196]  do_fchownat+0xc6/0x1f0
[  386.300718][T11196]  ? __pfx_do_fchownat+0x10/0x10
[  386.300729][T11196]  ? fput+0x79/0x100
[  386.300741][T11196]  ? ksys_write+0x1ac/0x250
[  386.300751][T11196]  ? __pfx_ksys_write+0x10/0x10
[  386.300761][T11196]  __ia32_sys_fchownat+0xba/0x150
[  386.300774][T11196]  ? lockdep_hardirqs_on+0x78/0x100
[  386.300789][T11196]  __do_fast_syscall_32+0xe3/0x8c0
[  386.300806][T11196]  do_fast_syscall_32+0x32/0x70
[  386.300822][T11196]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  386.300849][T11196] RIP: 0023:0xf6feef6c
[  386.300859][T11196] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  386.300869][T11196] RSP: 002b:00000000f53bc50c EFLAGS: 00000292 ORIG_RAX: 000000000000012a
[  386.300880][T11196] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[  386.300886][T11196] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000100
[  386.300893][T11196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  386.300899][T11196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  386.300905][T11196] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  386.300918][T11196]  </TASK>
[  386.362459][T11179] bridge_slave_0: entered promiscuous mode
[  386.366172][T11179] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.368470][T11179] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.370710][T11179] bridge_slave_1: entered allmulticast mode
[  386.373337][T11179] bridge_slave_1: entered promiscuous mode
[  386.418518][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.421212][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.423884][  T100] tipc: Disabling bearer <eth:batadv0>
[  386.426861][  T100] tipc: Left network mode
[  386.433020][ T7346] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.441223][T11179] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.447402][T11179] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.462270][T11179] team0: Port device team_slave_0 added
[  386.499372][T11179] team0: Port device team_slave_1 added
[  386.537575][T11179] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.541989][T11179] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.563681][T11179] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  386.579948][T11179] batman_adv: batadv0: Adding interface: batadv_slave_1
[  386.582223][T11179] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.594120][T11179] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  386.605784][T11208] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1483'.
[  386.646748][T11179] hsr_slave_0: entered promiscuous mode
[  386.649672][T11179] hsr_slave_1: entered promiscuous mode
[  386.652082][T11179] debugfs: 'hsr0' already exists in 'hsr'
[  386.654383][T11179] Cannot create hsr debugfs directory
[  386.831762][  T100] hsr_slave_0: left promiscuous mode
[  386.834199][  T100] hsr_slave_1: left promiscuous mode
[  386.836624][  T100] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  386.839068][  T100] batman_adv: batadv0: Removing interface: batadv_slave_0
[  386.842203][  T100] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  386.844862][  T100] batman_adv: batadv0: Removing interface: batadv_slave_1
[  386.867570][  T100] veth1_macvtap: left promiscuous mode
[  386.869892][  T100] veth0_macvtap: left promiscuous mode
[  386.872422][  T100] veth1_vlan: left promiscuous mode
[  386.874784][  T100] veth0_vlan: left promiscuous mode
[  387.003945][  T100] team0 (unregistering): Port device team_slave_1 removed
[  387.017864][  T100] team0 (unregistering): Port device team_slave_0 removed
[  387.110104][T11179] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  387.117765][T11179] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  387.123282][T11179] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  387.129405][T11179] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  387.209067][T11179] 8021q: adding VLAN 0 to HW filter on device bond0
[  387.216584][T11179] 8021q: adding VLAN 0 to HW filter on device team0
[  387.234212][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.237538][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  387.249870][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.252381][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  387.297502][T11229] netfs: Couldn't get user pages (rc=-14)
[  387.380033][T11179] 8021q: adding VLAN 0 to HW filter on device batadv0
[  387.516480][T11179] veth0_vlan: entered promiscuous mode
[  387.522121][T11179] veth1_vlan: entered promiscuous mode
[  387.535991][T11179] veth0_macvtap: entered promiscuous mode
[  387.539842][T11179] veth1_macvtap: entered promiscuous mode
[  387.549026][T11179] batman_adv: batadv0: Interface activated: batadv_slave_0
[  387.555983][T11179] batman_adv: batadv0: Interface activated: batadv_slave_1
[  387.566493][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.570450][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.580911][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.584054][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.615381][  T100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.620433][  T100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.644889][  T100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.647689][  T100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.650933][   T40] audit: type=1326 audit(1773482678.488:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.0.1489" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef6c code=0x0
[  387.661696][T11259] fuse: Invalid rootmode
[  387.690805][ T5293] Bluetooth: hci2: command tx timeout
[  387.764759][T11265] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.767264][T11265] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.993684][T11265] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  388.005944][T11265] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  388.133823][T11275] netlink: 'syz.3.1491': attribute type 1 has an invalid length.
[  388.138850][T11275] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1491'.
[  388.974975][  T896] wg2 speed is unknown, defaulting to 1000
[  388.978080][  T896] syz2: Port: 1 Link DOWN
[  389.016349][   T88] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  389.019132][   T88] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  389.021990][  T896] wg2 speed is unknown, defaulting to 1000
[  389.023482][   T88] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  389.032145][   T88] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  389.357677][T11298] fuse: Bad value for 'rootmode'
[  389.408730][T11300] FAULT_INJECTION: forcing a failure.
[  389.408730][T11300] name failslab, interval 1, probability 0, space 0, times 0
[  389.413017][T11300] CPU: 3 UID: 0 PID: 11300 Comm: syz.4.1500 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  389.413035][T11300] Tainted: [L]=SOFTLOCKUP
[  389.413039][T11300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  389.413045][T11300] Call Trace:
[  389.413049][T11300]  <TASK>
[  389.413057][T11300]  dump_stack_lvl+0x100/0x190
[  389.413076][T11300]  should_fail_ex.cold+0x5/0xa
[  389.413088][T11300]  ? tomoyo_encode2+0xfb/0x3c0
[  389.413102][T11300]  should_failslab+0xc2/0x120
[  389.413114][T11300]  __kmalloc_noprof+0xe0/0x850
[  389.413129][T11300]  ? d_absolute_path+0x136/0x1b0
[  389.413146][T11300]  tomoyo_encode2+0xfb/0x3c0
[  389.413161][T11300]  tomoyo_encode+0x29/0x50
[  389.413174][T11300]  tomoyo_realpath_from_path+0x18c/0x690
[  389.413191][T11300]  tomoyo_path_number_perm+0x23c/0x580
[  389.413202][T11300]  ? tomoyo_path_number_perm+0x22e/0x580
[  389.413214][T11300]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  389.413239][T11300]  ? find_held_lock+0x2b/0x80
[  389.413249][T11300]  ? hook_file_ioctl_common+0x146/0x410
[  389.413261][T11300]  ? __fget_files+0x215/0x3d0
[  389.413273][T11300]  ? __fget_files+0x21f/0x3d0
[  389.413285][T11300]  security_file_ioctl_compat+0xd3/0x230
[  389.413298][T11300]  __ia32_compat_sys_ioctl+0xc2/0x360
[  389.413315][T11300]  __do_fast_syscall_32+0xe3/0x8c0
[  389.413333][T11300]  do_fast_syscall_32+0x32/0x70
[  389.413349][T11300]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  389.413362][T11300] RIP: 0023:0xf704ef6c
[  389.413371][T11300] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  389.413382][T11300] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  389.413392][T11300] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0487c04
[  389.413399][T11300] RDX: 00000000800003c0 RSI: 0000000000000000 RDI: 0000000000000000
[  389.413405][T11300] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  389.413411][T11300] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  389.413417][T11300] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  389.413430][T11300]  </TASK>
[  389.413440][T11300] ERROR: Out of memory at tomoyo_realpath_from_path.
[  389.510188][T11302] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  389.512386][T11302] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  389.515483][T11302] vhci_hcd vhci_hcd.0: Device attached
[  389.528930][T11302] random: crng reseeded on system resumption
[  389.573258][T11302] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  389.585554][   T88] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  389.588952][   T88] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  389.796788][  T896] usb 44-1: SetAddress Request (32) to port 0
[  389.796823][  T896] usb 44-1: new SuperSpeed USB device number 32 using vhci_hcd
[  389.914512][ T5293] Bluetooth: hci2: command tx timeout
[  390.282319][T11303] vhci_hcd: connection reset by peer
[  390.284417][   T46] vhci_hcd vhci_hcd.3: stop threads
[  390.286199][   T46] vhci_hcd vhci_hcd.3: release socket
[  390.289878][   T46] vhci_hcd vhci_hcd.3: disconnect device
[  391.039197][T11329] fuse: Bad value for 'rootmode'
[  391.138543][T11332] netlink: 'syz.3.1510': attribute type 1 has an invalid length.
[  391.142523][T11332] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1510'.
[  392.138216][ T5293] Bluetooth: hci2: command tx timeout
[  392.162979][T11348] FAULT_INJECTION: forcing a failure.
[  392.162979][T11348] name failslab, interval 1, probability 0, space 0, times 0
[  392.167317][T11348] CPU: 1 UID: 0 PID: 11348 Comm: syz.3.1513 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  392.167334][T11348] Tainted: [L]=SOFTLOCKUP
[  392.167338][T11348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  392.167345][T11348] Call Trace:
[  392.167349][T11348]  <TASK>
[  392.167353][T11348]  dump_stack_lvl+0x100/0x190
[  392.167373][T11348]  should_fail_ex.cold+0x5/0xa
[  392.167386][T11348]  should_failslab+0xc2/0x120
[  392.167398][T11348]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  392.167414][T11348]  ? __alloc_skb+0x140/0x710
[  392.167431][T11348]  __alloc_skb+0x140/0x710
[  392.167444][T11348]  ? __alloc_skb+0x5b7/0x710
[  392.167457][T11348]  ? __pfx___alloc_skb+0x10/0x10
[  392.167474][T11348]  netlink_alloc_large_skb+0x69/0x150
[  392.167492][T11348]  netlink_sendmsg+0x680/0xda0
[  392.167511][T11348]  ? __pfx_netlink_sendmsg+0x10/0x10
[  392.167528][T11348]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  392.167548][T11348]  ____sys_sendmsg+0x9e1/0xb70
[  392.167558][T11348]  ? __pfx_netlink_sendmsg+0x10/0x10
[  392.167575][T11348]  ? __pfx_____sys_sendmsg+0x10/0x10
[  392.167592][T11348]  ___sys_sendmsg+0x190/0x1e0
[  392.167604][T11348]  ? __pfx____sys_sendmsg+0x10/0x10
[  392.167631][T11348]  __sys_sendmsg+0x170/0x220
[  392.167646][T11348]  ? __pfx___sys_sendmsg+0x10/0x10
[  392.167665][T11348]  ? __pfx_ksys_write+0x10/0x10
[  392.167678][T11348]  __do_fast_syscall_32+0xe3/0x8c0
[  392.167696][T11348]  do_fast_syscall_32+0x32/0x70
[  392.167712][T11348]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  392.167725][T11348] RIP: 0023:0xf6feef6c
[  392.167734][T11348] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  392.167745][T11348] RSP: 002b:00000000f53bc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  392.167755][T11348] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  392.167761][T11348] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  392.167767][T11348] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  392.167773][T11348] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  392.167779][T11348] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  392.167792][T11348]  </TASK>
[  393.166307][T11366] netlink: 'syz.4.1521': attribute type 1 has an invalid length.
[  393.168882][T11366] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1521'.
[  394.044472][T11376] team0: Port device macvlan1 added
[  394.095414][T11377] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  394.097630][T11377] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  394.101676][T11377] vhci_hcd vhci_hcd.0: Device attached
[  394.129304][T11380] openvswitch: netlink: Geneve opt len 17 is not a multiple of 4.
[  394.136603][T11377] random: crng reseeded on system resumption
[  394.213558][T11392] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  394.230867][T11383] syzkaller0: entered promiscuous mode
[  394.236159][T11383] syzkaller0: entered allmulticast mode
[  394.415312][ T5293] Bluetooth: hci2: command tx timeout
[  394.468616][    T9] usb 42-1: SetAddress Request (51) to port 0
[  394.470686][    T9] usb 42-1: new SuperSpeed USB device number 51 using vhci_hcd
[  394.882890][T11384] syz.4.1522 (11384) used greatest stack depth: 19088 bytes left
[  395.232986][  T896] usb 44-1: device descriptor read/8, error -110
[  395.357051][T11378] vhci_hcd: connection reset by peer
[  395.359806][ T7346] vhci_hcd vhci_hcd.2: stop threads
[  395.362069][ T7346] vhci_hcd vhci_hcd.2: release socket
[  395.365777][ T7346] vhci_hcd vhci_hcd.2: disconnect device
[  395.655826][  T896] usb usb44-port1: attempt power cycle
[  396.256197][T11405] netlink: 'syz.4.1528': attribute type 1 has an invalid length.
[  396.260056][T11405] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1528'.
[  396.298265][  T896] usb usb44-port1: unable to enumerate USB device
[  396.623265][   T40] audit: type=1326 audit(1773482686.879:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.627741][T11410] netlink: 'syz.0.1529': attribute type 3 has an invalid length.
[  396.631451][   T40] audit: type=1326 audit(1773482686.879:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.631481][   T40] audit: type=1326 audit(1773482686.879:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.656910][   T40] audit: type=1326 audit(1773482686.879:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.666442][   T40] audit: type=1326 audit(1773482686.879:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.676297][   T40] audit: type=1326 audit(1773482686.879:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.703093][   T40] audit: type=1326 audit(1773482686.879:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.710714][   T40] audit: type=1326 audit(1773482686.879:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.718961][   T40] audit: type=1326 audit(1773482686.879:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.726952][   T40] audit: type=1326 audit(1773482686.879:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11409 comm="syz.0.1529" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000
[  396.900812][T11426] comedi comedi0: Minor 8 could not be opened
[  396.973953][T11428] can0: slcan on ptm0.
[  397.012978][ T5286] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  397.185613][ T5286] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  397.188544][ T5286] usb 8-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  397.191932][ T5286] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  397.200513][ T5286] usb 8-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  397.204198][ T5286] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  397.211199][ T5286] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  397.216126][ T5286] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  397.219340][ T5286] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  397.221996][ T5286] usb 8-1: Product: syz
[  397.223547][ T5286] usb 8-1: Manufacturer: syz
[  397.227944][T11417] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  397.231539][ T5286] cdc_wdm 8-1:1.0: skipping garbage
[  397.233347][ T5286] cdc_wdm 8-1:1.0: skipping garbage
[  397.263069][ T5286] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  397.265042][ T5286] cdc_wdm 8-1:1.0: Unknown control protocol
[  397.446892][T11417] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1532'.
[  397.455310][T11417] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1532'.
[  397.461749][   T34] usb 8-1: USB disconnect, device number 18
[  397.625840][T11426] can0 (unregistered): slcan off ptm0.
[  398.670175][ T7269] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  398.795292][T11473] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  398.798126][T11473] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  398.802482][T11473] vhci_hcd vhci_hcd.0: Device attached
[  398.809786][T11473] random: crng reseeded on system resumption
[  398.834949][T11473] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  399.188202][T11481] FAULT_INJECTION: forcing a failure.
[  399.188202][T11481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.193297][T11481] CPU: 3 UID: 0 PID: 11481 Comm: syz.3.1545 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  399.193388][T11481] Tainted: [L]=SOFTLOCKUP
[  399.193393][T11481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  399.193399][T11481] Call Trace:
[  399.193404][T11481]  <TASK>
[  399.193408][T11481]  dump_stack_lvl+0x100/0x190
[  399.193428][T11481]  should_fail_ex.cold+0x5/0xa
[  399.193441][T11481]  _copy_from_iter+0x1f4/0x1690
[  399.193456][T11481]  ? alloc_pages_mpol+0x25a/0x550
[  399.193467][T11481]  ? __pfx__copy_from_iter+0x10/0x10
[  399.193479][T11481]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  399.193495][T11481]  copy_page_from_iter+0xde/0x180
[  399.193509][T11481]  tun_build_skb.constprop.0+0x2ea/0x15d0
[  399.193525][T11481]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  399.193536][T11481]  ? unwind_get_return_address+0x59/0xa0
[  399.193548][T11481]  ? arch_stack_walk+0xa6/0xf0
[  399.193560][T11481]  ? __lock_acquire+0x4a5/0x2630
[  399.193581][T11481]  tun_get_user+0x16d0/0x3e10
[  399.193598][T11481]  ? __pfx_tun_get_user+0x10/0x10
[  399.193609][T11481]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  399.193628][T11481]  ? find_held_lock+0x2b/0x80
[  399.193637][T11481]  ? tun_get+0x191/0x370
[  399.193653][T11481]  ? tun_get+0x191/0x370
[  399.193685][T11481]  tun_chr_write_iter+0xdc/0x200
[  399.193698][T11481]  vfs_write+0x6ac/0x1070
[  399.193715][T11481]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  399.193727][T11481]  ? __pfx_vfs_write+0x10/0x10
[  399.193742][T11481]  ? find_held_lock+0x2b/0x80
[  399.193761][T11481]  ksys_write+0x12a/0x250
[  399.193770][T11481]  ? __pfx_ksys_write+0x10/0x10
[  399.193783][T11481]  do_int80_emulation+0x141/0x6b0
[  399.193801][T11481]  asm_int80_emulation+0x1a/0x20
[  399.193812][T11481] RIP: 0023:0xf7125cab
[  399.193821][T11481] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  399.193831][T11481] RSP: 002b:00000000f53dd44c EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  399.193841][T11481] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000240
[  399.193848][T11481] RDX: 000000000000003e RSI: 0000000000000000 RDI: 0000000000000000
[  399.193854][T11481] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  399.193859][T11481] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  399.193865][T11481] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  399.193879][T11481]  </TASK>
[  399.236636][ T6212] usb 46-1: SetAddress Request (2) to port 0
[  399.237867][ T7269] usb 7-1: Using ep0 maxpacket: 8
[  399.241085][ T6212] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  399.246261][ T7269] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  399.284567][ T7269] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  399.287338][T11474] vhci_hcd: connection reset by peer
[  399.288469][ T7269] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  399.288484][ T7269] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  399.288508][ T7269] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  399.288519][ T7269] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.323906][   T12] vhci_hcd vhci_hcd.4: stop threads
[  399.325670][   T12] vhci_hcd vhci_hcd.4: release socket
[  399.327783][   T12] vhci_hcd vhci_hcd.4: disconnect device
[  399.519752][ T7269] usb 7-1: GET_CAPABILITIES returned 0
[  399.523164][ T7269] usbtmc 7-1:16.0: can't read capabilities
[  399.921092][    T9] usb 42-1: device descriptor read/8, error -110
[  399.996695][T11502] netlink: 'syz.4.1550': attribute type 11 has an invalid length.
[  400.308772][T11175] usb 7-1: USB disconnect, device number 3
[  400.369695][    T9] usb usb42-port1: attempt power cycle
[  400.990436][T11522] xt_TCPMSS: Only works on TCP SYN packets
[  401.215536][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  401.286794][T11531] netlink: 'syz.2.1552': attribute type 1 has an invalid length.
[  401.292281][T11531] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1552'.
[  401.299902][ T5286] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  401.460312][ T5286] usb 9-1: Using ep0 maxpacket: 32
[  401.464638][ T5286] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  401.471032][ T5286] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  401.474967][ T5286] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  401.478546][ T5286] usb 9-1: Product: syz
[  401.480437][ T5286] usb 9-1: Manufacturer: syz
[  401.482714][ T5286] usb 9-1: SerialNumber: syz
[  401.494341][ T5286] usb 9-1: config 0 descriptor??
[  401.497172][T11524] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  401.720293][T11524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  401.724510][T11524] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  401.837944][ T5286] usb 9-1: USB disconnect, device number 2
[  402.163658][    T9] usb usb42-port1: unable to enumerate USB device
[  402.354322][T11549] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1560'.
[  402.449329][T11552] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  402.452553][T11552] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  402.457769][T11552] vhci_hcd vhci_hcd.0: Device attached
[  402.462386][T11552] random: crng reseeded on system resumption
[  402.480091][T11552] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  402.632269][T11562] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1564'.
[  402.753899][T11175] usb 42-1: SetAddress Request (55) to port 0
[  402.756260][T11175] usb 42-1: new SuperSpeed USB device number 55 using vhci_hcd
[  402.850100][ T5286] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  402.978944][   T40] kauditd_printk_skb: 89 callbacks suppressed
[  402.978957][   T40] audit: type=1326 audit(1773482692.828:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11564 comm="syz.3.1565" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6feef6c code=0x0
[  403.021091][ T5286] usb 9-1: Using ep0 maxpacket: 16
[  403.025772][ T5286] usb 9-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  403.028868][ T5286] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.031530][ T5286] usb 9-1: Product: syz
[  403.033112][ T5286] usb 9-1: Manufacturer: syz
[  403.034962][ T5286] usb 9-1: SerialNumber: syz
[  403.045496][ T5286] usb 9-1: config 0 descriptor??
[  403.053576][ T5286] as10x_usb: device has been detected
[  403.055772][ T5286] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  403.075548][ T5286] usb 9-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  403.093321][ T5286] as10x_usb: error during firmware upload part1
[  403.095458][ T5286] Registered device Sky IT Digital Key (green led)
[  403.131953][T11553] vhci_hcd: connection reset by peer
[  403.134902][   T12] vhci_hcd vhci_hcd.2: stop threads
[  403.137207][   T12] vhci_hcd vhci_hcd.2: release socket
[  403.139626][   T12] vhci_hcd vhci_hcd.2: disconnect device
[  403.270547][T11558] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1562'.
[  403.282946][T11558] random: crng reseeded on system resumption
[  403.292949][ T7539] usb 9-1: USB disconnect, device number 3
[  403.318691][ T7539] Unregistered device Sky IT Digital Key (green led)
[  403.323101][ T7539] as10x_usb: device has been disconnected
[  404.088309][T11588] netlink: 'syz.3.1568': attribute type 1 has an invalid length.
[  404.091041][T11588] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1568'.
[  404.157474][T11592] overlayfs: failed to clone upperpath
[  404.624960][ T6212] usb 46-1: device descriptor read/8, error -110
[  405.011309][T11602] random: crng reseeded on system resumption
[  405.028988][T11606] Cannot find del_set index 0 as target
[  405.155339][ T6212] usb usb46-port1: attempt power cycle
[  405.516396][T11611] ceph: No mds server is up or the cluster is laggy
[  405.608525][   T29] libceph: connect (1)[c::]:6789 error -101
[  405.612604][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  405.922179][ T6212] usb usb46-port1: unable to enumerate USB device
[  406.556343][T11610] wg2 speed is unknown, defaulting to 1000
[  406.593525][T11621] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  406.596472][T11621] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  406.600587][T11621] vhci_hcd vhci_hcd.0: Device attached
[  406.603529][T11622] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1580'.
[  406.672758][T11621] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  406.915294][T11633] netlink: 'syz.4.1579': attribute type 3 has an invalid length.
[  406.918573][T11633] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1579'.
[  406.975105][T11623] vhci_hcd: connection closed
[  406.977775][   T88] vhci_hcd vhci_hcd.2: stop threads
[  406.982426][   T88] vhci_hcd vhci_hcd.2: release socket
[  406.984426][   T88] vhci_hcd vhci_hcd.2: disconnect device
[  407.488766][T11639] netlink: 'syz.4.1582': attribute type 1 has an invalid length.
[  407.492148][T11639] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1582'.
[  408.026998][T11652] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1585'.
[  408.059319][T11652] veth3: entered promiscuous mode
[  408.132999][T11175] usb 42-1: device descriptor read/8, error -110
[  408.173513][T11655] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3901993312 (7803986624 ns) > initial count (6429106268 ns). Using initial count to start timer.
[  408.182444][T11655] FAULT_INJECTION: forcing a failure.
[  408.182444][T11655] name failslab, interval 1, probability 0, space 0, times 0
[  408.188276][T11655] CPU: 2 UID: 0 PID: 11655 Comm: syz.2.1587 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  408.188304][T11655] Tainted: [L]=SOFTLOCKUP
[  408.188311][T11655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  408.188322][T11655] Call Trace:
[  408.188329][T11655]  <TASK>
[  408.188336][T11655]  dump_stack_lvl+0x100/0x190
[  408.188368][T11655]  should_fail_ex.cold+0x5/0xa
[  408.188391][T11655]  ? tomoyo_encode2+0xfb/0x3c0
[  408.188412][T11655]  should_failslab+0xc2/0x120
[  408.188433][T11655]  __kmalloc_noprof+0xe0/0x850
[  408.188465][T11655]  tomoyo_encode2+0xfb/0x3c0
[  408.188492][T11655]  tomoyo_encode+0x29/0x50
[  408.188514][T11655]  tomoyo_realpath_from_path+0x18c/0x690
[  408.188544][T11655]  tomoyo_path_number_perm+0x23c/0x580
[  408.188564][T11655]  ? tomoyo_path_number_perm+0x22e/0x580
[  408.188586][T11655]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  408.188631][T11655]  ? find_held_lock+0x2b/0x80
[  408.188653][T11655]  ? hook_file_ioctl_common+0x146/0x410
[  408.188673][T11655]  ? __fget_files+0x215/0x3d0
[  408.188696][T11655]  ? __fget_files+0x21f/0x3d0
[  408.188722][T11655]  security_file_ioctl_compat+0xd3/0x230
[  408.188744][T11655]  __ia32_compat_sys_ioctl+0xc2/0x360
[  408.188774][T11655]  __do_fast_syscall_32+0xe3/0x8c0
[  408.188804][T11655]  do_fast_syscall_32+0x32/0x70
[  408.188831][T11655]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  408.188853][T11655] RIP: 0023:0xf706ef6c
[  408.188873][T11655] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  408.188893][T11655] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  408.188917][T11655] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  408.188928][T11655] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  408.188942][T11655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  408.188955][T11655] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  408.188966][T11655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  408.188991][T11655]  </TASK>
[  408.189012][T11655] ERROR: Out of memory at tomoyo_realpath_from_path.
[  408.337100][T11655] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  408.570321][T11175] usb usb42-port1: attempt power cycle
[  408.590862][T11395] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  408.754667][T11395] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  408.759140][T11395] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[  408.763921][T11395] usb 9-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  408.768579][T11395] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.777007][T11395] usb 9-1: config 0 descriptor??
[  408.783030][T11395] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  408.788975][T11395] dvb-usb: bulk message failed: -22 (3/0)
[  408.800449][T11395] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  408.807903][T11395] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  408.812002][T11395] usb 9-1: media controller created
[  408.817080][T11395] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  408.834094][T11395] dvb-usb: bulk message failed: -22 (6/0)
[  408.840849][T11395] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  408.852545][T11395] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input12
[  408.869188][T11395] dvb-usb: schedule remote query interval to 150 msecs.
[  408.872090][T11395] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  409.002715][T11659] FAULT_INJECTION: forcing a failure.
[  409.002715][T11659] name failslab, interval 1, probability 0, space 0, times 0
[  409.011547][T11659] CPU: 0 UID: 0 PID: 11659 Comm: syz.4.1588 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  409.011578][T11659] Tainted: [L]=SOFTLOCKUP
[  409.011582][T11659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  409.011588][T11659] Call Trace:
[  409.011592][T11659]  <TASK>
[  409.011597][T11659]  dump_stack_lvl+0x100/0x190
[  409.011617][T11659]  should_fail_ex.cold+0x5/0xa
[  409.011631][T11659]  ? tomoyo_encode2+0xfb/0x3c0
[  409.011643][T11659]  should_failslab+0xc2/0x120
[  409.011655][T11659]  __kmalloc_noprof+0xe0/0x850
[  409.011670][T11659]  ? d_absolute_path+0x136/0x1b0
[  409.011687][T11659]  tomoyo_encode2+0xfb/0x3c0
[  409.011702][T11659]  tomoyo_encode+0x29/0x50
[  409.011715][T11659]  tomoyo_realpath_from_path+0x18c/0x690
[  409.011732][T11659]  tomoyo_path_number_perm+0x23c/0x580
[  409.011743][T11659]  ? tomoyo_path_number_perm+0x22e/0x580
[  409.011755][T11659]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  409.011781][T11659]  ? find_held_lock+0x2b/0x80
[  409.011793][T11659]  ? hook_file_ioctl_common+0x146/0x410
[  409.011805][T11659]  ? __fget_files+0x215/0x3d0
[  409.011817][T11659]  ? __fget_files+0x21f/0x3d0
[  409.011829][T11659]  security_file_ioctl_compat+0xd3/0x230
[  409.011842][T11659]  __ia32_compat_sys_ioctl+0xc2/0x360
[  409.011860][T11659]  __do_fast_syscall_32+0xe3/0x8c0
[  409.011878][T11659]  do_fast_syscall_32+0x32/0x70
[  409.011894][T11659]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  409.011907][T11659] RIP: 0023:0xf704ef6c
[  409.011916][T11659] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  409.011926][T11659] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  409.011937][T11659] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040084504
[  409.011943][T11659] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  409.011949][T11659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  409.011955][T11659] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  409.011960][T11659] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  409.011973][T11659]  </TASK>
[  409.013027][T11659] ERROR: Out of memory at tomoyo_realpath_from_path.
[  409.104212][T11395] dvb-usb: bulk message failed: -22 (1/0)
[  409.106202][T11395] dvb-usb: error while querying for an remote control event.
[  409.135625][T11395] usb 9-1: USB disconnect, device number 4
[  409.154586][T11395] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  409.189962][T11175] usb usb42-port1: unable to enumerate USB device
[  409.364719][T11677] netlink: 'syz.3.1594': attribute type 11 has an invalid length.
[  409.423112][T11679] fuse: Unknown parameter 'user_id00000000000000000000'
[  409.787462][T11685] overlayfs: missing 'lowerdir'
[  409.852884][T11690] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1598'.
[  409.912090][    C3] sr 2:0:0:0: [sr0] tag#21 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  409.916502][    C3] sr 2:0:0:0: [sr0] tag#21 CDB: Write(16) 8a 85 d3 3c 8d eb 76 31 50 b9 d9 b3
[  409.923612][T11690] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3901993312 (7803986624 ns) > initial count (6429106268 ns). Using initial count to start timer.
[  409.933831][T11691] netlink: 'syz.2.1596': attribute type 1 has an invalid length.
[  409.936499][T11691] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1596'.
[  410.547559][T11716] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1605'.
[  410.954723][T11726] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  410.957189][T11726] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  410.960013][T11726] vhci_hcd vhci_hcd.0: Device attached
[  410.964520][T11726] random: crng reseeded on system resumption
[  411.005387][T11726] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  411.317182][   T34] usb 42-1: SetAddress Request (59) to port 0
[  411.320547][   T34] usb 42-1: new SuperSpeed USB device number 59 using vhci_hcd
[  411.418378][T11737] binder: 11736:11737 ioctl 8010661b 80000000 returned -22
[  411.612954][T11727] vhci_hcd: connection reset by peer
[  411.620215][ T7346] vhci_hcd vhci_hcd.2: stop threads
[  411.622441][ T7346] vhci_hcd vhci_hcd.2: release socket
[  411.624742][ T7346] vhci_hcd vhci_hcd.2: disconnect device
[  412.492778][T11759] netlink: 'syz.4.1618': attribute type 11 has an invalid length.
[  412.603752][T11756] netlink: 'syz.3.1616': attribute type 1 has an invalid length.
[  412.606341][T11756] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1616'.
[  413.475092][T11769] 9p: Bad value for 'rfdno'
[  413.479952][T11769] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1621'.
[  413.635231][T11776] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1624'.
[  413.637384][T11773] netlink: 'syz.4.1623': attribute type 1 has an invalid length.
[  413.641938][T11773] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1623'.
[  413.766267][T11781] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  413.768504][T11781] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  413.778539][T11781] vhci_hcd vhci_hcd.0: Device attached
[  414.144670][ T6212] usb 44-1: SetAddress Request (36) to port 0
[  414.161067][ T6212] usb 44-1: new SuperSpeed USB device number 36 using vhci_hcd
[  414.310560][T11791] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  414.312803][T11791] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  414.378702][T11791] vhci_hcd vhci_hcd.0: Device attached
[  414.409275][T11791] random: crng reseeded on system resumption
[  414.417844][T11782] vhci_hcd: connection reset by peer
[  414.420906][ T7346] vhci_hcd vhci_hcd.3: stop threads
[  414.422926][ T7346] vhci_hcd vhci_hcd.3: release socket
[  414.425430][ T7346] vhci_hcd vhci_hcd.3: disconnect device
[  414.494320][T11791] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  414.673854][T11395] usb 46-1: SetAddress Request (6) to port 0
[  414.675970][T11395] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd
[  414.925698][T11792] vhci_hcd: connection reset by peer
[  414.928295][ T7346] vhci_hcd vhci_hcd.4: stop threads
[  414.931157][ T7346] vhci_hcd vhci_hcd.4: release socket
[  414.932951][ T7346] vhci_hcd vhci_hcd.4: disconnect device
[  416.779934][   T34] usb 42-1: device descriptor read/8, error -110
[  417.095055][T11840] netlink: 'syz.2.1642': attribute type 11 has an invalid length.
[  417.323284][   T34] usb usb42-port1: attempt power cycle
[  417.412485][T11844] netlink: 'syz.3.1640': attribute type 1 has an invalid length.
[  417.415410][T11844] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1640'.
[  418.241448][T11862] FAULT_INJECTION: forcing a failure.
[  418.241448][T11862] name failslab, interval 1, probability 0, space 0, times 0
[  418.255222][T11862] CPU: 3 UID: 0 PID: 11862 Comm: syz.2.1649 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  418.255242][T11862] Tainted: [L]=SOFTLOCKUP
[  418.255246][T11862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  418.255253][T11862] Call Trace:
[  418.255256][T11862]  <TASK>
[  418.255261][T11862]  dump_stack_lvl+0x100/0x190
[  418.255281][T11862]  should_fail_ex.cold+0x5/0xa
[  418.255294][T11862]  should_failslab+0xc2/0x120
[  418.255305][T11862]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  418.255321][T11862]  ? prepare_creds+0x2c/0x950
[  418.255337][T11862]  ? get_random_u64+0x575/0x7c0
[  418.255351][T11862]  prepare_creds+0x2c/0x950
[  418.255367][T11862]  copy_creds+0xa7/0xa50
[  418.255385][T11862]  copy_process+0x1029/0x7a10
[  418.255400][T11862]  ? __lock_acquire+0x4a5/0x2630
[  418.255418][T11862]  ? __pfx_copy_process+0x10/0x10
[  418.255432][T11862]  ? get_pid_task+0xfc/0x250
[  418.255444][T11862]  ? get_pid_task+0xfc/0x250
[  418.255459][T11862]  kernel_clone+0xfc/0x9a0
[  418.255470][T11862]  ? proc_fail_nth_write+0x9f/0x220
[  418.255484][T11862]  ? find_held_lock+0x2b/0x80
[  418.255494][T11862]  ? __pfx_kernel_clone+0x10/0x10
[  418.255508][T11862]  ? ksys_write+0x190/0x250
[  418.255522][T11862]  __do_compat_sys_ia32_clone+0xd4/0x120
[  418.255537][T11862]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  418.255558][T11862]  ? ksys_write+0x1ac/0x250
[  418.255567][T11862]  ? __pfx_ksys_write+0x10/0x10
[  418.255579][T11862]  __do_fast_syscall_32+0xe3/0x8c0
[  418.255597][T11862]  do_fast_syscall_32+0x32/0x70
[  418.255613][T11862]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  418.255627][T11862] RIP: 0023:0xf706ef6c
[  418.255636][T11862] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  418.255646][T11862] RSP: 002b:00000000f545d4bc EFLAGS: 00000206 ORIG_RAX: 0000000000000078
[  418.255657][T11862] RAX: ffffffffffffffda RBX: 0000000088206000 RCX: 0000000000000000
[  418.255663][T11862] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  418.255669][T11862] RBP: 00000000f7464f80 R08: 0000000000000000 R09: 0000000000000000
[  418.255675][T11862] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  418.255681][T11862] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  418.255694][T11862]  </TASK>
[  418.432856][   T34] usb usb42-port1: unable to enumerate USB device
[  418.819340][T11874] fuse: Unknown parameter '0x0000000000000003'
[  418.826265][T11864] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1648'.
[  418.925214][T11864] wg2 speed is unknown, defaulting to 1000
[  419.116423][T11872] netlink: 'syz.4.1652': attribute type 11 has an invalid length.
[  419.605094][ T6212] usb 44-1: device descriptor read/8, error -110
[  419.871245][T11898] netlink: 'syz.0.1661': attribute type 6 has an invalid length.
[  420.088124][ T6212] usb usb44-port1: attempt power cycle
[  420.104805][T11395] usb 46-1: device descriptor read/8, error -110
[  420.513970][T11905] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  420.516160][T11905] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  420.519024][T11905] vhci_hcd vhci_hcd.0: Device attached
[  420.525706][T11905] random: crng reseeded on system resumption
[  420.660598][T11395] usb 46-1: SetAddress Request (7) to port 0
[  420.662671][T11395] usb 46-1: new SuperSpeed USB device number 7 using vhci_hcd
[  420.693500][ T6212] usb usb44-port1: unable to enumerate USB device
[  420.807901][T11905] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  421.219864][T11906] vhci_hcd: connection reset by peer
[  421.299063][  T100] vhci_hcd vhci_hcd.4: stop threads
[  421.302241][  T100] vhci_hcd vhci_hcd.4: release socket
[  421.304072][  T100] vhci_hcd vhci_hcd.4: disconnect device
[  421.681087][T11943] bridge0: port 3(syz_tun) entered blocking state
[  421.683893][T11943] bridge0: port 3(syz_tun) entered disabled state
[  421.688660][T11943] syz_tun: entered allmulticast mode
[  421.691732][T11943] syz_tun: entered promiscuous mode
[  421.693989][T11943] bridge0: port 3(syz_tun) entered blocking state
[  421.696508][T11943] bridge0: port 3(syz_tun) entered forwarding state
[  422.051808][T11951] netlink: 'syz.4.1679': attribute type 1 has an invalid length.
[  422.054463][T11951] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1679'.
[  422.724796][T11955] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1681'.
[  423.589326][T11982] binfmt_misc: Unknown parameter 'trans'
[  423.869851][T11983] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  423.905793][T11991] fuse: Unknown parameter 'fd0x0000000000000003'
[  424.233371][T12004] syzkaller0: entered promiscuous mode
[  424.236122][T12004] syzkaller0: entered allmulticast mode
[  424.241916][T12004] FAULT_INJECTION: forcing a failure.
[  424.241916][T12004] name failslab, interval 1, probability 0, space 0, times 0
[  424.247701][T12004] CPU: 3 UID: 0 PID: 12004 Comm: syz.2.1697 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  424.247729][T12004] Tainted: [L]=SOFTLOCKUP
[  424.247735][T12004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  424.247746][T12004] Call Trace:
[  424.247753][T12004]  <TASK>
[  424.247760][T12004]  dump_stack_lvl+0x100/0x190
[  424.247791][T12004]  should_fail_ex.cold+0x5/0xa
[  424.247814][T12004]  should_failslab+0xc2/0x120
[  424.247834][T12004]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  424.247861][T12004]  ? __alloc_skb+0x140/0x710
[  424.247890][T12004]  __alloc_skb+0x140/0x710
[  424.247909][T12004]  ? __alloc_skb+0x5b7/0x710
[  424.247931][T12004]  ? __pfx___alloc_skb+0x10/0x10
[  424.247960][T12004]  alloc_skb_with_frags+0xe0/0x810
[  424.247994][T12004]  sock_alloc_send_pskb+0x801/0x980
[  424.248016][T12004]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  424.248043][T12004]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  424.248067][T12004]  ? find_held_lock+0x2b/0x80
[  424.248085][T12004]  ? dev_get_by_index+0x180/0x380
[  424.248107][T12004]  ? dev_get_by_index+0x180/0x380
[  424.248138][T12004]  packet_sendmsg+0x20e0/0x53c0
[  424.248169][T12004]  ? __pfx___might_resched+0x10/0x10
[  424.248201][T12004]  ? aa_sk_perm+0x309/0xaa0
[  424.248223][T12004]  ? __pfx_packet_sendmsg+0x10/0x10
[  424.248241][T12004]  ? __pfx_aa_sk_perm+0x10/0x10
[  424.248258][T12004]  ? __might_fault+0xc5/0x140
[  424.248288][T12004]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  424.248318][T12004]  __sys_sendto+0x468/0x4b0
[  424.248339][T12004]  ? __pfx_packet_sendmsg+0x10/0x10
[  424.248360][T12004]  ? __pfx___sys_sendto+0x10/0x10
[  424.248390][T12004]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  424.248426][T12004]  ? fput+0x79/0x100
[  424.248447][T12004]  ? ksys_write+0x1ac/0x250
[  424.248466][T12004]  __ia32_sys_sendto+0xdd/0x1b0
[  424.248488][T12004]  ? __do_fast_syscall_32+0x94/0x8c0
[  424.248513][T12004]  ? lockdep_hardirqs_on+0x78/0x100
[  424.248536][T12004]  __do_fast_syscall_32+0xe3/0x8c0
[  424.248563][T12004]  do_fast_syscall_32+0x32/0x70
[  424.248588][T12004]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  424.248611][T12004] RIP: 0023:0xf706ef6c
[  424.248625][T12004] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  424.248642][T12004] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[  424.248665][T12004] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000000
[  424.248676][T12004] RDX: 0000000000000000 RSI: 0000000000050040 RDI: 00000000800001c0
[  424.248686][T12004] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  424.248697][T12004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  424.248707][T12004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  424.248730][T12004]  </TASK>
[  424.671086][T12017] fuse: Unknown parameter 'fd0x0000000000000003'
[  424.921953][T12023] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  424.924955][T12023] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  424.930547][T12023] vhci_hcd vhci_hcd.0: Device attached
[  425.089189][T12026] random: crng reseeded on system resumption
[  425.214912][ T6212] usb 42-1: SetAddress Request (63) to port 0
[  425.220444][ T6212] usb 42-1: new SuperSpeed USB device number 63 using vhci_hcd
[  425.568924][T12024] vhci_hcd: connection reset by peer
[  425.632991][ T7346] vhci_hcd vhci_hcd.2: stop threads
[  425.679131][ T7346] vhci_hcd vhci_hcd.2: release socket
[  425.792914][ T7346] vhci_hcd vhci_hcd.2: disconnect device
[  425.844680][T12029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1705'.
[  425.885177][   T40] audit: type=1326 audit(1773485292.251:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12027 comm="syz.3.1705" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6feef6c code=0x0
[  426.102492][T11395] usb 46-1: device descriptor read/8, error -110
[  426.219854][T11395] usb usb46-port1: attempt power cycle
[  426.469988][T12052] fuse: Unknown parameter 'fd0x0000000000000003'
[  426.789019][T12061] netlink: 'syz.3.1715': attribute type 11 has an invalid length.
[  426.860718][T12059] netlink: 'syz.4.1714': attribute type 1 has an invalid length.
[  426.860765][T12059] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1714'.
[  426.956137][T11395] usb usb46-port1: unable to enumerate USB device
[  427.047858][T12070] 9p: Bad value for 'wfdno'
[  427.049595][T12074] 9p: Bad value for 'wfdno'
[  427.049889][T12074] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1717'.
[  427.104713][T12070] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1717'.
[  428.349307][T12086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1721'.
[  428.375732][   T40] audit: type=1326 audit(1773485294.581:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.4.1721" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf704ef6c code=0x0
[  429.155398][T12100] FAULT_INJECTION: forcing a failure.
[  429.155398][T12100] name failslab, interval 1, probability 0, space 0, times 0
[  429.159562][T12100] CPU: 0 UID: 0 PID: 12100 Comm: syz.4.1726 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  429.159580][T12100] Tainted: [L]=SOFTLOCKUP
[  429.159584][T12100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  429.159590][T12100] Call Trace:
[  429.159594][T12100]  <TASK>
[  429.159599][T12100]  dump_stack_lvl+0x100/0x190
[  429.159618][T12100]  should_fail_ex.cold+0x5/0xa
[  429.159631][T12100]  should_failslab+0xc2/0x120
[  429.159643][T12100]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  429.159659][T12100]  ? __alloc_skb+0x140/0x710
[  429.159676][T12100]  __alloc_skb+0x140/0x710
[  429.159689][T12100]  ? __alloc_skb+0x5b7/0x710
[  429.159702][T12100]  ? __pfx___alloc_skb+0x10/0x10
[  429.159722][T12100]  netlink_alloc_large_skb+0x69/0x150
[  429.159740][T12100]  netlink_sendmsg+0x680/0xda0
[  429.159758][T12100]  ? __pfx_netlink_sendmsg+0x10/0x10
[  429.159776][T12100]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  429.159795][T12100]  ____sys_sendmsg+0x9e1/0xb70
[  429.159805][T12100]  ? __pfx_netlink_sendmsg+0x10/0x10
[  429.159822][T12100]  ? __pfx_____sys_sendmsg+0x10/0x10
[  429.159839][T12100]  ___sys_sendmsg+0x190/0x1e0
[  429.159852][T12100]  ? __pfx____sys_sendmsg+0x10/0x10
[  429.159879][T12100]  __sys_sendmsg+0x170/0x220
[  429.159894][T12100]  ? __pfx___sys_sendmsg+0x10/0x10
[  429.159914][T12100]  ? __pfx_ksys_write+0x10/0x10
[  429.159926][T12100]  __do_fast_syscall_32+0xe3/0x8c0
[  429.159944][T12100]  do_fast_syscall_32+0x32/0x70
[  429.159960][T12100]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  429.159974][T12100] RIP: 0023:0xf704ef6c
[  429.159984][T12100] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  429.159995][T12100] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  429.160005][T12100] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  429.160012][T12100] RDX: 0000000000044080 RSI: 0000000000000000 RDI: 0000000000000000
[  429.160018][T12100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  429.160024][T12100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  429.160030][T12100] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  429.160043][T12100]  </TASK>
[  429.495468][T12107] netlink: 'syz.3.1728': attribute type 1 has an invalid length.
[  429.498442][T12107] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1728'.
[  430.833733][T12120] netlink: 'syz.4.1731': attribute type 11 has an invalid length.
[  431.252998][ T6212] usb 42-1: device descriptor read/8, error -110
[  431.682441][ T6212] usb usb42-port1: attempt power cycle
[  431.834023][T12125] FAULT_INJECTION: forcing a failure.
[  431.834023][T12125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.849282][T12125] CPU: 3 UID: 0 PID: 12125 Comm: syz.2.1732 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  431.849302][T12125] Tainted: [L]=SOFTLOCKUP
[  431.849306][T12125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  431.849312][T12125] Call Trace:
[  431.849316][T12125]  <TASK>
[  431.849321][T12125]  dump_stack_lvl+0x100/0x190
[  431.849341][T12125]  should_fail_ex.cold+0x5/0xa
[  431.849354][T12125]  _copy_to_user+0x32/0xd0
[  431.849368][T12125]  simple_read_from_buffer+0xcb/0x170
[  431.849386][T12125]  proc_fail_nth_read+0x1af/0x230
[  431.849400][T12125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  431.849414][T12125]  ? rw_verify_area+0xce/0x6d0
[  431.849429][T12125]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  431.849441][T12125]  vfs_read+0x1e4/0xb30
[  431.849460][T12125]  ? __pfx_vfs_read+0x10/0x10
[  431.849475][T12125]  ? find_held_lock+0x2b/0x80
[  431.849485][T12125]  ? __fget_files+0x215/0x3d0
[  431.849497][T12125]  ? __fget_files+0x21f/0x3d0
[  431.849511][T12125]  ksys_read+0x12a/0x250
[  431.849527][T12125]  ? __pfx_ksys_read+0x10/0x10
[  431.849548][T12125]  do_int80_emulation+0x141/0x6b0
[  431.849566][T12125]  asm_int80_emulation+0x1a/0x20
[  431.849577][T12125] RIP: 0023:0xf71a5cab
[  431.849585][T12125] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  431.849596][T12125] RSP: 002b:00000000f545d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  431.849606][T12125] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f545d5d0
[  431.849613][T12125] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  431.849619][T12125] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  431.849625][T12125] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  431.849631][T12125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  431.849644][T12125]  </TASK>
[  432.701884][ T6212] usb usb42-port1: unable to enumerate USB device
[  432.752808][T12132] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1734'.
[  433.584068][T12153] tmpfs: Cannot change global quota limit on remount
[  433.598053][T12161] netlink: 'syz.3.1742': attribute type 11 has an invalid length.
[  433.752252][T12174] FAULT_INJECTION: forcing a failure.
[  433.752252][T12174] name failslab, interval 1, probability 0, space 0, times 0
[  433.752292][T12174] CPU: 0 UID: 0 PID: 12174 Comm: syz.4.1746 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  433.752307][T12174] Tainted: [L]=SOFTLOCKUP
[  433.752311][T12174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  433.752317][T12174] Call Trace:
[  433.752320][T12174]  <TASK>
[  433.752324][T12174]  dump_stack_lvl+0x100/0x190
[  433.752343][T12174]  should_fail_ex.cold+0x5/0xa
[  433.752357][T12174]  should_failslab+0xc2/0x120
[  433.752368][T12174]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  433.752384][T12174]  ? __alloc_skb+0x140/0x710
[  433.752401][T12174]  __alloc_skb+0x140/0x710
[  433.752414][T12174]  ? __alloc_skb+0x5b7/0x710
[  433.752427][T12174]  ? __pfx___alloc_skb+0x10/0x10
[  433.752445][T12174]  send_monitor_note+0xe8/0x4e0
[  433.752459][T12174]  ? __pfx_send_monitor_note+0x10/0x10
[  433.752473][T12174]  ? apparmor_capable+0x1d7/0x4d0
[  433.752485][T12174]  ? bpf_lsm_capable+0x9/0x10
[  433.752499][T12174]  hci_sock_bind+0xcf3/0x16b0
[  433.752513][T12174]  ? __pfx_hci_sock_bind+0x10/0x10
[  433.752527][T12174]  ? apparmor_socket_bind+0x105/0x1e0
[  433.752546][T12174]  __sys_bind+0x1a9/0x260
[  433.752558][T12174]  ? __pfx___sys_bind+0x10/0x10
[  433.752575][T12174]  ? ksys_write+0x1ac/0x250
[  433.752585][T12174]  ? __pfx_ksys_write+0x10/0x10
[  433.752596][T12174]  __ia32_sys_bind+0x71/0xb0
[  433.752607][T12174]  ? lockdep_hardirqs_on+0x78/0x100
[  433.752622][T12174]  __do_fast_syscall_32+0xe3/0x8c0
[  433.752640][T12174]  do_fast_syscall_32+0x32/0x70
[  433.752655][T12174]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  433.752669][T12174] RIP: 0023:0xf704ef6c
[  433.752678][T12174] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  433.752688][T12174] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000169
[  433.752699][T12174] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  433.752705][T12174] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  433.752711][T12174] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.752716][T12174] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  433.752723][T12174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.752736][T12174]  </TASK>
[  434.579219][T12207] FAULT_INJECTION: forcing a failure.
[  434.579219][T12207] name failslab, interval 1, probability 0, space 0, times 0
[  434.584572][T12207] CPU: 0 UID: 0 PID: 12207 Comm: syz.3.1755 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  434.584591][T12207] Tainted: [L]=SOFTLOCKUP
[  434.584595][T12207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  434.584601][T12207] Call Trace:
[  434.584606][T12207]  <TASK>
[  434.584610][T12207]  dump_stack_lvl+0x100/0x190
[  434.584631][T12207]  should_fail_ex.cold+0x5/0xa
[  434.584644][T12207]  should_failslab+0xc2/0x120
[  434.584656][T12207]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  434.584672][T12207]  ? p9_tag_alloc+0x9c/0x860
[  434.584690][T12207]  p9_tag_alloc+0x9c/0x860
[  434.584706][T12207]  ? __pfx_p9_tag_alloc+0x10/0x10
[  434.584726][T12207]  p9_client_prepare_req+0x19b/0x500
[  434.584743][T12207]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  434.584760][T12207]  ? proc_fail_nth_write+0x9f/0x220
[  434.584776][T12207]  p9_client_rpc+0x1c4/0xc80
[  434.584792][T12207]  ? ksys_write+0x190/0x250
[  434.584802][T12207]  ? __pfx_p9_client_rpc+0x10/0x10
[  434.584821][T12207]  ? find_held_lock+0x2b/0x80
[  434.584833][T12207]  ? down_write+0x146/0x1f0
[  434.584852][T12207]  p9_client_fsync+0x6b/0xe0
[  434.584868][T12207]  v9fs_file_fsync_dotl+0xcb/0x110
[  434.584881][T12207]  ? __pfx_v9fs_file_fsync_dotl+0x10/0x10
[  434.584894][T12207]  do_fsync+0xbf/0x220
[  434.584906][T12207]  __ia32_sys_fsync+0x32/0x50
[  434.584917][T12207]  __do_fast_syscall_32+0xe3/0x8c0
[  434.584934][T12207]  do_fast_syscall_32+0x32/0x70
[  434.584950][T12207]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.584964][T12207] RIP: 0023:0xf6feef6c
[  434.584973][T12207] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  434.584983][T12207] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000076
[  434.584993][T12207] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  434.584999][T12207] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  434.585005][T12207] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  434.585011][T12207] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  434.585016][T12207] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.585030][T12207]  </TASK>
[  434.693228][T12211] 9pnet_virtio: no channels available for device syz
[  434.741570][T12213] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1759'.
[  434.891542][T12225] FAULT_INJECTION: forcing a failure.
[  434.891542][T12225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  434.896927][T12225] CPU: 1 UID: 0 PID: 12225 Comm: syz.4.1765 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  434.896952][T12225] Tainted: [L]=SOFTLOCKUP
[  434.896957][T12225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  434.896967][T12225] Call Trace:
[  434.896973][T12225]  <TASK>
[  434.896980][T12225]  dump_stack_lvl+0x100/0x190
[  434.897007][T12225]  should_fail_ex.cold+0x5/0xa
[  434.897027][T12225]  _copy_from_user+0x2e/0xd0
[  434.897061][T12225]  tls_setsockopt+0x15fb/0x1e00
[  434.897091][T12225]  ? __pfx_tls_setsockopt+0x10/0x10
[  434.897117][T12225]  ? aa_sock_opt_perm+0xfe/0x1b0
[  434.897140][T12225]  ? sock_common_setsockopt+0x2e/0xf0
[  434.897165][T12225]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  434.897192][T12225]  do_sock_setsockopt+0xf3/0x1d0
[  434.897219][T12225]  __sys_setsockopt+0x119/0x190
[  434.897244][T12225]  __ia32_sys_setsockopt+0xbc/0x160
[  434.897264][T12225]  ? __do_fast_syscall_32+0x94/0x8c0
[  434.897287][T12225]  ? lockdep_hardirqs_on+0x78/0x100
[  434.897308][T12225]  __do_fast_syscall_32+0xe3/0x8c0
[  434.897333][T12225]  do_fast_syscall_32+0x32/0x70
[  434.897355][T12225]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.897375][T12225] RIP: 0023:0xf704ef6c
[  434.897388][T12225] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  434.897402][T12225] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  434.897418][T12225] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011a
[  434.897428][T12225] RDX: 0000000000000001 RSI: 00000000800000c0 RDI: 0000000000000028
[  434.897437][T12225] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  434.897446][T12225] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  434.897455][T12225] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.897477][T12225]  </TASK>
[  435.194758][T12233] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  435.442715][T12245] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1770'.
[  435.469701][T12247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1771'.
[  435.596796][T12259] FAULT_INJECTION: forcing a failure.
[  435.596796][T12259] name failslab, interval 1, probability 0, space 0, times 0
[  435.600897][T12259] CPU: 3 UID: 0 PID: 12259 Comm: syz.2.1776 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  435.600914][T12259] Tainted: [L]=SOFTLOCKUP
[  435.600918][T12259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  435.600925][T12259] Call Trace:
[  435.600930][T12259]  <TASK>
[  435.600934][T12259]  dump_stack_lvl+0x100/0x190
[  435.600953][T12259]  should_fail_ex.cold+0x5/0xa
[  435.600967][T12259]  should_failslab+0xc2/0x120
[  435.600978][T12259]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  435.600995][T12259]  ? __alloc_skb+0x140/0x710
[  435.601012][T12259]  __alloc_skb+0x140/0x710
[  435.601024][T12259]  ? __alloc_skb+0x5b7/0x710
[  435.601038][T12259]  ? __pfx___alloc_skb+0x10/0x10
[  435.601051][T12259]  ? __pfx___might_resched+0x10/0x10
[  435.601071][T12259]  netlink_alloc_large_skb+0x69/0x150
[  435.601088][T12259]  netlink_sendmsg+0x680/0xda0
[  435.601107][T12259]  ? __pfx_netlink_sendmsg+0x10/0x10
[  435.601125][T12259]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  435.601143][T12259]  ____sys_sendmsg+0x9e1/0xb70
[  435.601153][T12259]  ? __pfx_netlink_sendmsg+0x10/0x10
[  435.601171][T12259]  ? __pfx_____sys_sendmsg+0x10/0x10
[  435.601187][T12259]  ___sys_sendmsg+0x190/0x1e0
[  435.601204][T12259]  ? __pfx____sys_sendmsg+0x10/0x10
[  435.601231][T12259]  __sys_sendmsg+0x170/0x220
[  435.601246][T12259]  ? __pfx___sys_sendmsg+0x10/0x10
[  435.601265][T12259]  ? __pfx_ksys_write+0x10/0x10
[  435.601277][T12259]  __do_fast_syscall_32+0xe3/0x8c0
[  435.601294][T12259]  do_fast_syscall_32+0x32/0x70
[  435.601310][T12259]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  435.601324][T12259] RIP: 0023:0xf706ef6c
[  435.601332][T12259] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  435.601343][T12259] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  435.601353][T12259] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000f00
[  435.601359][T12259] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  435.601365][T12259] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  435.601371][T12259] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  435.601377][T12259] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  435.601390][T12259]  </TASK>
[  435.643092][T12265] netlink: 'syz.2.1779': attribute type 11 has an invalid length.
[  435.746052][T12269] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1780'.
[  435.929428][T12274] netlink: 'syz.4.1778': attribute type 1 has an invalid length.
[  435.932314][T12274] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1778'.
[  437.550099][T12297] FAULT_INJECTION: forcing a failure.
[  437.550099][T12297] name failslab, interval 1, probability 0, space 0, times 0
[  437.571441][T12297] CPU: 3 UID: 0 PID: 12297 Comm: syz.2.1787 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  437.571460][T12297] Tainted: [L]=SOFTLOCKUP
[  437.571464][T12297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  437.571471][T12297] Call Trace:
[  437.571475][T12297]  <TASK>
[  437.571480][T12297]  dump_stack_lvl+0x100/0x190
[  437.571501][T12297]  should_fail_ex.cold+0x5/0xa
[  437.571514][T12297]  should_failslab+0xc2/0x120
[  437.571526][T12297]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  437.571542][T12297]  ? __alloc_skb+0x140/0x710
[  437.571559][T12297]  __alloc_skb+0x140/0x710
[  437.571572][T12297]  ? __alloc_skb+0x5b7/0x710
[  437.571585][T12297]  ? __pfx___alloc_skb+0x10/0x10
[  437.571603][T12297]  netlink_alloc_large_skb+0x69/0x150
[  437.571621][T12297]  netlink_sendmsg+0x680/0xda0
[  437.571639][T12297]  ? __pfx_netlink_sendmsg+0x10/0x10
[  437.571657][T12297]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  437.571676][T12297]  ____sys_sendmsg+0x9e1/0xb70
[  437.571686][T12297]  ? __pfx_netlink_sendmsg+0x10/0x10
[  437.571704][T12297]  ? __pfx_____sys_sendmsg+0x10/0x10
[  437.571720][T12297]  ___sys_sendmsg+0x190/0x1e0
[  437.571733][T12297]  ? __pfx____sys_sendmsg+0x10/0x10
[  437.571760][T12297]  __sys_sendmsg+0x170/0x220
[  437.571775][T12297]  ? __pfx___sys_sendmsg+0x10/0x10
[  437.571795][T12297]  ? __pfx_ksys_write+0x10/0x10
[  437.571807][T12297]  __do_fast_syscall_32+0xe3/0x8c0
[  437.571826][T12297]  do_fast_syscall_32+0x32/0x70
[  437.571842][T12297]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  437.571857][T12297] RIP: 0023:0xf706ef6c
[  437.571866][T12297] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  437.571876][T12297] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  437.571887][T12297] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  437.571893][T12297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  437.571899][T12297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  437.571905][T12297] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  437.571911][T12297] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  437.571924][T12297]  </TASK>
[  437.589399][T12299] Set syz1 is full, maxelem 1023 reached
[  437.676675][T12303] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1789'.
[  437.804779][T12310] netlink: 'syz.2.1791': attribute type 11 has an invalid length.
[  438.186698][T12323] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  438.229334][T12323] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  438.487947][T12331] FAULT_INJECTION: forcing a failure.
[  438.487947][T12331] name failslab, interval 1, probability 0, space 0, times 0
[  438.507594][T12331] CPU: 1 UID: 0 PID: 12331 Comm: syz.3.1798 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  438.507622][T12331] Tainted: [L]=SOFTLOCKUP
[  438.507628][T12331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  438.507637][T12331] Call Trace:
[  438.507643][T12331]  <TASK>
[  438.507650][T12331]  dump_stack_lvl+0x100/0x190
[  438.507677][T12331]  should_fail_ex.cold+0x5/0xa
[  438.507698][T12331]  should_failslab+0xc2/0x120
[  438.507716][T12331]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  438.507740][T12331]  ? __alloc_skb+0x140/0x710
[  438.507765][T12331]  __alloc_skb+0x140/0x710
[  438.507784][T12331]  ? __alloc_skb+0x5b7/0x710
[  438.507803][T12331]  ? __pfx___alloc_skb+0x10/0x10
[  438.507822][T12331]  ? __pfx___might_resched+0x10/0x10
[  438.507851][T12331]  netlink_alloc_large_skb+0x69/0x150
[  438.507877][T12331]  netlink_sendmsg+0x680/0xda0
[  438.507904][T12331]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.507930][T12331]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  438.507959][T12331]  ____sys_sendmsg+0x9e1/0xb70
[  438.507975][T12331]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.507999][T12331]  ? __pfx_____sys_sendmsg+0x10/0x10
[  438.508026][T12331]  ___sys_sendmsg+0x190/0x1e0
[  438.508046][T12331]  ? __pfx____sys_sendmsg+0x10/0x10
[  438.508063][T12331]  ? __pte_offset_map+0x179/0x310
[  438.508126][T12331]  __sys_sendmsg+0x170/0x220
[  438.508149][T12331]  ? __pfx___sys_sendmsg+0x10/0x10
[  438.508186][T12331]  __do_fast_syscall_32+0xe3/0x8c0
[  438.508211][T12331]  do_fast_syscall_32+0x32/0x70
[  438.508234][T12331]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  438.508254][T12331] RIP: 0023:0xf6feef6c
[  438.508268][T12331] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  438.508283][T12331] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  438.508299][T12331] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  438.508309][T12331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  438.508318][T12331] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  438.508327][T12331] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  438.508336][T12331] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  438.508357][T12331]  </TASK>
[  438.982309][T12342] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  438.984581][T12342] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  438.987938][T12342] vhci_hcd vhci_hcd.0: Device attached
[  438.991548][T12342] random: crng reseeded on system resumption
[  439.233908][T12342] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  439.281419][ T7539] usb 46-1: SetAddress Request (10) to port 0
[  439.284082][ T7539] usb 46-1: new SuperSpeed USB device number 10 using vhci_hcd
[  439.453313][T12366] netlink: 'syz.3.1810': attribute type 11 has an invalid length.
[  439.800929][T12343] vhci_hcd: connection reset by peer
[  439.803090][ T1182] vhci_hcd vhci_hcd.4: stop threads
[  439.805612][ T1182] vhci_hcd vhci_hcd.4: release socket
[  439.808037][ T1182] vhci_hcd vhci_hcd.4: disconnect device
[  440.434565][T12375] netlink: 'syz.2.1813': attribute type 11 has an invalid length.
[  440.695857][T12384] netlink: 'syz.4.1817': attribute type 11 has an invalid length.
[  441.039750][T12391] netlink: 'syz.3.1820': attribute type 11 has an invalid length.
[  441.604356][   T40] audit: type=1804 audit(1773485306.957:214): pid=12402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1824" name="/newroot/419/file0" dev="fuse" ino=1 res=1 errno=0
[  443.360136][T12434] netlink: 'syz.4.1833': attribute type 1 has an invalid length.
[  443.362770][T12434] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1833'.
[  444.734757][ T7539] usb 46-1: device descriptor read/8, error -110
[  444.846289][T12459] FAULT_INJECTION: forcing a failure.
[  444.846289][T12459] name failslab, interval 1, probability 0, space 0, times 0
[  444.851526][T12459] CPU: 3 UID: 0 PID: 12459 Comm: syz.3.1845 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  444.851544][T12459] Tainted: [L]=SOFTLOCKUP
[  444.851547][T12459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  444.851553][T12459] Call Trace:
[  444.851557][T12459]  <TASK>
[  444.851562][T12459]  dump_stack_lvl+0x100/0x190
[  444.851581][T12459]  should_fail_ex.cold+0x5/0xa
[  444.851594][T12459]  should_failslab+0xc2/0x120
[  444.851611][T12459]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  444.851628][T12459]  ? __alloc_skb+0x140/0x710
[  444.851644][T12459]  __alloc_skb+0x140/0x710
[  444.851657][T12459]  ? __alloc_skb+0x5b7/0x710
[  444.851670][T12459]  ? __pfx___alloc_skb+0x10/0x10
[  444.851688][T12459]  netlink_alloc_large_skb+0x69/0x150
[  444.851705][T12459]  netlink_sendmsg+0x680/0xda0
[  444.851724][T12459]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.851742][T12459]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  444.851760][T12459]  ____sys_sendmsg+0x9e1/0xb70
[  444.851770][T12459]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.851788][T12459]  ? __pfx_____sys_sendmsg+0x10/0x10
[  444.851804][T12459]  ___sys_sendmsg+0x190/0x1e0
[  444.851817][T12459]  ? __pfx____sys_sendmsg+0x10/0x10
[  444.851844][T12459]  __sys_sendmsg+0x170/0x220
[  444.851859][T12459]  ? __pfx___sys_sendmsg+0x10/0x10
[  444.851878][T12459]  ? __pfx_ksys_write+0x10/0x10
[  444.851891][T12459]  __do_fast_syscall_32+0xe3/0x8c0
[  444.851908][T12459]  do_fast_syscall_32+0x32/0x70
[  444.851924][T12459]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  444.851938][T12459] RIP: 0023:0xf6feef6c
[  444.851947][T12459] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  444.851957][T12459] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  444.851967][T12459] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  444.851973][T12459] RDX: 0000000006008040 RSI: 0000000000000000 RDI: 0000000000000000
[  444.851979][T12459] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  444.851985][T12459] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  444.851991][T12459] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  444.852004][T12459]  </TASK>
[  445.092839][T12465] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1847'.
[  445.166558][   T40] audit: type=1326 audit(1773485310.288:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.3.1847" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6feef6c code=0x0
[  445.176073][ T7539] usb usb46-port1: attempt power cycle
[  445.410705][T12472] wg2 speed is unknown, defaulting to 1000
[  445.791504][ T7539] usb usb46-port1: unable to enumerate USB device
[  446.096711][T12475] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1848'.
[  446.379550][   T40] audit: type=1326 audit(1773485311.233:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.2.1848" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0
[  446.425275][T12480] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1849'.
[  447.127032][T12494] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1854'.
[  447.137928][ T7539] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  447.300850][ T7539] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  447.305574][ T7539] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.312728][ T7539] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  447.316853][ T7539] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.320668][ T7539] usb 8-1: Product: syz
[  447.322542][ T7539] usb 8-1: Manufacturer: syz
[  447.324608][ T7539] usb 8-1: SerialNumber: syz
[  447.332698][ T7539] cdc_mbim 8-1:1.0: skipping garbage
[  447.335224][ T7539] usb 8-1: selecting invalid altsetting 1
[  447.383785][   T53] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  447.522834][   T53] usb 7-1: device descriptor read/64, error -71
[  447.752804][T12506] wg2 speed is unknown, defaulting to 1000
[  447.779995][   T53] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  447.831050][T12510] can0: slcan on ttyS3.
[  447.967234][T12514] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  447.977256][T12514] CIFS mount error: No usable UNC path provided in device string!
[  447.977256][T12514] 
[  447.981723][T12514] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  448.039311][   T53] usb 7-1: device descriptor read/64, error -71
[  448.042327][ T7539] cdc_mbim 8-1:1.0: failed GET_NTB_PARAMETERS
[  448.044537][ T7539] cdc_mbim 8-1:1.0: bind() failure
[  448.050852][ T7539] usb 8-1: USB disconnect, device number 19
[  448.153651][   T53] usb usb7-port1: attempt power cycle
[  448.209985][T12510] can0 (unregistered): slcan off ttyS3.
[  448.516923][   T53] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  448.549537][   T53] usb 7-1: device descriptor read/8, error -71
[  448.826794][   T53] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  448.849574][   T53] usb 7-1: device descriptor read/8, error -71
[  448.976646][   T53] usb usb7-port1: unable to enumerate USB device
[  449.831804][T12536] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1861'.
[  449.892690][   T40] audit: type=1326 audit(1773485314.713:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12535 comm="syz.0.1861" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705ef6c code=0x0
[  450.136993][T12541] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1862'.
[  450.853028][T12544] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1863'.
[  451.060320][T12553] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1866'.
[  451.212037][ T5939] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  451.216977][ T5939] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  451.220160][ T5939] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  451.228375][ T5939] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  451.236937][ T5939] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  451.269421][T12555] wg2 speed is unknown, defaulting to 1000
[  451.377046][T12561] netlink: 'syz.3.1869': attribute type 1 has an invalid length.
[  451.379651][T12561] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1869'.
[  451.557241][T12555] chnl_net:caif_netlink_parms(): no params data found
[  451.657822][T12555] bridge0: port 1(bridge_slave_0) entered blocking state
[  451.664225][T12555] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.668346][T12555] bridge_slave_0: entered allmulticast mode
[  451.676432][T12555] bridge_slave_0: entered promiscuous mode
[  451.685594][T12555] bridge0: port 2(bridge_slave_1) entered blocking state
[  451.688889][T12555] bridge0: port 2(bridge_slave_1) entered disabled state
[  451.697053][T12555] bridge_slave_1: entered allmulticast mode
[  451.701108][T12555] bridge_slave_1: entered promiscuous mode
[  451.826857][T12555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  451.834385][T12555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  451.871318][T12555] team0: Port device team_slave_0 added
[  451.876593][T12555] team0: Port device team_slave_1 added
[  451.899947][T12555] batman_adv: batadv0: Adding interface: batadv_slave_0
[  451.902286][T12555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  451.911867][T12555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  451.917466][T12555] batman_adv: batadv0: Adding interface: batadv_slave_1
[  451.924273][T12555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  451.932602][T12555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  451.980302][T12555] hsr_slave_0: entered promiscuous mode
[  451.983070][T12555] hsr_slave_1: entered promiscuous mode
[  452.197624][  T100] bridge_slave_1: left allmulticast mode
[  452.200543][  T100] bridge_slave_1: left promiscuous mode
[  452.202519][  T100] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.207387][  T100] bridge_slave_0: left allmulticast mode
[  452.209169][  T100] bridge_slave_0: left promiscuous mode
[  452.211072][  T100] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.290788][T12583] netlink: 'syz.3.1872': attribute type 1 has an invalid length.
[  452.292699][T12582] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1871'.
[  452.293438][T12583] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1872'.
[  452.516325][T12588] netlink: 'syz.4.1873': attribute type 11 has an invalid length.
[  452.978497][  T100] bond1 (unregistering): (slave bridge1): Releasing backup interface
[  452.984928][  T100] bridge1 (unregistering): left promiscuous mode
[  453.153681][  T100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  453.158188][  T100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  453.163844][  T100] bond0 (unregistering): Released all slaves
[  453.174330][  T100] bond1 (unregistering): Released all slaves
[  453.221829][T12586] mac80211_hwsim hwsim9 .
: renamed from wlan1 (while UP)
[  453.465894][ T5293] Bluetooth: hci4: command tx timeout
[  453.815387][T12610] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  453.818362][T12610] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  453.846935][T12610] vhci_hcd vhci_hcd.0: Device attached
[  453.858372][T12610] random: crng reseeded on system resumption
[  453.906707][T12610] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  454.005471][  T100] hsr_slave_0: left promiscuous mode
[  454.009205][  T100] hsr_slave_1: left promiscuous mode
[  454.012401][  T100] batman_adv: batadv0: Removing interface: batadv_slave_0
[  454.015616][  T100] batman_adv: batadv0: Removing interface: batadv_slave_1
[  454.052429][  T100] team0 (unregistering): Port device macvlan1 removed
[  454.145480][  T100] team0 (unregistering): Port device team_slave_1 removed
[  454.160737][ T7272] usb 44-1: SetAddress Request (40) to port 0
[  454.163691][ T7272] usb 44-1: new SuperSpeed USB device number 40 using vhci_hcd
[  454.171748][  T100] team0 (unregistering): Port device team_slave_0 removed
[  454.230683][ T9866] smc: removing ib device syz2
[  454.490956][T12555] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  454.506672][T12555] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  454.539437][T12611] vhci_hcd: connection reset by peer
[  454.540913][T12555] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  454.546211][   T88] vhci_hcd vhci_hcd.3: stop threads
[  454.548026][   T88] vhci_hcd vhci_hcd.3: release socket
[  454.550128][   T88] vhci_hcd vhci_hcd.3: disconnect device
[  454.561909][T12555] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  454.702410][T12555] 8021q: adding VLAN 0 to HW filter on device bond0
[  454.724216][T12555] 8021q: adding VLAN 0 to HW filter on device team0
[  454.752685][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  454.755090][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  454.771926][ T1182] bridge0: port 2(bridge_slave_1) entered blocking state
[  454.774319][ T1182] bridge0: port 2(bridge_slave_1) entered forwarding state
[  454.833321][T12635] netlink: 'syz.2.1879': attribute type 11 has an invalid length.
[  455.122024][T12555] 8021q: adding VLAN 0 to HW filter on device batadv0
[  455.295435][T12555] veth0_vlan: entered promiscuous mode
[  455.324266][T12555] veth1_vlan: entered promiscuous mode
[  455.418352][T12555] veth0_macvtap: entered promiscuous mode
[  455.583367][T12555] veth1_macvtap: entered promiscuous mode
[  455.634550][T12555] batman_adv: batadv0: Interface activated: batadv_slave_0
[  455.657045][T12555] batman_adv: batadv0: Interface activated: batadv_slave_1
[  455.678649][ T5293] Bluetooth: hci4: command tx timeout
[  455.703559][   T88] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  455.747978][   T88] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  455.769707][   T88] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  455.797227][   T88] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  455.897323][ T9866] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  455.900062][ T9866] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  455.914208][ T9866] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  455.916931][ T9866] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.377922][T12659] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  456.380885][T12659] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  456.437615][T12659] vhci_hcd vhci_hcd.0: Device attached
[  456.697921][T12656] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1883'.
[  456.791888][   T40] audit: type=1326 audit(1773485321.168:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12653 comm="syz.2.1883" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0
[  457.100249][   T60] usb 38-1: SetAddress Request (14) to port 0
[  457.102505][   T60] usb 38-1: new SuperSpeed USB device number 14 using vhci_hcd
[  457.261171][T12660] vhci_hcd: connection reset by peer
[  457.281679][ T9866] vhci_hcd vhci_hcd.0: stop threads
[  457.284161][ T9866] vhci_hcd vhci_hcd.0: release socket
[  457.286189][ T9866] vhci_hcd vhci_hcd.0: disconnect device
[  457.421516][T12677] netlink: 'syz.4.1888': attribute type 1 has an invalid length.
[  457.425093][T12677] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1888'.
[  457.901962][ T5293] Bluetooth: hci4: command tx timeout
[  458.547204][T12689] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  458.549430][T12689] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  458.552322][T12689] vhci_hcd vhci_hcd.0: Device attached
[  458.559504][T12687] random: crng reseeded on system resumption
[  458.574477][T12687] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  458.907549][T12690] vhci_hcd: connection closed
[  458.907777][   T46] vhci_hcd vhci_hcd.3: stop threads
[  458.911393][   T46] vhci_hcd vhci_hcd.3: release socket
[  458.914013][   T46] vhci_hcd vhci_hcd.3: disconnect device
[  459.612249][ T7272] usb 44-1: device descriptor read/8, error -110
[  459.705302][T12703] FAULT_INJECTION: forcing a failure.
[  459.705302][T12703] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.711153][T12703] CPU: 2 UID: 0 PID: 12703 Comm: syz.2.1895 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  459.711180][T12703] Tainted: [L]=SOFTLOCKUP
[  459.711186][T12703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  459.711196][T12703] Call Trace:
[  459.711202][T12703]  <TASK>
[  459.711209][T12703]  dump_stack_lvl+0x100/0x190
[  459.711239][T12703]  should_fail_ex.cold+0x5/0xa
[  459.711261][T12703]  _copy_to_user+0x32/0xd0
[  459.711283][T12703]  simple_read_from_buffer+0xcb/0x170
[  459.711312][T12703]  proc_fail_nth_read+0x1af/0x230
[  459.711335][T12703]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  459.711358][T12703]  ? rw_verify_area+0xce/0x6d0
[  459.711383][T12703]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  459.711403][T12703]  vfs_read+0x1e4/0xb30
[  459.711433][T12703]  ? __pfx_vfs_read+0x10/0x10
[  459.711456][T12703]  ? find_held_lock+0x2b/0x80
[  459.711473][T12703]  ? __fget_files+0x215/0x3d0
[  459.711493][T12703]  ? __fget_files+0x21f/0x3d0
[  459.711517][T12703]  ksys_read+0x12a/0x250
[  459.711542][T12703]  ? __pfx_ksys_read+0x10/0x10
[  459.711575][T12703]  do_int80_emulation+0x141/0x6b0
[  459.711603][T12703]  asm_int80_emulation+0x1a/0x20
[  459.711622][T12703] RIP: 0023:0xf71a5cab
[  459.711636][T12703] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  459.711652][T12703] RSP: 002b:00000000f545d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  459.711669][T12703] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f545d5d0
[  459.711679][T12703] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  459.711689][T12703] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  459.711698][T12703] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  459.711707][T12703] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  459.711730][T12703]  </TASK>
[  460.104385][ T7272] usb usb44-port1: attempt power cycle
[  460.125348][ T5293] Bluetooth: hci4: command tx timeout
[  460.724996][ T7272] usb usb44-port1: unable to enumerate USB device
[  460.827306][T12719] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1900'.
[  460.857658][   T40] audit: type=1326 audit(1773485324.966:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12717 comm="syz.0.1900" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702ef6c code=0x0
[  460.979474][T12722] openvswitch: netlink: Missing valid actions attribute.
[  460.983411][T12722] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  461.100900][T12725] FAULT_INJECTION: forcing a failure.
[  461.100900][T12725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  461.107032][T12725] CPU: 3 UID: 0 PID: 12725 Comm: syz.3.1904 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  461.107058][T12725] Tainted: [L]=SOFTLOCKUP
[  461.107063][T12725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  461.107073][T12725] Call Trace:
[  461.107078][T12725]  <TASK>
[  461.107085][T12725]  dump_stack_lvl+0x100/0x190
[  461.107115][T12725]  should_fail_ex.cold+0x5/0xa
[  461.107134][T12725]  _copy_to_user+0x32/0xd0
[  461.107155][T12725]  simple_read_from_buffer+0xcb/0x170
[  461.107181][T12725]  proc_fail_nth_read+0x1af/0x230
[  461.107202][T12725]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  461.107223][T12725]  ? rw_verify_area+0xce/0x6d0
[  461.107244][T12725]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  461.107263][T12725]  vfs_read+0x1e4/0xb30
[  461.107290][T12725]  ? __pfx_vfs_read+0x10/0x10
[  461.107310][T12725]  ? find_held_lock+0x2b/0x80
[  461.107327][T12725]  ? __fget_files+0x215/0x3d0
[  461.107346][T12725]  ? __fget_files+0x21f/0x3d0
[  461.107368][T12725]  ksys_read+0x12a/0x250
[  461.107391][T12725]  ? __pfx_ksys_read+0x10/0x10
[  461.107421][T12725]  do_int80_emulation+0x141/0x6b0
[  461.107447][T12725]  asm_int80_emulation+0x1a/0x20
[  461.107464][T12725] RIP: 0023:0xf7125cab
[  461.107477][T12725] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  461.107492][T12725] RSP: 002b:00000000f53dd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  461.107507][T12725] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53dd5d0
[  461.107517][T12725] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  461.107525][T12725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  461.107534][T12725] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  461.107543][T12725] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  461.107565][T12725]  </TASK>
[  461.647615][T12740] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  461.649704][T12740] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  461.653073][T12740] vhci_hcd vhci_hcd.0: Device attached
[  461.662013][T12740] random: crng reseeded on system resumption
[  461.703862][T12740] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  461.942725][ T7272] usb 46-1: SetAddress Request (14) to port 0
[  461.945271][ T7272] usb 46-1: new SuperSpeed USB device number 14 using vhci_hcd
[  462.216376][T12741] vhci_hcd: connection reset by peer
[  462.247335][T12753] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1912'.
[  462.274424][   T88] vhci_hcd vhci_hcd.4: stop threads
[  462.276413][   T88] vhci_hcd vhci_hcd.4: release socket
[  462.278809][   T88] vhci_hcd vhci_hcd.4: disconnect device
[  462.519798][   T60] usb 38-1: device descriptor read/8, error -110
[  462.979531][T12763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1916'.
[  463.042609][   T40] audit: type=1326 audit(1773485327.015:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12761 comm="syz.2.1916" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0
[  463.108412][   T60] usb usb38-port1: attempt power cycle
[  463.667999][T12772] netlink: 'syz.0.1919': attribute type 11 has an invalid length.
[  464.422912][   T60] usb usb38-port1: unable to enumerate USB device
[  464.517859][T12777] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1920'.
[  464.704019][   T40] audit: type=1326 audit(1773485328.559:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12774 comm="syz.4.1920" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf704ef6c code=0x0
[  465.186740][T12802] netlink: 'syz.3.1925': attribute type 1 has an invalid length.
[  465.192894][T12802] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1925'.
[  465.209829][T12806] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1923'.
[  465.215743][T12806] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1923'.
[  465.221051][T12806] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1923'.
[  466.001396][T12814] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1929'.
[  466.029346][T12815] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1930'.
[  466.047607][   T40] audit: type=1326 audit(1773485329.831:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12812 comm="syz.3.1930" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6feef6c code=0x0
[  466.708289][T12830] FAULT_INJECTION: forcing a failure.
[  466.708289][T12830] name failslab, interval 1, probability 0, space 0, times 0
[  466.713329][T12830] CPU: 3 UID: 0 PID: 12830 Comm: syz.2.1935 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  466.713358][T12830] Tainted: [L]=SOFTLOCKUP
[  466.713363][T12830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  466.713374][T12830] Call Trace:
[  466.713381][T12830]  <TASK>
[  466.713388][T12830]  dump_stack_lvl+0x100/0x190
[  466.713419][T12830]  should_fail_ex.cold+0x5/0xa
[  466.713440][T12830]  should_failslab+0xc2/0x120
[  466.713458][T12830]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  466.713482][T12830]  ? __alloc_skb+0x140/0x710
[  466.713515][T12830]  __alloc_skb+0x140/0x710
[  466.713534][T12830]  ? __alloc_skb+0x5b7/0x710
[  466.713554][T12830]  ? __pfx___alloc_skb+0x10/0x10
[  466.713581][T12830]  netlink_alloc_large_skb+0x69/0x150
[  466.713608][T12830]  netlink_sendmsg+0x680/0xda0
[  466.713636][T12830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  466.713663][T12830]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  466.713694][T12830]  ____sys_sendmsg+0x9e1/0xb70
[  466.713711][T12830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  466.713738][T12830]  ? __pfx_____sys_sendmsg+0x10/0x10
[  466.713767][T12830]  ___sys_sendmsg+0x190/0x1e0
[  466.713787][T12830]  ? __pfx____sys_sendmsg+0x10/0x10
[  466.713833][T12830]  __sys_sendmsg+0x170/0x220
[  466.713858][T12830]  ? __pfx___sys_sendmsg+0x10/0x10
[  466.713890][T12830]  ? __pfx_ksys_write+0x10/0x10
[  466.713911][T12830]  __do_fast_syscall_32+0xe3/0x8c0
[  466.713940][T12830]  do_fast_syscall_32+0x32/0x70
[  466.713964][T12830]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  466.713986][T12830] RIP: 0023:0xf706ef6c
[  466.714000][T12830] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  466.714016][T12830] RSP: 002b:00000000f545d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  466.714033][T12830] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009b40
[  466.714044][T12830] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  466.714054][T12830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  466.714063][T12830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  466.714073][T12830] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  466.714097][T12830]  </TASK>
[  466.842935][T12832] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1936'.
[  466.854118][T12832] wireguard1: entered promiscuous mode
[  466.946508][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  467.043653][T12841] netlink: 'syz.3.1938': attribute type 12 has an invalid length.
[  467.047089][T12841] netlink: 'syz.3.1938': attribute type 29 has an invalid length.
[  467.394237][ T7272] usb 46-1: device descriptor read/8, error -110
[  467.748933][T12856] netlink: 'syz.3.1944': attribute type 1 has an invalid length.
[  467.752381][T12856] __nla_validate_parse: 4 callbacks suppressed
[  467.752395][T12856] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1944'.
[  467.827314][ T7272] usb usb46-port1: attempt power cycle
[  468.246344][T12869] netlink: 'syz.2.1945': attribute type 1 has an invalid length.
[  468.249594][T12869] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1945'.
[  468.443586][ T7272] usb usb46-port1: unable to enumerate USB device
[  469.277168][T12893] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1954'.
[  471.310560][T12916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1964'.
[  471.419771][   T40] audit: type=1326 audit(1773485334.855:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12912 comm="syz.3.1964" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6feef6c code=0x0
[  471.594587][T12927] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1966'.
[  472.517869][T12935] netlink: 'syz.4.1962': attribute type 1 has an invalid length.
[  472.521433][T12935] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1962'.
[  472.721097][T12940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1969'.
[  473.020184][T12953] netlink: 'syz.0.1974': attribute type 1 has an invalid length.
[  473.022805][T12953] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1974'.
[  473.808638][T12954] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  473.845456][T12954] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  473.920421][T12954] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  473.923261][T12954] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  473.932577][T12954] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  473.938867][T12954] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  473.943663][T12954] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  473.951290][T12954] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  474.214525][T12973] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  474.217523][T12973] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  474.221570][T12973] vhci_hcd vhci_hcd.0: Device attached
[  474.235154][T12974] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  474.238215][T12974] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  474.242251][T12974] vhci_hcd vhci_hcd.0: Device attached
[  474.299729][T12974] random: crng reseeded on system resumption
[  474.523672][ T5286] usb 38-1: SetAddress Request (18) to port 0
[  474.523709][ T5286] usb 38-1: new SuperSpeed USB device number 18 using vhci_hcd
[  474.581966][T11395] usb 46-1: SetAddress Request (18) to port 0
[  474.582007][T11395] usb 46-1: new SuperSpeed USB device number 18 using vhci_hcd
[  474.586606][T12974] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  475.141507][T12975] vhci_hcd: connection reset by peer
[  475.151715][   T12] vhci_hcd vhci_hcd.0: stop threads
[  475.156325][   T12] vhci_hcd vhci_hcd.0: release socket
[  475.158705][   T12] vhci_hcd vhci_hcd.0: disconnect device
[  475.359351][T12977] vhci_hcd: connection reset by peer
[  475.362771][   T12] vhci_hcd vhci_hcd.4: stop threads
[  475.364732][   T12] vhci_hcd vhci_hcd.4: release socket
[  475.367546][   T12] vhci_hcd vhci_hcd.4: disconnect device
[  475.442938][ T5293] Bluetooth: hci3: command 0x0406 tx timeout
[  475.450723][T12999] FAULT_INJECTION: forcing a failure.
[  475.450723][T12999] name failslab, interval 1, probability 0, space 0, times 0
[  475.456646][T12999] CPU: 3 UID: 0 PID: 12999 Comm: syz.0.1986 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  475.456671][T12999] Tainted: [L]=SOFTLOCKUP
[  475.456676][T12999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  475.456685][T12999] Call Trace:
[  475.456691][T12999]  <TASK>
[  475.456698][T12999]  dump_stack_lvl+0x100/0x190
[  475.456735][T12999]  should_fail_ex.cold+0x5/0xa
[  475.456754][T12999]  should_failslab+0xc2/0x120
[  475.456770][T12999]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  475.456793][T12999]  ? __alloc_skb+0x140/0x710
[  475.456822][T12999]  __alloc_skb+0x140/0x710
[  475.456841][T12999]  ? __alloc_skb+0x5b7/0x710
[  475.456865][T12999]  ? __pfx___alloc_skb+0x10/0x10
[  475.456890][T12999]  netlink_alloc_large_skb+0x69/0x150
[  475.456915][T12999]  netlink_sendmsg+0x680/0xda0
[  475.456941][T12999]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.456966][T12999]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  475.456998][T12999]  ____sys_sendmsg+0x9e1/0xb70
[  475.457013][T12999]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.457036][T12999]  ? __pfx_____sys_sendmsg+0x10/0x10
[  475.457062][T12999]  ___sys_sendmsg+0x190/0x1e0
[  475.457080][T12999]  ? __pfx____sys_sendmsg+0x10/0x10
[  475.457123][T12999]  __sys_sendmsg+0x170/0x220
[  475.457144][T12999]  ? __pfx___sys_sendmsg+0x10/0x10
[  475.457172][T12999]  ? __pfx_ksys_write+0x10/0x10
[  475.457192][T12999]  __do_fast_syscall_32+0xe3/0x8c0
[  475.457230][T12999]  do_fast_syscall_32+0x32/0x70
[  475.457252][T12999]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  475.457270][T12999] RIP: 0023:0xf702ef6c
[  475.457283][T12999] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  475.457297][T12999] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  475.457313][T12999] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  475.457322][T12999] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  475.457331][T12999] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  475.457340][T12999] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  475.457349][T12999] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  475.457370][T12999]  </TASK>
[  475.602263][T12997] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  475.605075][T12997] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  475.612626][T12997] vhci_hcd vhci_hcd.0: Device attached
[  475.616960][T13001] netlink: 'syz.0.1987': attribute type 1 has an invalid length.
[  475.620313][T13001] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1987'.
[  475.656880][T12997] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1979'.
[  475.781601][T13002] vhci_hcd: connection closed
[  475.781961][  T100] vhci_hcd vhci_hcd.3: stop threads
[  475.786829][  T100] vhci_hcd vhci_hcd.3: release socket
[  475.789522][  T100] vhci_hcd vhci_hcd.3: disconnect device
[  475.795804][ T6212] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  475.853118][T13008] netlink: 'syz.2.1984': attribute type 1 has an invalid length.
[  475.856187][T13008] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1984'.
[  475.920402][T13012] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1989'.
[  476.116699][ T5293] Bluetooth: hci4: command 0x0c1a tx timeout
[  476.119033][ T5293] Bluetooth: hci2: command 0x0c1a tx timeout
[  476.712910][T13015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1990'.
[  476.852943][   T40] audit: type=1326 audit(1773485339.935:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13013 comm="syz.0.1990" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702ef6c code=0x0
[  477.289107][   T34] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  477.394520][T13030] netlink: 'syz.0.1995': attribute type 1 has an invalid length.
[  477.397908][T13030] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1995'.
[  477.666376][ T5939] Bluetooth: hci3: command 0x0406 tx timeout
[  477.826648][   T34] usb 8-1: Using ep0 maxpacket: 32
[  477.830175][   T34] usb 8-1: config 0 has no interfaces?
[  477.833815][   T34] usb 8-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50
[  477.836935][   T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.840917][   T34] usb 8-1: Product: syz
[  477.842844][   T34] usb 8-1: Manufacturer: syz
[  477.845016][   T34] usb 8-1: SerialNumber: syz
[  477.851927][   T34] usb 8-1: config 0 descriptor??
[  478.078081][   T53] usb 8-1: USB disconnect, device number 20
[  478.098467][T13032] netlink: 'syz.4.1996': attribute type 1 has an invalid length.
[  478.101010][T13032] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1996'.
[  478.194768][T13036] netlink: 'syz.2.1998': attribute type 1 has an invalid length.
[  478.197338][T13036] netlink: 280 bytes leftover after parsing attributes in process `syz.2.1998'.
[  478.340931][ T5939] Bluetooth: hci2: command 0x0c1a tx timeout
[  478.342955][ T5939] Bluetooth: hci4: command 0x0c1a tx timeout
[  478.523002][T13048] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.526131][T13048] bridge0: port 1(bridge_slave_0) entered disabled state
[  478.570771][T13048] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  478.579977][T13048] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.634739][T13051] netlink: 'syz.2.2000': attribute type 1 has an invalid length.
[  478.637327][T13051] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2000'.
[  478.712139][ T9866] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  478.716517][ T9866] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  478.719384][ T9866] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  478.722213][ T9866] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  479.722191][T13073] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2007'.
[  479.815260][   T40] audit: type=1326 audit(1773485342.704:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13071 comm="syz.2.2007" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0
[  479.964581][ T5286] usb 38-1: device descriptor read/8, error -110
[  479.970059][T11395] usb 46-1: device descriptor read/8, error -110
[  480.167233][T13069] CIFS mount error: No usable UNC path provided in device string!
[  480.167233][T13069] 
[  480.178291][T13069] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  480.480741][ T5286] usb usb38-port1: attempt power cycle
[  480.563466][ T5293] Bluetooth: hci4: command 0x0c1a tx timeout
[  480.565599][ T5939] Bluetooth: hci2: command 0x0c1a tx timeout
[  480.664952][T11395] usb usb46-port1: attempt power cycle
[  480.823616][T13095] FAULT_INJECTION: forcing a failure.
[  480.823616][T13095] name failslab, interval 1, probability 0, space 0, times 0
[  480.829102][T13095] CPU: 3 UID: 0 PID: 13095 Comm: syz.3.2013 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  480.829129][T13095] Tainted: [L]=SOFTLOCKUP
[  480.829135][T13095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  480.829147][T13095] Call Trace:
[  480.829154][T13095]  <TASK>
[  480.829162][T13095]  dump_stack_lvl+0x100/0x190
[  480.829195][T13095]  should_fail_ex.cold+0x5/0xa
[  480.829216][T13095]  should_failslab+0xc2/0x120
[  480.829236][T13095]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  480.829264][T13095]  ? __alloc_skb+0x140/0x710
[  480.829291][T13095]  __alloc_skb+0x140/0x710
[  480.829312][T13095]  ? __alloc_skb+0x5b7/0x710
[  480.829333][T13095]  ? __pfx___alloc_skb+0x10/0x10
[  480.829364][T13095]  netlink_alloc_large_skb+0x69/0x150
[  480.829393][T13095]  netlink_sendmsg+0x680/0xda0
[  480.829424][T13095]  ? __pfx_netlink_sendmsg+0x10/0x10
[  480.829454][T13095]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  480.829492][T13095]  ____sys_sendmsg+0x9e1/0xb70
[  480.829509][T13095]  ? __pfx_netlink_sendmsg+0x10/0x10
[  480.829538][T13095]  ? __pfx_____sys_sendmsg+0x10/0x10
[  480.829585][T13095]  ___sys_sendmsg+0x190/0x1e0
[  480.829606][T13095]  ? __pfx____sys_sendmsg+0x10/0x10
[  480.829657][T13095]  __sys_sendmsg+0x170/0x220
[  480.829684][T13095]  ? __pfx___sys_sendmsg+0x10/0x10
[  480.829717][T13095]  ? __pfx_ksys_write+0x10/0x10
[  480.829740][T13095]  __do_fast_syscall_32+0xe3/0x8c0
[  480.829771][T13095]  do_fast_syscall_32+0x32/0x70
[  480.829796][T13095]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  480.829819][T13095] RIP: 0023:0xf6feef6c
[  480.829834][T13095] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  480.829851][T13095] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  480.829868][T13095] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000600
[  480.829879][T13095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  480.829889][T13095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  480.829899][T13095] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  480.829908][T13095] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  480.829932][T13095]  </TASK>
[  481.162747][ T5286] usb usb38-port1: unable to enumerate USB device
[  481.290390][T11395] usb usb46-port1: unable to enumerate USB device
[  481.745310][T13096] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  481.749780][T13113] FAULT_INJECTION: forcing a failure.
[  481.749780][T13113] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  481.755282][T13096] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  481.758115][T13096] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  481.761533][T13113] CPU: 2 UID: 0 PID: 13113 Comm: syz.4.2017 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  481.761558][T13113] Tainted: [L]=SOFTLOCKUP
[  481.761564][T13113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  481.761572][T13113] Call Trace:
[  481.761577][T13113]  <TASK>
[  481.761583][T13113]  dump_stack_lvl+0x100/0x190
[  481.761611][T13113]  should_fail_ex.cold+0x5/0xa
[  481.761630][T13113]  _copy_from_user+0x2e/0xd0
[  481.761649][T13113]  __sys_bpf+0x243/0x4b90
[  481.761670][T13113]  ? __pfx___sys_bpf+0x10/0x10
[  481.761686][T13113]  ? proc_fail_nth_write+0x9f/0x220
[  481.761705][T13113]  ? find_held_lock+0x2b/0x80
[  481.761724][T13113]  ? find_held_lock+0x2b/0x80
[  481.761738][T13113]  ? ksys_write+0x190/0x250
[  481.761756][T13113]  ? __mutex_unlock_slowpath+0x15c/0x790
[  481.761792][T13113]  ? fput+0x79/0x100
[  481.761810][T13113]  ? ksys_write+0x1ac/0x250
[  481.761827][T13113]  __ia32_sys_bpf+0x79/0xf0
[  481.761844][T13113]  ? lockdep_hardirqs_on+0x78/0x100
[  481.761865][T13113]  __do_fast_syscall_32+0xe3/0x8c0
[  481.761889][T13113]  do_fast_syscall_32+0x32/0x70
[  481.761911][T13113]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  481.761930][T13113] RIP: 0023:0xf704ef6c
[  481.761944][T13113] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  481.761958][T13113] RSP: 002b:00000000f543d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  481.761992][T13113] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00000000800000c0
[  481.762002][T13113] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  481.762011][T13113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  481.762021][T13113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.762030][T13113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.762051][T13113]  </TASK>
[  482.134442][   T53] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  482.851503][T13140] netlink: 'syz.2.2023': attribute type 10 has an invalid length.
[  482.881710][T13140] bond0: (slave .
): Enslaving as an active interface with an up link
[  483.217820][ T5293] Bluetooth: hci3: command 0x0406 tx timeout
[  483.311636][T13144] __nla_validate_parse: 1 callbacks suppressed
[  483.311713][T13144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2024'.
[  483.494199][   T40] audit: type=1326 audit(1773485346.137:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13141 comm="syz.2.2024" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0
[  483.513336][   T53] usb 8-1: Using ep0 maxpacket: 32
[  483.516417][   T53] usb 8-1: config 0 has no interfaces?
[  483.522534][   T53] usb 8-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50
[  483.526703][   T53] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.530133][   T53] usb 8-1: Product: syz
[  483.531979][   T53] usb 8-1: Manufacturer: syz
[  483.534008][   T53] usb 8-1: SerialNumber: syz
[  483.539071][   T53] usb 8-1: config 0 descriptor??
[  483.767512][ T5286] usb 8-1: USB disconnect, device number 21
[  483.898298][ T5293] Bluetooth: hci2: command 0x0c1a tx timeout
[  483.983753][ T5293] Bluetooth: hci4: command 0x0c1a tx timeout
[  484.181573][T13155] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2027'.
[  484.236282][   T40] audit: type=1326 audit(1773485346.829:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13152 comm="syz.2.2027" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0
[  485.877779][T13181] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2035'.
[  485.951225][   T40] audit: type=1326 audit(1773485348.448:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13179 comm="syz.2.2035" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0
[  486.618031][   T40] audit: type=1800 audit(1773485349.075:229): pid=13165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2031" name="file0" dev="9p" ino=73662709 res=0 errno=0
[  486.633682][T13193] netlink: 'syz.4.2038': attribute type 1 has an invalid length.
[  486.636364][T13193] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2038'.
[  486.811215][T13203] FAULT_INJECTION: forcing a failure.
[  486.811215][T13203] name failslab, interval 1, probability 0, space 0, times 0
[  486.820945][T13203] CPU: 2 UID: 0 PID: 13203 Comm: syz.0.2042 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  486.820976][T13203] Tainted: [L]=SOFTLOCKUP
[  486.820982][T13203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  486.821000][T13203] Call Trace:
[  486.821007][T13203]  <TASK>
[  486.821014][T13203]  dump_stack_lvl+0x100/0x190
[  486.821047][T13203]  should_fail_ex.cold+0x5/0xa
[  486.821069][T13203]  should_failslab+0xc2/0x120
[  486.821089][T13203]  __kvmalloc_node_noprof+0xfa/0xa00
[  486.821118][T13203]  ? xt_alloc_table_info+0x44/0xa0
[  486.821144][T13203]  xt_alloc_table_info+0x44/0xa0
[  486.821162][T13203]  compat_do_replace+0x19b/0x500
[  486.821181][T13203]  ? register_lock_class+0x40/0x560
[  486.821205][T13203]  ? __pfx_compat_do_replace+0x10/0x10
[  486.821230][T13203]  ? lock_acquire+0x1cf/0x380
[  486.821262][T13203]  ? bpf_lsm_capable+0x9/0x10
[  486.821282][T13203]  ? security_capable+0x80/0x260
[  486.821312][T13203]  do_ipt_set_ctl+0x562/0xaf0
[  486.821330][T13203]  ? nf_sockopt_find.isra.0+0x222/0x290
[  486.821354][T13203]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  486.821373][T13203]  ? sockopt_release_sock+0x57/0x70
[  486.821400][T13203]  ? __local_bh_enable_ip+0x9e/0x120
[  486.821421][T13203]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  486.821455][T13203]  ? smc_setsockopt+0x100/0xa10
[  486.821482][T13203]  ? nf_sockopt_find.isra.0+0x222/0x290
[  486.821504][T13203]  nf_setsockopt+0x8d/0xf0
[  486.821527][T13203]  ip_setsockopt+0xcb/0xf0
[  486.821550][T13203]  tcp_setsockopt+0xa7/0x100
[  486.821577][T13203]  smc_setsockopt+0x1b6/0xa10
[  486.821595][T13203]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  486.821628][T13203]  ? __pfx_smc_setsockopt+0x10/0x10
[  486.821650][T13203]  ? aa_sock_opt_perm+0xfe/0x1b0
[  486.821678][T13203]  ? __pfx_smc_setsockopt+0x10/0x10
[  486.821700][T13203]  do_sock_setsockopt+0xf3/0x1d0
[  486.821733][T13203]  __sys_setsockopt+0x119/0x190
[  486.821764][T13203]  __ia32_sys_setsockopt+0xbc/0x160
[  486.821788][T13203]  ? __do_fast_syscall_32+0x94/0x8c0
[  486.821814][T13203]  ? lockdep_hardirqs_on+0x78/0x100
[  486.821839][T13203]  __do_fast_syscall_32+0xe3/0x8c0
[  486.821869][T13203]  do_fast_syscall_32+0x32/0x70
[  486.821897][T13203]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.821921][T13203] RIP: 0023:0xf702ef6c
[  486.821937][T13203] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  486.821954][T13203] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  486.821971][T13203] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  486.821983][T13203] RDX: 0000000000000040 RSI: 0000000080004580 RDI: 00000000000002a0
[  486.822000][T13203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  486.822011][T13203] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  486.822021][T13203] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.822047][T13203]  </TASK>
[  486.934114][   T10] ------------[ cut here ]------------
[  486.955590][   T10] [CRTC:35:crtc-0] vblank wait timed out
[  486.958052][   T10] WARNING: drivers/gpu/drm/drm_atomic_helper.c:1921 at drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0, CPU#0: kworker/0:1/10
[  486.963846][   T10] Modules linked in:
[  486.965994][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  486.970287][   T10] Tainted: [L]=SOFTLOCKUP
[  486.972152][   T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  486.976293][   T10] Workqueue: events drm_fb_helper_damage_work
[  486.978728][   T10] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  486.981691][   T10] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d f8 ef 43 0b 8b b3 d8 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 b3 19 67 fc e9 7c fe ff ff e8 59
[  486.988263][   T10] RSP: 0018:ffffc900001c76f0 EFLAGS: 00010246
[  486.990324][   T10] RAX: 0000000000000000 RBX: ffff888041381320 RCX: 1ffff1100827027f
[  486.993424][   T10] RDX: ffff888024e58160 RSI: 0000000000000023 RDI: ffffffff90e4ed50
[  486.996711][   T10] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  486.999360][   T10] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  487.001922][   T10] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888028c51800
[  487.004531][   T10] FS:  0000000000000000(0000) GS:ffff88809714a000(0000) knlGS:0000000000000000
[  487.007428][   T10] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  487.009634][   T10] CR2: 0000000080006680 CR3: 000000004b7ad000 CR4: 0000000000352ef0
[  487.012241][   T10] Call Trace:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  487.013354][   T10]  <TASK>
[  487.014544][   T10]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  487.017097][   T10]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  487.019082][   T10]  ? lockdep_hardirqs_on+0x78/0x100
[  487.020837][   T10]  ? __pfx_autoremove_wake_function+0x10/0x10
[  487.022847][   T10]  ? drm_atomic_helper_commit_hw_done+0x36d/0x490
[  487.024965][   T10]  drm_atomic_helper_commit_tail+0xff/0x130
[  487.026915][   T10]  commit_tail+0x338/0x430
[  487.028392][   T10]  drm_atomic_helper_commit+0x303/0x380
[  487.030306][   T10]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  487.032297][   T10]  drm_atomic_commit+0x230/0x300
[  487.033959][   T10]  ? __pfx_drm_atomic_commit+0x10/0x10
[  487.035743][   T10]  ? __pfx___drm_printfn_info+0x10/0x10
[  487.037554][   T10]  ? drm_mode_object_get+0x108/0x170
[  487.039290][   T10]  drm_atomic_helper_dirtyfb+0x603/0x790
[  487.041165][   T10]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  487.043185][   T10]  ? do_raw_spin_lock+0x128/0x260
[  487.044860][   T10]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  487.046871][   T10]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  487.048882][   T10]  drm_fb_helper_damage_work+0x348/0x640
[  487.050759][   T10]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  487.052822][   T10]  ? rcu_is_watching+0x12/0xc0
[  487.054438][   T10]  process_one_work+0xa23/0x19a0
[  487.056043][   T10]  ? __pfx_process_one_work+0x10/0x10
[  487.057780][   T10]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  487.059788][   T10]  worker_thread+0x5ef/0xe50
[  487.061348][   T10]  ? kthread+0x13a/0x450
[  487.062864][   T10]  ? __pfx_worker_thread+0x10/0x10
[  487.064552][   T10]  kthread+0x370/0x450
[  487.065897][   T10]  ? __pfx_kthread+0x10/0x10
[  487.067420][   T10]  ret_from_fork+0x754/0xd80
[  487.068944][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[  487.070638][   T10]  ? __switch_to+0x7b4/0x1120
[  487.072221][   T10]  ? __pfx_kthread+0x10/0x10
[  487.073823][   T10]  ret_from_fork_asm+0x1a/0x30
[  487.075418][   T10]  </TASK>
[  487.076456][   T10] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  487.078839][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  487.082263][   T10] Tainted: [L]=SOFTLOCKUP
[  487.083721][   T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  487.086967][   T10] Workqueue: events drm_fb_helper_damage_work
[  487.088952][   T10] Call Trace:
[  487.090071][   T10]  <TASK>
[  487.091072][   T10]  dump_stack_lvl+0x100/0x190
[  487.092625][   T10]  vpanic+0x552/0x970
[  487.093964][   T10]  ? __pfx_vpanic+0x10/0x10
[  487.095467][   T10]  panic+0xd1/0xe0
[  487.096729][   T10]  ? __pfx_panic+0x10/0x10
[  487.098193][   T10]  ? check_panic_on_warn+0x1f/0x90
[  487.099881][   T10]  check_panic_on_warn.cold+0x19/0x34
[  487.101660][   T10]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0
[  487.104125][   T10]  __warn.cold+0x191/0x348
[  487.105912][   T10]  __report_bug+0x296/0x3d0
[  487.107706][   T10]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0
[  487.110064][   T10]  ? __pfx___report_bug+0x10/0x10
[  487.111748][   T10]  ? irqentry_exit+0x180/0x670
[  487.113332][   T10]  ? lockdep_hardirqs_on+0x78/0x100
[  487.115116][   T10]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  487.117482][   T10]  report_bug_entry+0xe1/0x290
[  487.119079][   T10]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  487.122049][   T10]  handle_bug+0x1cd/0x2a0
[  487.123932][   T10]  exc_invalid_op+0x17/0x50
[  487.125471][   T10]  asm_exc_invalid_op+0x1a/0x20
[  487.127116][   T10] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  487.129656][   T10] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d f8 ef 43 0b 8b b3 d8 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 b3 19 67 fc e9 7c fe ff ff e8 59
[  487.135886][   T10] RSP: 0018:ffffc900001c76f0 EFLAGS: 00010246
[  487.137879][   T10] RAX: 0000000000000000 RBX: ffff888041381320 RCX: 1ffff1100827027f
[  487.140448][   T10] RDX: ffff888024e58160 RSI: 0000000000000023 RDI: ffffffff90e4ed50
[  487.143013][   T10] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  487.145688][   T10] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  487.148456][   T10] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888028c51800
[  487.151781][   T10]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  487.154401][   T10]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  487.156336][   T10]  ? lockdep_hardirqs_on+0x78/0x100
[  487.158070][   T10]  ? __pfx_autoremove_wake_function+0x10/0x10
[  487.160064][   T10]  ? drm_atomic_helper_commit_hw_done+0x36d/0x490
[  487.162153][   T10]  drm_atomic_helper_commit_tail+0xff/0x130
[  487.164128][   T10]  commit_tail+0x338/0x430
[  487.165613][   T10]  drm_atomic_helper_commit+0x303/0x380
[  487.167441][   T10]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  487.169469][   T10]  drm_atomic_commit+0x230/0x300
[  487.171090][   T10]  ? __pfx_drm_atomic_commit+0x10/0x10
[  487.172882][   T10]  ? __pfx___drm_printfn_info+0x10/0x10
[  487.174717][   T10]  ? drm_mode_object_get+0x108/0x170
[  487.176448][   T10]  drm_atomic_helper_dirtyfb+0x603/0x790
[  487.178311][   T10]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  487.180356][   T10]  ? do_raw_spin_lock+0x128/0x260
[  487.182022][   T10]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  487.184070][   T10]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  487.186088][   T10]  drm_fb_helper_damage_work+0x348/0x640
[  487.187952][   T10]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  487.189966][   T10]  ? rcu_is_watching+0x12/0xc0
[  487.191552][   T10]  process_one_work+0xa23/0x19a0
[  487.193265][   T10]  ? __pfx_process_one_work+0x10/0x10
[  487.195098][   T10]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  487.197145][   T10]  worker_thread+0x5ef/0xe50
[  487.198705][   T10]  ? kthread+0x13a/0x450
[  487.200121][   T10]  ? __pfx_worker_thread+0x10/0x10
[  487.201818][   T10]  kthread+0x370/0x450
[  487.203188][   T10]  ? __pfx_kthread+0x10/0x10
[  487.204741][   T10]  ret_from_fork+0x754/0xd80
[  487.206289][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[  487.207988][   T10]  ? __switch_to+0x7b4/0x1120
[  487.209659][   T10]  ? __pfx_kthread+0x10/0x10
[  487.211420][   T10]  ret_from_fork_asm+0x1a/0x30
[  487.213000][   T10]  </TASK>
[  487.214903][   T10] Kernel Offset: disabled
[  487.216322][   T10] Rebooting in 86400 seconds..