last executing test programs:

4m6.34323985s ago: executing program 0 (id=129):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x5, &(0x7f0000000e80)={<r3=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000200)={0x13, 0x10, 0x8, {0x0, r3}}, 0x18)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000440)={@multicast2, @loopback, @loopback}, 0xc)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x38, r6, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x6}]}]}]}, 0x38}}, 0x0)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x30)
ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000180)={0x1})
recvfrom$inet(r1, &(0x7f00000002c0)=""/147, 0x93, 0x40010022, &(0x7f0000000380)={0x2, 0x4e23, @loopback}, 0x10)
ioctl$KVM_SET_PIT2(r7, 0x4070aea0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r8, &(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_int(r8, 0x6, 0x2, &(0x7f0000001200)=0x8a4, 0x4)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r8, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f0000000280)='bbr', 0x3)
connect$inet6(r0, 0x0, 0x0)

4m5.716510299s ago: executing program 2 (id=132):
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
clock_gettime(0x0, &(0x7f0000000040))
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x15, 0x0, 0x0)
listen(r3, 0x0)
r4 = userfaultfd(0x80801)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0xffffd000)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_clone3(&(0x7f0000002340)={0x80000000, 0x0, 0x0, 0x0, {0x33}, 0x0, 0x0, 0x0, 0x0}, 0x58)
unshare(0x600)
fsmount(0xffffffffffffffff, 0x1, 0x1)
ppoll(&(0x7f0000000140)=[{r4, 0xa5}], 0x1, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f00000007c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f0000000280)={0x3, 0x102, 0x9, 0x6}, 0xc)
timer_settime(r2, 0x1, &(0x7f0000000000), 0x0)
close(r0)

4m5.482514522s ago: executing program 0 (id=133):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = socket$kcm(0x29, 0x5, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x2, &(0x7f0000000000)=0x4, 0x4)
mount$9p_virtio(&(0x7f00000001c0), 0x0, &(0x7f00000004c0), 0x8c, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000010040), r7)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r7, &(0x7f0000010140)={0x0, 0x0, &(0x7f0000010100)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010025bd7000ffdbdf2503000000180001801400020073797a5f74756e000000000000000000a902cc810d484fcfcf1723a947131c966b0043182def7e08f34ad160f001de60d257951250c6a3655dd2c2c93d988fad8d2997d2e33fec815194aec5bf5c6f7e12aaf31ef0d1af031ce19824218fa1449c49c0d3774568bb7d9ad94ff2b57b423aaad9ac832f0c4d6c9e6ab5fe6e1ffcb377734bbf721e8b0b07000000b5b26630749b6e08aa86ce613718308074ca275f54661672a3ea9f0272c7c0cdbdbbf756bfbe33a39bc5e38f3377b342a498cbdcd2ec19353bbe120a5be45719ae8c18fce5cc8e12a174d9079e80b34b61990456d86edfab55693299be5271614e349abb9497faead76d91343c570c7fa62ab08d5f5402442818b1b0961f8a716f26ef3c30010000804601958a8b2cbc365cd9186019be349a23a5c7d37e18a50b3855edfb5449907d5288e006c7070c77ed4528abf719af124f28e40a5d57b9a8404dcdb53970e36ed93f8130c2fd8e8fd0c1b13b3ebe757a82363e4deb5e5e8dd72e35"], 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000280)={'vxcan0\x00', <r9=>0x0})
bind$can_j1939(r6, &(0x7f0000000180)={0x1d, r9, 0x0, {0x0, 0x0, 0x1}, 0x2}, 0x18)
sendmsg$can_j1939(r6, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1d, 0x0, 0x14, {0x0, 0x1ee}}, 0x18, &(0x7f00000004c0)={&(0x7f0000000140)='\x00', 0x8}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xfffffffd, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x6}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003040)=@deltfilter={0x24, 0x2d, 0x10, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x8, 0x1}, {0xffe0, 0x1}, {0xf, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20041090}, 0x4008000)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)

4m5.472744346s ago: executing program 1 (id=134):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xffff}, 0x50)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmsg$inet_nvme(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000003c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000440)=""/23, 0x17}, {&(0x7f0000000480)=""/89, 0x59}, {&(0x7f00000005c0)=""/168, 0xa8}, {&(0x7f0000000680)=""/75, 0x4b}, {&(0x7f0000000740)=""/106, 0x6a}], 0x5, &(0x7f0000000800)=""/114, 0x72}, 0x21)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000100000000000000801800009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x94)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1a, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8792}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x3a, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1, r3, 0x0, 0x0, 0x0, 0x10, 0x4a6}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000008c0)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000030000000000000007000000facdd17f31d06518110800", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000001000000b7000000000000009500000000000000"], &(0x7f0000000700)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x1a, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x8ad4, r4, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)

4m5.372699155s ago: executing program 1 (id=135):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/83, 0x53}], 0x1}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x2c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r5, r7, 0x25, 0x0, @val=@tcx}, 0x1c)
r8 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r9=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x40, '\x00', r9, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, 0x0, 0x700, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x9}, @ETHTOOL_A_LINKINFO_PORT={0x5}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x7f}, @ETHTOOL_A_LINKINFO_HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x800}, 0x800)
r10 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$inet_sctp(r10, &(0x7f0000000a40)={&(0x7f0000000280)=@in6={0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, '\x00', 0x25}, 0xfffffff8}, 0x1c, &(0x7f0000000a00)=[{&(0x7f00000003c0)="caa91f2b64fde79390b326a8fa89ff5050092e11bccbb82441ba892984a7e0f79575475651dd508c15f2cb47a34d2000c2ef1748bc3124feb335dcba6ab381943c51186ce55f0cb680702c17ef0a26f49b9e7873194315dded3ae8c2594169bbcee9ed44dd2680b21b87ed695478877aea38e90f3eafe4d3b5118fc21a60b840b41de26ebea9abc7c7c413abde73d6f11766fa75236d104cdbec62d9d7e7bfa81d465655da221bd4ccf32d9d8f0ffe039b3608a0c73507ae5d664c787a8575cba0b6f9e2c0326787443a018af0ed8103cfb137ef5b6a31b360d8a3fc7c3010b4ff41dbb69178be", 0xe7}, {&(0x7f0000000500)="905e957f09c9fc0201d1f0a19c8a5417aae1b220f186fa00be4a", 0x1a}, {&(0x7f0000000640)="1313ad829b71fa0f5637ea6efd641d834dec539001a92645cb2f66bee71cd09977b0e259e3f9686afb316d356897e7bb620ae76f570bf81e552f0c8a9f5eb4beeeb639962028c8f75d81fa1cdd9690c4b453a3b742f4de0f98b0b09f3b8e8a8343abf30295af52e7f081e0895a595175c72a5498ef788ede6952311c5a39817b55fb6d4b3ba69bc9be4d5a9b5e01c048b43b3d6b855cc6d578f44116f464d9891909c6439eef5ddd4f60e473cc", 0xad}, {&(0x7f0000000840)="cde9463ffbb0bceaddd97070e7d3a0aa458d6cc60eb49ac1bfcec7df030adc1ee21b573a2ce7bcc9a12c3f3e890415f031dd7f739d5256c424536ac6a6144bf6667c9741afb3b4209219bc2ba28806d86f3a894d0b437fe9e9afb8117b35cb7be83ae590d4b0d833f068fbc310f74e519ce2f5a200b9ec220e543d004624899ebc5c7f15fc99186ba04ddae9889a176aeb55359e7aa15da2174fd0a49ceb7cdf85b3eeb2cb32a8afc107a12581db7d2354687a4bb1ccf32f5fa1dec25c0646aec4fd341c873d8f4a7c66c937da37a9dd8bb9f69c3c3d988ea158697a", 0xdc}, {&(0x7f0000000940)="7f2e8bd828b6ef282f050f65c680bd0e77c92467545b8f82bb71176db430387ab67653f2899cdf5919ac384e2850f3572ff855d6af94733837d515c380af97b8735f571d2fe16e6cdb76ddb1369dacb6a3e5a72e0318a0bdaee00727b5", 0x5d}, {&(0x7f00000009c0)="62cc1d40584b8512fee16baabfa0c82f20c259aa", 0x14}], 0x6}, 0x4001)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010001000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

4m5.372107946s ago: executing program 1 (id=136):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, @none={0x0, 0xffff}}, 0x14, &(0x7f0000000100)={0x0}, 0x7, 0x0, 0x0, 0x20008090}, 0x0)
recvmmsg(r0, &(0x7f0000003480)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x2}], 0x2, 0x2142, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001100010027bd7000fddbdf25000000002389b6892e2be6004183982cf3e77ac590650f4166b38539ff98467484924ffa10b21d01c5507157acf6819a349b795dfd13ccc5383a0752e7d432e896", @ANYRES32=0x0, @ANYBLOB="92100000000004001400030076657468315f766c616e000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x4000000)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfe33)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280))
setxattr$trusted_overlay_opaque(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x0, 0x0, 0x1)
listxattr(0x0, &(0x7f0000001d00)=""/4096, 0x1000)
semctl$GETALL(0x0, 0x0, 0xd, 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='nfsd\x00', 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
umount2(0x0, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
sendto(r6, 0x0, 0x0, 0x24000000, 0x0, 0x0)
mknod$loop(0x0, 0xfff, 0x0)
ioctl$sock_ifreq(r5, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})

4m4.461273034s ago: executing program 1 (id=139):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x3, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_CE_THRESHOLD={0x8, 0xc, 0x5}, @TCA_FQ_FLOW_MAX_RATE={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40088c1}, 0x4008000)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000140)=@xdp={0x2c, 0xdd86, r6, 0x15}, 0x80, &(0x7f0000000500)=[{&(0x7f00000002c0)="f2", 0x14}], 0x1}, 0x44)

4m4.323753332s ago: executing program 1 (id=140):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x6, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x40000, 0x120)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1}}, './file0\x00'})

4m4.323311182s ago: executing program 1 (id=141):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x5, &(0x7f0000000e80)={<r3=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000200)={0x13, 0x10, 0x8, {0x0, r3}}, 0x18)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000440)={@multicast2, @loopback, @loopback}, 0xc)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x38, r6, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x6}]}]}]}, 0x38}}, 0x0)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x30)
ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000180)={0x1})
recvfrom$inet(r1, &(0x7f00000002c0)=""/147, 0x93, 0x40010022, &(0x7f0000000380)={0x2, 0x4e23, @loopback}, 0x10)
ioctl$KVM_SET_PIT2(r7, 0x4070aea0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r8, &(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_int(r8, 0x6, 0x2, &(0x7f0000001200)=0x8a4, 0x4)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r8, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r8, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
connect$inet6(r0, 0x0, 0x0)

4m3.306279914s ago: executing program 0 (id=145):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/83, 0x53}], 0x1}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000"], 0x2c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r5, r7, 0x25, 0x0, @val=@tcx}, 0x1c)
r8 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r9=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x40, '\x00', r9, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, 0x0, 0x700, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x9}, @ETHTOOL_A_LINKINFO_PORT={0x5}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x7f}, @ETHTOOL_A_LINKINFO_HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x800}, 0x800)
r10 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$inet_sctp(r10, &(0x7f0000000a40)={&(0x7f0000000280)=@in6={0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, '\x00', 0x25}, 0xfffffff8}, 0x1c, &(0x7f0000000a00)=[{&(0x7f00000003c0)="caa91f2b64fde79390b326a8fa89ff5050092e11bccbb82441ba892984a7e0f79575475651dd508c15f2cb47a34d2000c2ef1748bc3124feb335dcba6ab381943c51186ce55f0cb680702c17ef0a26f49b9e7873194315dded3ae8c2594169bbcee9ed44dd2680b21b87ed695478877aea38e90f3eafe4d3b5118fc21a60b840b41de26ebea9abc7c7c413abde73d6f11766fa75236d104cdbec62d9d7e7bfa81d465655da221bd4ccf32d9d8f0ffe039b3608a0c73507ae5d664c787a8575cba0b6f9e2c0326787443a018af0ed8103cfb137ef5b6a31b360d8a3fc7c3010b4ff41dbb69178be", 0xe7}, {&(0x7f0000000500)="905e957f09c9fc0201d1f0a19c8a5417aae1b220f186fa00be4a", 0x1a}, {&(0x7f0000000640)="1313ad829b71fa0f5637ea6efd641d834dec539001a92645cb2f66bee71cd09977b0e259e3f9686afb316d356897e7bb620ae76f570bf81e552f0c8a9f5eb4beeeb639962028c8f75d81fa1cdd9690c4b453a3b742f4de0f98b0b09f3b8e8a8343abf30295af52e7f081e0895a595175c72a5498ef788ede6952311c5a39817b55fb6d4b3ba69bc9be4d5a9b5e01c048b43b3d6b855cc6d578f44116f464d9891909c6439eef5ddd4f60e473cc", 0xad}, {&(0x7f0000000840)="cde9463ffbb0bceaddd97070e7d3a0aa458d6cc60eb49ac1bfcec7df030adc1ee21b573a2ce7bcc9a12c3f3e890415f031dd7f739d5256c424536ac6a6144bf6667c9741afb3b4209219bc2ba28806d86f3a894d0b437fe9e9afb8117b35cb7be83ae590d4b0d833f068fbc310f74e519ce2f5a200b9ec220e543d004624899ebc5c7f15fc99186ba04ddae9889a176aeb55359e7aa15da2174fd0a49ceb7cdf85b3eeb2cb32a8afc107a12581db7d2354687a4bb1ccf32f5fa1dec25c0646aec4fd341c873d8f4a7c66c937da37a9dd8bb9f69c3c3d988ea158697a", 0xdc}, {&(0x7f0000000940)="7f2e8bd828b6ef282f050f65c680bd0e77c92467545b8f82bb71176db430387ab67653f2899cdf5919ac384e2850f3572ff855d6af94733837d515c380af97b8735f571d2fe16e6cdb76ddb1369dacb6a3e5a72e0318a0bdaee00727b5", 0x5d}, {&(0x7f00000009c0)="62cc1d40584b8512fee16baabfa0c82f20c259aa", 0x14}], 0x6}, 0x4001)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010001000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

4m3.225112331s ago: executing program 0 (id=146):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
close(0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = accept4$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs, &(0x7f0000000100)=0x6e, 0x800)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r2, 0x5408, &(0x7f00000000c0)={0xcf50, 0x0, 0xffff, 0x9dff, 0x15})
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0xfffffff9, 0x0, 0xd, "0062007d82000000000000002240f7ffffff00"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup3(r3, r2, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000200)=0x17)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(wp512-generic,cbc-camellia-aesni-avx2)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f00000003c0)="37828caa", 0x4)
recvfrom$unix(r1, &(0x7f00000002c0)=""/143, 0x8f, 0x40010162, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_STOP(r6, 0x54a1)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc080)
sendmsg$IPSET_CMD_SWAP(r4, &(0x7f0000000c80)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x64, 0x6, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000080}, 0x4000000)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r7=>0x0})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
syz_ublk_add_dev(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x2e, 0x44, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x1, 0x6, 0x0, <r9=>0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000140)=@any_dev={0x1, 0x532, 0x0, 0x0, 0x1000, 0xc, 0x0, 0x0, 0x102}}}, &(0x7f0000000540)=<r10=>0x0)
r11 = io_uring_setup(0x1e5a, &(0x7f0000000d00)={0x0, 0xea0c, 0x2, 0x1, 0x1cc, 0x0, r4})
r12 = syz_io_uring_setup(0x416, &(0x7f0000000680)={0x0, 0xec00, 0x2, 0x1, 0x2af}, &(0x7f0000000700), &(0x7f0000000740), &(0x7f0000000780))
r13 = syz_io_uring_setup(0x4e20, &(0x7f00000007c0)={0x0, 0xde0f, 0x40, 0x2, 0x2e9}, &(0x7f0000000840), &(0x7f0000000880), &(0x7f00000008c0))
r14 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000b80)='setgroups\x00')
ioctl$CDROMPLAYTRKIND(r14, 0x5304, &(0x7f0000000cc0)={0x0, 0x2})
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_ublk_setup_queues(r14, r10, &(0x7f0000000600)={0x0, 0xc455, 0x4, 0x2, 0x17e, 0x0, r11}, &(0x7f0000000900)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7adc, 0x0, 0x2, 0x38b, 0x0, r12}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7351, 0x4, 0x0, 0x296}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x8cf9, 0x1000, 0x0, 0x369, 0x0, r13}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x331b, 0x40, 0x0, 0x350}}], 0x4, &(0x7f0000001ec0)={0x2e, 0x22, 0x0, r14, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {}, 0x0, r9, '\x00', {0x2, 0xa87, 0x0, &(0x7f0000000ec0)=@buf_512="1486c1773ea4bbc3f7b9a226c640aeab2b6fb87a1fff4a124e8d6a7f860282f19af1e4451018e892939d23cffa283ff62c50a8f6ccd76365cd4b2dae8fcd9b99efc03e6c026f9d0b4b34473cee6163dfb9b10a777c995a16df6ffb8bfc37afce85056b5d2e981358f31981d6535cac37a50b9088b9e0377cfb9e6945f497c3d3faf08a15eebf46f994262fadbcab5504a7e54c41eaa47cec05266e47e9815ce0b7fa49f764465af4230dcb4b9277ecb26e4450373e7b6974748f4edb292d9a817402774f99082011860ff282c249eae1aa927760a8219d843a82b61a84c543efaa4d7308270de5345eb0d3beb343c9b9ba69ecf6905ffa220afee693b0570b6a9727d2003be7ead70dc7a77dc25da890be922bd468c420b410003c0cc6ac5fcee44ddbc46e0063939272898686ce55a40960d11b6fdf16e5015f0534070e1e306ab81bddc3510d2a6c1d15426a65b7afa924b4ead0e8668dbb5f4b77005b67e6167f8eef78722d93d6180df097035502b874154deb03c7c4c9e3bffec1d6a7d27bc004b1f028d6dc906e819df04eaf62a01f117e34c68cbcea424e910ee92b04ab85494fc4f0cda161ccbf8e6d797060be2e51212aa17c4d94ac40f1ed1d4a933bdc3ece31be3cb98f0609382bc0f2e66516bba72110a3e5b446d697b9679f3095e4fb97f02b780f66c142640e5e9b7e1bdf376d80b880cb82a1e5883da55cf3"}}, &(0x7f0000001f40))
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000000)={0x30, r8, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x2, 0x23}}}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0x8, 0x7d, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x24004084}, 0x40000)

4m2.60365419s ago: executing program 2 (id=148):
ioctl$UBLK_U_CMD_END_USER_RECOVERY(0xffffffffffffffff, 0xc0207511, &(0x7f00000003c0)={0x0, 0xffff, 0x0, 0x0, <r0=>0xffffffffffffffff})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e1, &(0x7f0000008340))
r2 = openat$vnet(0xffffff9c, &(0x7f0000001580), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000015c0)=0x8000)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ptrace$cont(0x7, r0, 0x400, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x42000, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000001c40)=0x4)
r4 = syz_open_dev$loop(&(0x7f00000000c0), 0x81, 0x101a00)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(r3, 0x4038587a, &(0x7f0000001540)={{r5, &(0x7f0000000440)='wm\x00', 0x80000, &(0x7f0000000480)={@align=0xc9, {0x3, 0x3, 0x8b}}, 0x8, &(0x7f00000004c0)={@_ha_fsid}, &(0x7f0000000500)=0x3}, {[0xe, 0x2, 0x7, 0x5a]}, 0x4, 0x1000, &(0x7f0000000540)=""/4096})
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000180)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x80000003, 0x0, 0x0, 0x1, 0x18, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54ae5beb211d29e01177d3d458dd4992861ac00003d85ae750bc8b100", "c7db08b3551265406c7f306003d80700", [0x9, 0x3]}})
write$cgroup_devices(r5, &(0x7f0000000080)={'a', ' *:* ', 'wm\x00'}, 0x9)
openat$cdrom(0xffffff9c, &(0x7f0000000040), 0x280, 0x0)
ioctl$PPPIOCSMAXCID(r3, 0x40047451, &(0x7f0000000100)=0xffff0080)
ioctl$PPPIOCSMAXCID(r3, 0x40047451, &(0x7f0000000000)=0x8)
epoll_create1(0x0)
r6 = request_key(&(0x7f0000000000)='trusted\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f0000000100)='\xe8:@!,*\':}:\x00', 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$unlink(0x9, r6, r7)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
vmsplice(r8, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
socket$netlink(0x10, 0x3, 0x0)
r9 = epoll_create(0x84)
r10 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r10, &(0x7f0000000280)={0x7})
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000180)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000240002"], 0x50}}, 0x0)
r11 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101701)
ioctl$USBDEVFS_GETDRIVER(r11, 0x41045508, 0x0)

4m2.311563178s ago: executing program 0 (id=149):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x6, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x40000, 0x120)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1}}, './file0\x00'})

4m2.241764362s ago: executing program 0 (id=150):
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
listen(0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x5)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_1\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001980)=@newqdisc={0x43c, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r1, {0xfff3}, {0x0, 0xfff1}, {0x2, 0x8}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x80000001, 0x8001, 0x3, 0x0, 0x6, 0x4, 0x8, 0x9, 0x401, 0xfffffffc, 0x6, 0xfffffff7, 0x3, 0x3, 0x4, 0x3, 0x100, 0x8, 0xff, 0x80, 0x9, 0x8001, 0x80, 0x7, 0x101, 0xa46, 0xeb, 0x7ff, 0x7, 0x10001, 0x9, 0x6, 0x9c01, 0x7, 0x4, 0x0, 0xfaa, 0xc88, 0x6, 0x8d1, 0x1ff, 0x2, 0x1, 0x80000000, 0x6a, 0xffffffff, 0x7, 0x4, 0x3, 0x6, 0x0, 0x100, 0x4, 0x9, 0x8, 0x144, 0xd, 0x14574, 0x0, 0x7f, 0x7, 0x1, 0x314, 0x7, 0xe, 0xfccf, 0x2, 0x45, 0x7, 0x4, 0x2, 0x8, 0x5, 0x3, 0x1, 0x4, 0x1, 0x40, 0xb, 0x3ff, 0xfffffff9, 0x6, 0x9, 0x8, 0x80, 0x59b, 0x1, 0x2, 0x6, 0xc, 0x0, 0xfffffffa, 0x4, 0xba65, 0x4, 0x0, 0x70e, 0x9, 0xd, 0x1, 0x0, 0x7fffffff, 0x7fff, 0xfff, 0x4, 0x4, 0xac1, 0x5, 0x4, 0x9, 0x7, 0x9, 0x7, 0x6, 0x709d7f5b, 0xa09a, 0xfffffffe, 0x4b8a, 0x9, 0x7, 0x4, 0x3, 0x8a9, 0x6, 0x4, 0x10001, 0xc0000000, 0x4, 0x7, 0xf, 0x86, 0x7, 0x3, 0x9, 0x9, 0x663, 0xfffffffd, 0xe2, 0x0, 0x4, 0x4, 0x6, 0xfc, 0x1, 0x9, 0x8, 0x7, 0x8001, 0x0, 0x4, 0x5, 0xfd, 0x90, 0xffff, 0x5, 0xfffeffff, 0x7, 0x9, 0x8e0e, 0x1, 0xe, 0x8, 0xd, 0x2, 0x5, 0x0, 0xb, 0x6, 0x4, 0x9, 0x9, 0x0, 0xc, 0xaa8, 0xcb1a, 0x7, 0xffffffff, 0x9, 0x2, 0x81, 0x9, 0x280, 0x0, 0x8, 0x9, 0x8, 0xfffffff9, 0x800, 0x18e, 0x5, 0x5, 0x1, 0x32, 0x6, 0x4f, 0x8, 0xfffffff9, 0x0, 0x0, 0x6, 0x1, 0x7, 0x8001, 0x7, 0x53f, 0x4, 0xd13b, 0xb, 0x6, 0xb, 0x100, 0x7, 0x1, 0x6, 0x1, 0x10001, 0x6, 0x4, 0x7, 0x82, 0xf0, 0x4, 0x3, 0x6, 0x4, 0x5, 0x400, 0x0, 0x0, 0x1000, 0x6, 0xc, 0x2, 0x1, 0x3, 0xc, 0x408, 0x80000001, 0x8, 0xa4eb, 0x7, 0x4, 0xffffffff, 0x1ff, 0x3ff, 0x3, 0x80, 0x3, 0x8001, 0x1, 0x8, 0xe1, 0xc, 0x5, 0x3, 0x95]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x11}}]}, 0x43c}, 0x1, 0x0, 0x0, 0x40098}, 0x4004004)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x3, {0x8000, 0x1000, 0x4, 0x870}})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @mcast1}, 0x1c)
sendto$inet6(r5, &(0x7f0000000600)='\r\n', 0x2, 0x5, 0x0, 0x0)
recvfrom(r5, &(0x7f0000001a80)=""/4058, 0xfda, 0xc0020445, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a010800000000000000000100000b0900030073797a32000000000900010073797a300000000060000000060a010400000000000000000100000008000b40000000000900010073797a30000000003800048034"], 0xd4}}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x2000, 0x2, &(0x7f000048d000/0x2000)=nil)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00004a3000/0x1000)=nil, 0x1000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)

4m1.642718129s ago: executing program 2 (id=156):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x19, 0x4, 0x4, 0x2}, 0x50)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x121a03, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0x93)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x7e)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xb, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
r6 = syz_clone(0xb2960100, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_pidfd_open(r6, 0x0)
setns(r7, 0x24020000)
r8 = fsopen(&(0x7f0000000180)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
fsmount(r8, 0x0, 0x8c)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r9, 0x1, 0x0, 0x0, {{}, {}, {0x5, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d08000b000000e8fe55a1180015000600142603600e1209000d0000000401a80016000a00014006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)

4m1.573462063s ago: executing program 2 (id=157):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_USERDATA={0xb, 0x3, "fd02b21edf8b72"}]}], {0x14}}, 0x54}}, 0x0) (fail_nth: 5)

4m1.463632879s ago: executing program 2 (id=158):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x6, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1}}, './file0\x00'})

4m0.582350153s ago: executing program 2 (id=161):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x20)
clock_gettime(0x6, &(0x7f0000000000))
r0 = openat$uinput(0xffffff9c, &(0x7f0000000180), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000000)={{}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x4001af84, &(0x7f0000000000))
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
syz_io_uring_setup(0x48ce, &(0x7f0000000140)={0x0, 0xd353, 0x3201, 0x3, 0x19a}, &(0x7f0000000080), &(0x7f0000000200), &(0x7f0000000000))
r2 = socket$alg(0x26, 0x5, 0x0)
pipe(&(0x7f00000045c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f00000010c0)='*', 0x1}], 0x1, 0x1)
ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000002c0)={0x0, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e20, @private=0xa010102}, {0x2, 0x4e23, @remote}, 0x81, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000280)='geneve0\x00', 0x8000, 0x1, 0x9})
mount_setattr(0xffffffffffffffff, 0x0, 0x800, &(0x7f0000000040)={0xa, 0x100074, 0x40000}, 0x20)
bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'salsa20\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="ad56b6c58206007e4af65430442b25b36f0000000054c7be", 0x18)
sendmsg$ETHTOOL_MSG_WOL_SET(r3, &(0x7f00000006c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x54, 0x0, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_WOL_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x8040)

3m48.665124539s ago: executing program 32 (id=141):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x5, &(0x7f0000000e80)={<r3=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000200)={0x13, 0x10, 0x8, {0x0, r3}}, 0x18)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000440)={@multicast2, @loopback, @loopback}, 0xc)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x38, r6, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x6}]}]}]}, 0x38}}, 0x0)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x30)
ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000180)={0x1})
recvfrom$inet(r1, &(0x7f00000002c0)=""/147, 0x93, 0x40010022, &(0x7f0000000380)={0x2, 0x4e23, @loopback}, 0x10)
ioctl$KVM_SET_PIT2(r7, 0x4070aea0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r8, &(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_int(r8, 0x6, 0x2, &(0x7f0000001200)=0x8a4, 0x4)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r8, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r8, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
connect$inet6(r0, 0x0, 0x0)

3m47.136819676s ago: executing program 33 (id=150):
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
listen(0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x5)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_1\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001980)=@newqdisc={0x43c, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r1, {0xfff3}, {0x0, 0xfff1}, {0x2, 0x8}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x80000001, 0x8001, 0x3, 0x0, 0x6, 0x4, 0x8, 0x9, 0x401, 0xfffffffc, 0x6, 0xfffffff7, 0x3, 0x3, 0x4, 0x3, 0x100, 0x8, 0xff, 0x80, 0x9, 0x8001, 0x80, 0x7, 0x101, 0xa46, 0xeb, 0x7ff, 0x7, 0x10001, 0x9, 0x6, 0x9c01, 0x7, 0x4, 0x0, 0xfaa, 0xc88, 0x6, 0x8d1, 0x1ff, 0x2, 0x1, 0x80000000, 0x6a, 0xffffffff, 0x7, 0x4, 0x3, 0x6, 0x0, 0x100, 0x4, 0x9, 0x8, 0x144, 0xd, 0x14574, 0x0, 0x7f, 0x7, 0x1, 0x314, 0x7, 0xe, 0xfccf, 0x2, 0x45, 0x7, 0x4, 0x2, 0x8, 0x5, 0x3, 0x1, 0x4, 0x1, 0x40, 0xb, 0x3ff, 0xfffffff9, 0x6, 0x9, 0x8, 0x80, 0x59b, 0x1, 0x2, 0x6, 0xc, 0x0, 0xfffffffa, 0x4, 0xba65, 0x4, 0x0, 0x70e, 0x9, 0xd, 0x1, 0x0, 0x7fffffff, 0x7fff, 0xfff, 0x4, 0x4, 0xac1, 0x5, 0x4, 0x9, 0x7, 0x9, 0x7, 0x6, 0x709d7f5b, 0xa09a, 0xfffffffe, 0x4b8a, 0x9, 0x7, 0x4, 0x3, 0x8a9, 0x6, 0x4, 0x10001, 0xc0000000, 0x4, 0x7, 0xf, 0x86, 0x7, 0x3, 0x9, 0x9, 0x663, 0xfffffffd, 0xe2, 0x0, 0x4, 0x4, 0x6, 0xfc, 0x1, 0x9, 0x8, 0x7, 0x8001, 0x0, 0x4, 0x5, 0xfd, 0x90, 0xffff, 0x5, 0xfffeffff, 0x7, 0x9, 0x8e0e, 0x1, 0xe, 0x8, 0xd, 0x2, 0x5, 0x0, 0xb, 0x6, 0x4, 0x9, 0x9, 0x0, 0xc, 0xaa8, 0xcb1a, 0x7, 0xffffffff, 0x9, 0x2, 0x81, 0x9, 0x280, 0x0, 0x8, 0x9, 0x8, 0xfffffff9, 0x800, 0x18e, 0x5, 0x5, 0x1, 0x32, 0x6, 0x4f, 0x8, 0xfffffff9, 0x0, 0x0, 0x6, 0x1, 0x7, 0x8001, 0x7, 0x53f, 0x4, 0xd13b, 0xb, 0x6, 0xb, 0x100, 0x7, 0x1, 0x6, 0x1, 0x10001, 0x6, 0x4, 0x7, 0x82, 0xf0, 0x4, 0x3, 0x6, 0x4, 0x5, 0x400, 0x0, 0x0, 0x1000, 0x6, 0xc, 0x2, 0x1, 0x3, 0xc, 0x408, 0x80000001, 0x8, 0xa4eb, 0x7, 0x4, 0xffffffff, 0x1ff, 0x3ff, 0x3, 0x80, 0x3, 0x8001, 0x1, 0x8, 0xe1, 0xc, 0x5, 0x3, 0x95]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x11}}]}, 0x43c}, 0x1, 0x0, 0x0, 0x40098}, 0x4004004)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x3, {0x8000, 0x1000, 0x4, 0x870}})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @mcast1}, 0x1c)
sendto$inet6(r5, &(0x7f0000000600)='\r\n', 0x2, 0x5, 0x0, 0x0)
recvfrom(r5, &(0x7f0000001a80)=""/4058, 0xfda, 0xc0020445, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a010800000000000000000100000b0900030073797a32000000000900010073797a300000000060000000060a010400000000000000000100000008000b40000000000900010073797a30000000003800048034"], 0xd4}}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x2000, 0x2, &(0x7f000048d000/0x2000)=nil)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00004a3000/0x1000)=nil, 0x1000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)

3m45.200560988s ago: executing program 34 (id=161):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x20)
clock_gettime(0x6, &(0x7f0000000000))
r0 = openat$uinput(0xffffff9c, &(0x7f0000000180), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000000)={{}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x4001af84, &(0x7f0000000000))
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
syz_io_uring_setup(0x48ce, &(0x7f0000000140)={0x0, 0xd353, 0x3201, 0x3, 0x19a}, &(0x7f0000000080), &(0x7f0000000200), &(0x7f0000000000))
r2 = socket$alg(0x26, 0x5, 0x0)
pipe(&(0x7f00000045c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f00000010c0)='*', 0x1}], 0x1, 0x1)
ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000002c0)={0x0, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e20, @private=0xa010102}, {0x2, 0x4e23, @remote}, 0x81, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000280)='geneve0\x00', 0x8000, 0x1, 0x9})
mount_setattr(0xffffffffffffffff, 0x0, 0x800, &(0x7f0000000040)={0xa, 0x100074, 0x40000}, 0x20)
bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'salsa20\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="ad56b6c58206007e4af65430442b25b36f0000000054c7be", 0x18)
sendmsg$ETHTOOL_MSG_WOL_SET(r3, &(0x7f00000006c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x54, 0x0, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_WOL_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x8040)

2m57.212467579s ago: executing program 6 (id=374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x19, 0x4, 0x4, 0x2}, 0x50)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x121a03, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0x93)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x7e)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xb, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
r4 = syz_clone(0xb2960100, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
r6 = fsopen(&(0x7f0000000180)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
fsmount(r6, 0x0, 0x8c)

2m57.066917533s ago: executing program 6 (id=375):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r1, 0x0, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x80}, @NL80211_ATTR_AP_ISOLATE={0x5}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40044}, 0x80) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x54, 0x2, 0x3, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x7, 0x1}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0xeb}, @NFQA_CFG_QUEUE_MAXLEN={0x8}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0xe}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0xfffffffb, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x2a}}]}, 0x54}, 0x1, 0x0, 0x0, 0xc0}, 0x4040080)
mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000003c0)={'syzkaller1\x00', 0x4000}) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000270025082bbd7000fddbdf47f41f2516050000"], 0x14}, 0x1, 0x0, 0x0, 0x4044050}, 0x40010) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x68, 0x2, 0x9, 0x5, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x8}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @loopback}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x40040}, 0xc000) (async)
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000300)=0x1) (async)
write$tun(r3, &(0x7f00000017c0)=ANY=[@ANYRES32=r3], 0x2384)

2m56.921700421s ago: executing program 6 (id=376):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000200)=0x7, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x4, 0x7fff0000}]})
syz_ublk_setup_queues(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0xe62f, 0x800, 0x0, 0x271}, &(0x7f0000000200)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x3778, 0x800, 0x1, 0x378}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xd014, 0x80, 0x1, 0x31}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x715, 0x1, 0x3, 0x21b}}, {0x0, 0x0, <r1=>0xffffffffffffffff, {0x0, 0x1374, 0x1000, 0x1, 0x7}}], 0x4, &(0x7f0000001480)={0x2e, 0x4, 0x0, <r2=>0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x1, {0xb}, 0x0, 0x0, '\x00', {0x3, 0x8e2, 0x0, &(0x7f0000000480)=@buf_1k="8afd65ef309015bed9b486292c002232dac35ca5803b318e73aab335f704dbe75979c3b5080a1ca2db22ff2dc4f15b3b56dfaa04e523f7fa1127e233f5376d08527b793a8549a43d32b3d57ae89ec711b4a1edb414be1df50a093ad2756de13ec4b216af2392d352815a056354cc7f938919702359108f4e35bd16e5c5d7ae68349d0daf753de5bae74755e01ef1815fe9d54ea670c71841b0b91417bd5f1e04114db1c8774cd01baa0b935a9c5bf3faac612ee6cf4f6438e89585012f125323c40813576d32188ef9375bd0dc890c327e7be41772725a99ae685414f40ed224fbb3b6082bf43c24831436e04c5e04dc18265facad9a9b53ef5a373626743492c1d8ddd5b244adc66553a6e4835f6da259c9d3074b1ec482dbbb74c453c8755decf4db2fab6ce2807acd66cc1a2ce65c27af9c360b41475feba49ea7dd2c3dbd12af2be7832aeaa26872c25ef60e06f3bc95779451673642da6b970af6b38ed1dced3294158aeaf5b04f862056b38e9d40196030c826ba7dea8fcff447fcebc68bacf132ba6723a3b5be1641f929d8c9514d8635dc0c16d2b768434fab78f2bcf46170b397ea343110ebf15dc4da2f8d06530c1eaefcae6a486e41f2e035e30bec8084dc359b65df370a70712d8336571b33d0d0943cb50cb1e6f9886be2cf2e82ddb740b41c05a8727a8e1bc7a5ba3f210d78171da4a0e22a5ecb4a03efbbb51d9c665d9e2c2cf4574e76775cdac34cb0e813ccb96ff169071bdbf79d6391e80d7978f80be1b41596610b5cffdfc08ab8677b8c7532ed3a0e0a8a226ac8c9c6b1dbbe3bc33bc039d01ca1ad2ffd32929ea92bc2ccf984e4a6559da83469d090f02284a724672610f66094c40a19e568953992b2d047185da063857d25329ae81603ce683be5c8969feabd93e6a23841a635b1d655b26234ca97f10c7867312a44ca870b7f814a49868de22bee7389a65ee2158471b5df3e3a4bbd66cba618f4401c0330b1814f2fc44dd196be60c96d255da3ddecc5ea9a9d4ef03649dceb6bf529e3450e7af79d5307c7177aec42b803d0832708cc5eb56287914b7be6a9cb8dd3d5ef63edbf4aedbdb968a5f6ea67174b8235ad03641589dd4fa58ab0fe8854c33f81fed1feeba162ecb881a9961064f191eb6a657a637eea76006ad204bb3d6f6fa780b157714e45ead6816ea4e2ed11876bd55f8fb0940753c722648ff46b7b7ede067ac0e9384c392007a20b295ac429cfc6e9e901cc6b25e88c8076d25d71683d1fb3c8922b0630a0a90c8ec297b33ad9a98244b33a3e919ac024604af1d11d35003f54cba78df6e81a7e5aedbfbb5fd973b5c325b51d97d9de7c44659490762b0e5baa8f8ec06c13195943590da04dcb566bff39bf93421992aa27541a168f5d4410689f59b38fea5f21a53db87b5ebf52254dae059656728f6ca936"}}, &(0x7f0000001500))
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r3=>r2, {0x6f6c}}, './file0\x00'})
syz_io_uring_setup(0x138e1, &(0x7f0000001540)={0x0, 0x3a1c, 0x40, 0xffffffff, 0x3e2, 0x0, r3}, &(0x7f00000015c0), &(0x7f0000001600), &(0x7f0000001640))
syz_io_uring_setup(0xf00, &(0x7f0000000400)={0x0, 0x5961, 0x10000, 0x0, 0x4e}, &(0x7f0000000100), &(0x7f0000000200), &(0x7f00000001c0))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
getpgrp(0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r7, &(0x7f0000000300)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, 0x0}, 0x0)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x2713, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x34, r8, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048800}, 0x800)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
r10 = accept4(r9, 0x0, 0x0, 0x0)
recvmmsg(r10, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000000340)=""/1, 0x30}], 0x1}, 0xe75}], 0x3aa0, 0x60002000, 0x0)

2m55.906157165s ago: executing program 6 (id=379):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$fb(r0, &(0x7f0000000100)="732f64bd01d8958d", 0x8)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x40000, 0x19b)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x2, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1ae9000003000000bf7f59c550b68a897870337900000000fe020010850800001700000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r4 = gettid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)=[0x7], 0x0, 0xfffffffffffffffd, 0x1, 0x0, r4}}, 0x3c)

2m55.895687943s ago: executing program 6 (id=380):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x6, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, 0x0)

2m55.820433828s ago: executing program 6 (id=381):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @broadcast, 'macvlan1\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000006e80)=[{{0x0, 0x600, 0x0}}], 0x1, 0x24040084)

2m54.137782221s ago: executing program 3 (id=388):
r0 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0xbfffffff})
close(0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003240)=ANY=[@ANYBLOB="347441f953d439cd5e80aba529e3bc0572bf1ab6aaaeb734af895ff7b9138406920cfa63f0da5969d6e8e4aff1c3acb4d8a607510571be2372abab5abe2c36d5b989ae7a11a6a9d42a84ecc69419dc580ad2507ddcffeec1303640693bddfc33a76f645ea70122fdd0e048e06d3f8c00d1a1307db974094e1fccb2c5357ed167729c649c9e90b1560be4c973632cbe91d6", @ANYRESDEC, @ANYBLOB="a0ce58e1a10c3092709977498d73bbc70380cfe551d25f2c39713a17dce9e8a375c62de150adfa28d1e07d8f58833be5eba2086346adcb2f63f20e184c3e87aa7c5ce75b45"], 0x7c}}, 0x4)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
setresuid(0xee00, 0xee01, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000cc0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000d00)=ANY=[@ANYBLOB="68000000040601010000000000000000020000090900020073797a30000000000900020073797a3200000000050001000700000005000100070000000900020073797a30000000000500010007000000050001000700000005000100070000000500010007000000fb16ff63e3155280eb134404dff3290a6db484682b53747f5a7a7238de3d8696af429078ad6a4ca617"], 0x68}, 0x1, 0x0, 0x0, 0x10000}, 0x20000880)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0\x00'})
io_uring_setup(0x57f0, &(0x7f0000000500)={0x0, 0xb72b, 0x1, 0x2, 0x6d})
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f0000000b80)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000180)=[{&(0x7f00000008c0)="99", 0x1}], 0x1}}, {{&(0x7f00000003c0)={0x2, 0x4e22, @private=0xa010100}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000000580)="4d2041e8324b407c4e701a603ac31fd007c857597d75311451d8cd343eff987e2cd7f2ce3391c2fe10d30cb0e47c1e44b0de47246bb0cf48cddb7eb947330e29d73599a3c27dca2db1304c52809d906f1626fa463b1b0cd0a51887ea214d312470980c7b78691c86437d44a9d2af7a2e338384bb7f46da2f8e0187ca638a1456edf9c4e83b2368812b9f0d3165851b2bf5ab2695a2e532e3d1b58fe5f718938844cdeea57139063f679cc841f355ca4dd05600219fed5a57d0ed664a9b3e2fa8c6044e0f", 0xc4}, {&(0x7f0000000680)="c6808833e0a6af0777d9a29609f876dca088d49a9053834423dc0d64c03cd1f38daefc10377017f82db6f335c62c713ea2a51f3b9c6c6a77a7cf80258ecaa49b536fcf826ff2d41c82184413aff354426631a35e22265d82b968f6f72a09e6279c401d726ac9a45a5c35dc5c3a6560f100221c2f215ced9dbaa8d52c9a314b9eeb56801dceb29d89cf5bacbc93ef28dac6a4", 0x92}, {&(0x7f0000000740)="363c2c1b39781dd9970f87a7c370d6c89efa8ad287f60a668bf9702007cf1455e5672293996a3c1eee85a9292be382afdbd39172f7e26b6d924d0a49505dd6245abe5501fbc5e1a2f56ff1dc13a917be4cdca0fe61947cec9566c8a5c49ecd825ea447f16568c78aae96ff534009ced92b10340addef16ac2b450c00c1e827f58772fa68b52b4f694d39dc61a2f8ced1e6d2dc26d4155807065f1d02a24309798a8b872f21b182debf37991fd3c64b8d21f152f9d9f1154f61267ea4d6e29edf14f53f9bd43041a8ce9b0dee3d48400a20cde58f", 0xd4}, {&(0x7f0000000880)="db23fb59e3138a0162dd5ae6526da8663e502bee6d7ac271e9fe5e6699bee19bebaefa3074e4b42dee83b561d6ef9d94efdf2fa42836bf1d2697560d33", 0x3d}, {&(0x7f00000009c0)="9a4fc823d87f91a514c73778b7a979c43df74ef781f41380f8d204abd271e08fa7cebdce7704a99dcae2eafc69a890852deb5d7bbb7a9cb056c2ea2e6c27f50c1dbd013f97f59a94380c7d0011966e10f456b1ec0c2208479f31d9d27b74e92446d088c68d55c7d432633f672204a1d751cf93c638a0cf198c7aa29def14dbc1f14e801dad1732dec5ea795a20f4c3bbc9410d9e859f6a85fdce54d8588621d221cc1a8f6a0d3a11e7cc509a19fd2801fdb5f3ecff2d0ac3458f1c6c193e6b3a391faa3c96", 0xc5}, {&(0x7f0000000ac0)="df23c27179d5", 0x6}], 0x6, &(0x7f0000000b40)}}], 0x3, 0x48000)
r4 = syz_open_dev$loop(&(0x7f0000000080), 0x8, 0x40000)
r5 = openat$comedi(0xffffff9c, &(0x7f0000000200)='/dev/comedi3\x00', 0x10000, 0x0)
ioctl$COMEDI_POLL(r5, 0x640f)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000000c0)={r4, 0x8, {0x0, 0x0, 0x0, 0x8, 0x8, 0x0, 0x2, 0x3, 0x1, "dce5749a31463840e2ddcbc5355f5d3c3f4d3777a0ae0c017b64388de54d6053dc1c4aa786df29353bffe44ce6033561556b7f7b092208afb6f791a2b0554cb8", "83b4591411019dcfdcb5389a9395975313d748ba5f48346e576ab9e350556131fd51fa656b472de61c753da0031039950b3917e6581d8c1cb96e634204bab52f", "767c201f49819c07844f6ddf8d396fff8549543290ec81b4f7709e65c0770535", [0x9, 0x9]}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mq_timedsend(r0, 0x0, 0x0, 0xa, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, 0x0)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00')
mq_timedreceive(r0, &(0x7f0000000340)=""/200, 0xc8, 0x0, 0x0)

2m54.060899118s ago: executing program 3 (id=390):
socket$nl_generic(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f0000000040)=0xb4, 0x4)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x15, 0x0, 0x2000a, 0x9})
write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000680)="548852ac5b4eba7aeaccd2c62b2b", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x8}, 0x50)
syz_ublk_add_dev(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, <r4=>0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@any_dev={0x1, 0xe50, 0x0, 0x0, 0x1000, 0x2000003, 0x0, 0x0, 0x16}}}, &(0x7f0000000280)=<r5=>0x0)
r6 = syz_open_dev$evdev(&(0x7f0000002000), 0x0, 0x20441)
syz_usb_disconnect(r6)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f0000002040)=ANY=[], 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="2d5a8bfaec0503d4ee82255ccc79459d336c02f6846ffa083727a27fef8e41f33ff61428dc81376619b5746876cab40bea6b76e7a18d9f0f45c5f33c3f3e548879927a89cca1b9829ff887d45cae3a0012b8eec038b982c41410eb0cffe4204a0387ae9ad2d2eb6f904feaea4325a355611cfdb7ac6c3495a4bcfa6a2c3285bf50ca4a25c77f383bdb14c2f038ba311fefcbe3d334550fb18a5f462cec0e41bf00e3ef37c78bb0086cbdc72b561eb2e285a15002dbb8b7a858d33bdfef916ce90eca18739db369eb9aa302efdba714da8bbd0baaeb55eb585585542cdfe62755b7dd303c01c44de59f83de2b9edf1e60279b16bc7ee4c277e23701b7d58fdad36e8d91c111be46581f230b4cbbe8b9ad764cd3e067d7b7c5e1082a55c86f7cbc77e049085b2749b2ead86b176e4c8d2498a331f1118c5ed72ab0fc4228c8214e0e48fd1f265ccfd3311eff1f9548d1217c02de43ebc6c896afbf6065592ce3bafbc138524c4ffa429c33265cc8ebfc69e1adf360f97ec2edbab35cdc965dfadfa522a591734e25f91a44023ceeaac091534ec097d7a6f9a8efe84829719e41c101ee103c7b8c6d7fb630da2ffdd692d13e9212539b8484ea7fbccc74ecd6b44e08852505badf79984da7ffd06e78b05b453e89bbeb44fb0e72d527ee63aee52eebf2e4049705c41ead90017d7a512146287226941b20b4a603d1f5d9e6c559d55c5f6de7e9159e121dbbabdcdae8f359f66c218fb24d20c3b56ca3b4a2639b4b54e0775f29c731a3fd33331a76c280df2bea7fb0778648bc55257c42cb1a4ae173a21e33a782943d733e570595aea49f391ced7df117548032f44d611d1fcafe7c08fcca48ef9bb719d41c2cde9eca1727feb7bcc14757316a3fb315eb0adf3b60f5d6cfe231e4dca32f1cd2a74a68e44b1c09471f135d6abf0d7d417a42323923ced88d39902998a177bda4d7ac9e5479f0ae49f5fe51818fa13dd9131d219658ed2de42587f415396aa610998f2b166a053cd272ef751e5447122c03f33800268f63503a237fd62235c65fa995ced4facfc61959a7b64f7ef4bced8cbc10222a18aaee1fcc282163cafc4bf899a7de76ac61499fa1bdf6e6599a9b6e46d202230ee0be421b38ba66b85c7e5cb73e26085f8b62b4141f8728515f12019e1738bc5b278074c56be74033511b21e97a727c8a5f9c186af9777574f52d957082122dcadefe3c376f73a33e41094ad7cd404b50e963a200b57cbf4329e59c5b5a42f8700613e30af94109d5562262792e77df91e7e75c40080f8ca071449bc999762d483c30a4eee68e89be2d138a4b64af3c0211c3540227d85801dc16d1bb669a16b243fa98ef40edb5b5fe05c50f8702434c4d2663e874aec996463c6d946fd1391096b02198e88f5e568300d6c4848b4fe7273af633cc6fbf6a5e37feea56cfc20a0b42a5c6266c805823bac41f8d4eb43c6c4673a4b6a8dd303fe922ade7af649cb21c2919390a9ee62a08131ea21840adc9cc023e2aab908ea6bf2d41e52918ed6423677933cd1729cfda6423e540aae3f043a1296b6eb9350d38e07abed7d1ea7249b1b67d17322050d01589c9787f4e5a904c5cfb25e047f3e46de5222121c2af122bd3a3b2b0f35ea0a81d3a862d77217e992cc74f678617223cad5ba21afdc58e6af17e7b4ee3a506f34069d2931ac62d47f86f1983d7204a32544ae0b738cd5ab3efb940ad752ebbb59cd28d98cd6e0441f020ab2d68cbe90fa44be7f7191c2f5748c418dde668ee87d579baed4358b5c47e03a89ddb98fd4209fda85a277460ca20cc6de67c0f35e39d3fcfc070530140f648b50dbd3236d8e5b5e63be12191cd67b9ef128440d8794dc452b5a16f250c9e378d52b1132efc4b1ec8a7a3fd04ef82154de056ee5054fb15dff8df06bdca1dc8b1c1d4175c967445105954d10f0fc94acf39b68105d188593584333312eb6fad6371cdbbbf16e88bed86600d9dac851661dd3cc64f9bac0b2b81ad2564274b5bcc040f065f3fc055f7e254f8954304140782b9a2390bb61fd82d7a99ddf96468f3ef43113b767552969d71190265b76c1358c4e16a21ff959631a19c6f5a686b7884d75aca2810decbfd9fe0520f3b322a80838a2e633e1c2a79df01786f605750b84e2b04b7204ca6022973fca4ab0c8c67caee2349a6b839aa6bebc862f2f8246fc293e0f14a375581036becf081e4fd6b0cc2f7465fe7f932890884794215838558c0ae6de81efd624c5290bdf52e95e4d5b1eaf280d76eb0ceddf438bcf1d4b83e8eec3aaacbd7ea0421ac84f08a480ae48edb7c23c3f94dc59a44b3c5712800789fa3b2b938bed137505d2b247a4c4a9bd5ceddb900cb9a502d10dbd620a7ef84fbf49081d52419e5d08ddd5a1873f6d3ea6a822400ffdad29899bfaf73ce3d8ff182b3ca8ef1c39fc34b93767b9a13401427c440edd2e5f801655e60dc4c5b4ba84e504421b758e0b4c743fd1a1b6be27702e751960b431f1d7a7fd68a9ab198a5c6dbbee137283e6d6c69eedba5345e551e4421f3dfc1c957bbf413c48f64871521789487707278c69eb71c33a6999d7e497dc3d7d022f008addc112c116637f6d29c9247de134eb860cd3e5af369ee474883e7a20c40ba02160ec19dcb717cd3f4f3f0293195242fa814042ad751c774728a797a8c483e0562a2cca698053c1b66c0310affdb6e5767ab6db583ac415119f1760bed5f405c5cfb63b2ccfd5dc9d119fc82a86f98551d92f02410fdddd450f0a661ce041fa39aaba50cda470d3080dec7345a54abe2a7630a7fac84bf95c30a0dff1225f7b1aebb41daec68ceff2b0f502e7433f395aeea75c1ba88229b44fa5c6fa2647e44db139eca1f2b7142b6c23d4879603bb5617e94de0d5353d1b17dfb960eb1c11c67d0d1e1cae94699cc9397b79150dacbbc7361261d5445f237210d2ab8120fe721072394b77df46894595b8fd56f034318e90e3cad94f1655911b9bcc0bd15c628c0248e134295f3ff69cf8ea536b4b7a6c11b4e04955f9f1d9bac2ad39d81ec929b0d29999ae5a865bcc2cffc8fb42af6e486ca12a4c83461c6a72b3c88e4f3d1a9c1f13adc6defbf0110746e39b1d01a5129f996a2af48bc52f06a32764d8d8dd984c5dc4e8bca0ffbbc7e4cd226cc278b35ed16bed6e8aca4a1c18120eef0966dd5327f252462477d43cbd1497654ddd3358d24883d9ddde40f1bc8c5610370841b1cb13e84162cc6d0818987350c22362b12c0f315dbc5dbc33c224bf8d57410f2621b9c45d6857b0bed5aae750db0dd4c6cf50bfd6d5e0c816a9d8951402a1c50ad8169fd94427b42c58399c6d72b1f213e009af4f650e5ef67d2f48c7dc3ef74a8ee453ab84118f2f0e4ff2b8130169ccac37198b337205cae506e8d70acba86aab28caa8117b1231d9c4b631fa3aeceb3c236182e25299392f1ed986106071097314a9b9bd0f30d853e8b4044c00f04b45b2923b572a6a41cb5293cc8dfdbeff56a1375a33bac7b220056a6f6a292035b17a3c3fd55897548c68ad7886ef432cef353da3da8deaea09df078569c042258dfc0763d54be89302b11a6d24f4086028b82520fb6d967b78b611a7e9661a92b1a8f12d407d2289e85a82bd0b7c742055acd2396ba8d101e91ce2e9f387e909fe6da3109e1937b1e12515f23c8f1b739d4c40a287cae3bf59e901fff2ba0de0a36a304428e9febe42a01dea2eacae9416a72ddabb98d2e69c70ea9edfc57cd81fc4217ec353caf01a1a61b925102f866b4090b6447cfd8eeff2a3a49e30fe0a4fff77fe1a225dbdb2fac338526c7438631b69ead8781b86801f530b04b1544be2c22aff4ac89b0ce4353526905e59e18f7f01c221e42354a5269e0e28afa29f38bcab3923fe8d64fbf81433991b0bb9df6fc4c28ba175871d87bb5ce6cf5bf4572bb873c044f0aeb2981e34a005df55d354db0353f6433f76adde2c124793a1da43aca0e62a744992ed8efa8571a26857aa65a21cfc3507471ab75525cedb559c430b5d03a5c4e923f7fbec50d0eb10fc40b3d7986245f4c6888a53df7fe7fdcc11261e70d8cca04baff938f8446bd9048baba31085f20746c5f0e00d816dca934804ea2877cca51b5c0e31dfeefb9e91e41189d67412a09af16b4cb709e6fee71b2766a71c8397578516b656633bb620dfc8bc15de4ea5f75f6845ea44805442125adef9377e98b5d8e73f3a0bfbd330467daf10d9f7a95cd6fd4827fa1b062898fa454437bf185b9e0d98c9d10a5db80364bca446205739b23a1e7e860647ed30e2b72524da94a5f70dcbcd67d8df08f0d57583011d5487669c5a45905125186590322dbe481e820a6a6c29c136fa4301ade06baddca45f0d5ce913b5b763d293da4afaa450b17ff4933e4478fbba9ad9e6e5eafe9fdeb82b7d65bc92f6690d03a49923810558b5e0f5bf47e7d000a5e132217c174445565d57d29f02e71d7205b8ec10330fea51d972fc5c81b1b36775816082f979b5b1fe3601c9c8e8fa0c3504bfa30e3603d5a0f3a7cbd27d744b27cdbf318acbed70697519605453df106123e1a6148c9146154986e288d8a70b6fed1667cc1e0b199067c704a6d41ba751b53102ebca01b3ce90226847808646c95f3eb231b6af0b0f329bd997db5a4d3ff18edf0203e351fcfa8c8ae2be6953472bbb3f40bb6ab3f8f2128d11a3bba133f0204e2e0df189cc8d2cb8af81d0941a37c2165112ed452008930bcc607fa6fe3ad1def902d89c7330e6042f6f86c3a75665ec603b6e392b417a0d907d42e6534db72adbad4266c6601d7b8bf8d9cde807088f76b07c06840d0806eb89aa545292284bf050e732e547ed54417b3ec7e7a7c5e8454a56f5092ea8cb27e74e0672c2951647e29dadbdea86d2a4d9e53ab01c9d21e902fc9c6ff4c317b3c0398561364e880e2b079d79a27d6dcc3d586abc043477981bd36746f5570840536bef104a158e2461296717d247b6004565ffb8eb9bb5258c65032f0b472c4f3667a17e3ff65b45c91e2411b5990f054e0c2a05fc175d2db7fb32ca32e4c11b46f08bae1614e2add96133ab383c1e78f4e3f21ed3010a35c76ad88714b526d3a5ba799e6f7bf9d5696e7b42c8c264162a28831baaef180f40489ad681af6c0a674cc7b65e8b8ab704d15546f70ed1e67f7643bbc8d0b8482024b8f320b5bdccb1014f5e1a34c6c795428660f026d93dd5dcabf2330dc62894bfe48fde6b931ba55dc2a222a27a3906ba5b98476321b6d27217fd58ad93b616aac91b139729d91de6f8ef49402e2741b8dd821f4cbaf7c4662ac782b255dc438164e54c417044e9bf5e13a8247777726dacea4341d8ba03bad17070dd0f07da13179d29ac00aefa41aaf4688e99eb395205f6d6d71999b3718f7f2d618117334977a92b15ed52e45e7d5df7a22be9cf0e008c41257d99b2426068c48de100b8e3019b624ce2f2849c35b74fe5ecc4478b2968a97cfcb759fc73c8cd21bda084646dadee926a4f606768749a89e11be2a23985631c922a73ba93f3619dcc4621c8da57697420859210aa43ec06feb649b9f1362fe9553f9d552b77203085d9a4da629f03fbf339bd8ccae6c411f6d8f131232575d28af2a2690529080f02a5a74fe59d1255039f09b8d565a4838930f88d6129389f2312a2ebcf0fe7d8b6dea3484cea9a1628349218b8ccefdea2b6c37676acc2a082fb73b19705e98079c1de7776cb830e79c0081a2da4059714f19587d10223fc50ea8434f1c7919a77acd7c5b20ac9fe8ad9d348e2c5bdb57fac1ec0c31a1688e22aab4f1a81826f3a47bd364505d35975c105a152aa8e42b2422a100ad3d3184d286884552143051b79294aba34bfc5cc332f0b6aa3bf186776ceb8861336ed97b85b9a7d548bf7b7a907256c7c6a2427d92aff68ba18544b95a75564029387fd2569943f8d54e64cc621123105eb56bcfaea06e38af31a05ef38302d2b6178121d52309865c5ec1147159c07b4d4e1ece24f6a1f63a492c617870c96dcabf43b73055d749e465cdbb965b18091eee65bd423f249d934ae904c2129b93d116353fe014e1afbcab5f74766a806451855bc28494653b9a863b9707c2a0fce3eb4b55c4220078651a94d3b9c6e92f4995dd56ec17d144b07bfb1b955b557d14774e64f400e0075781381b33d73a60f6b96cddbda0962b2a609e6bca56a109847bc13798be711d3779d5a8c6541bd247fe3b7477a1378cdafece044db3f31810bc95f8fb4ae7a8815303faac03651a13924308c06c8e86506b7d186a717a1bda1d7cdea2b8b682d37f954f488a8e0d65f868a81b1af4b8f7331ba84414a7ada82e81e06e76ddfa0aca0ca9a53a5de0bcdcbb77284bab522ffb6f803e95f116ac1670c50acd36d80f170e8e7e05163f050dc89dd93bf9160a545174472376e1fcbb945e9294f796a09ca78452683b8bd39049d118acc24ef0dc18ef88899dd7c27a3585e914e6f6bc8bb1950c061c722134243cf151785bc19dada45b90d97cb83bc60885a908d0c13be9e54f1929fe1f76fb9886808caf0442aca4539a42078bfee82418d611f4c432fcbc5242c35a396c17c1b93b98b277a9c8ef0143643e120c0de4b7c6beb0a582789b81a9d3a0b8f96a332c89764283d84ec5e6b8350683a2b4eebcb214a7ad430ff9ebcfc1d850717a8d38b8e35e67fea4b8f14938cc3eeacbee30616c09e848ebae3cefb8f2a904f2b3d1252019ec914278942d9b914f95574031cf21f412aa7500f3955db7b9ef9403750058d75e53d16803d4463f7884df1e361d34ce646e20b3427a45cd307283f1ff00cca6c841fb9b06543bf1a254b21ff421331facb2f08a484904ea25e049597c8b0a2140e8ed2906d574e73165ec5591c89b5dc08e5943ff7399f76b1df90947a9479b1aab40abf8ebadfa1455b6dcac672f495a64b6230fd3fe948ce6c16cb87e11ac7affc9047ef33fa64585c1dce3bab4fecc0c7d81b5ea73aed3ef63fafc880b6e2ba09d0df6d626e817075d5f330d91cec4bcf4829c20192bc0ef7f728f52dd3e074bafda4f8cd8465311a9124baad61bd73ca76a0d0d1b80cb7a5e429067ed4707b64d38613008c8af3ffcedfeb8cda26def8bef7cf947af23939d18adbf56715f90c2df716eb037d536cd36bc2b832c57f4a319f392e1ab37e02dfb392bd52b02801665c8ea28edfcb153f267dcfbd671d4eaa0d56335f7ce5eccda6b9f74621a1b322f1f3a60b00196a65327b36419394e776b2e1c1479f5f902c5918adfa5b112bfaf786eeea1abae7c8c9d3e3fe737c23092143376808b5e26cf896fb5202572533facacaac10ec26cab819f74cd372c95d50a9b6560da69c1b22d5c15759b7ab1d8118e672bea9af7e8a30458ccaa1586ed2720d5465e139fe3dfc0bc95107061471cdf28a42aa8149848a147a1710407021d13e611b36ad3624de35c4dc5a02ba8ae724b2d8cd85f15094e1893c98052cee135d0c1c11a73297775fb517abbb471a8b100cb51d8815acac16703b56f8aadae334601a84fc306efa08aeb2afbad94632b5f209603cf5e5ca634bd74ed2e525580ddd2f2ee65241788f5e867b44d7ecd71f5858d269ffda98d93860d8f1c26c47df1199f95991b54808bc26c0ab67b40745b8dfed41838e2c5594413d2c6022abe3c1f132e9f7c8c69e50729325d37e7502519d53d7e1bf0bc8f62d216fc9c88b197cfa1571ce8368cc1b4b625559cab7e8397c6c7bf537bc8b9d604f4bdb04cab86d349e4a33f92eaa07378eac07ed8d51aea9c15ef4c4b0e0a16f9c794701a1b74b58beb15cc165a4dc1a13a0886f55cba2b977447b61c01e1295a4221e19321201f1df0d25c9e14bc4433678e48a5081de7c81f79a6370843bf0d6e3e5192c1ddc0bad14a11ada8006e4f6549da3a877a991351610eb0c5bb6228d266baa27eab2b9bf4455fc54aed3c74c12590835e498c11efdc63dde52a62d8f3a3c978152018182b3e4cbd00fff317d06f8e9475b4c7506dcc5547d8ace2b71024aa0e2220936d2bd05163b8f15bc429378fec52ac39d167200758884056dc14d3329b1d47f477a217eabb651fa97e05451cd6e861996648ab439c9aa6fa032e9083b8c0f87890c88c50dd5a6e6be8c4a4361f3b4c3181c570407dd1d2d835a87dd4b24f55a649c3e478bc002f30894d06411dc4dd8277f796976b8b2884ed371013225bbd95955827741331777da30b1b3370fb4d0bb914d97660f7e06759ba54b5697a4f7cfb67035867f39e53306eb55b31ba660769ce6993b2f44a7173576766ed20992d04e6b4aff20c138102537a142ceeac3804fb0a4eaddeddb6bcc69007c5531f0ba6851854d8d836a51e8d644c7b79e071f19986090d2404b562a17e1ec1da775c171373bcf5d2c3d7dd64a587d66e42b6963d892df898766648f37c8d10ca249e28368c388f4e70a80b2992a0a390a2d51a17a0c1774fec2d399a2b0a99c802012fff6300c4275d1305b9a9d0f8144df64da9016f16369e813dafc7cff55c5a60602141fcaa62d9fc0b93df6524d8692be3c7ded5354b63014686e98ef2b5947eda93e0cd232d3fdea943d3bc92a6f2835c55aca33dcd087b7260bc68def6ce96ef5d536b61006a595219382d8b8365eb92eab44e677109971bc4dfd077a56ff1f27e9b80edffb5ecac7bde5dc2a74c30a24b9cd1b0d4356ec424350e364d0dc929d657a8626a22111d4a0f360fe33be72a1f2c4f5c1b9843145ddff70d583a9b433cab33b10d93531aab7bb8a53c738aae79222481b135eca9441f47068299deabdc9c4f77e5d4ea286e8300eb5956368d0499691dbab1499baef30bb6c4a9bb0159635dc1774203fda828bf804e8f526ffb55abd8700915232964b7f219a7bb221efa6428089263ab753eb421a1952bc780289a85ebb9b510dec67a826ccce1cdfbb29a3a55f4e1068ca2c077544efac686d77c67c927430c3ac78c7c8b1f834be9a689fdab38f1401797dba32a284f5c5f9ed13d34d8a001cfeeeb7de12aaeae7706004f96a293e52106fd945428e7e98915070b1584a323bd8f00b9803ce189c9c0af032752d979df57a5098458c7de034db79f43d27bcb720078b05e5f364f2d789343fb6fc8b2cab810b1745fa36aaccf5d27fc7f06ab821268d83e697870632814319533373f24584b35b2ba9dd9b52a4a2e559c90b1b87549530a64fdbba5587242535fd0d600fa6e8497369a5587627182c62da4a47bc6ea99f7aaa765e3b74b7d9c48e779c8b13a2535d03ef8ac4bf3fc9e6eda5628034e7e453fbd6153b8b8e9f693c5dfa37f6a0a2542e6f86ebd2ae926822d7b31963c8879557dfa2a869ba3c5dc2dfcb60bc0a0c9816c2c4c58bdc09c2d76a007e68c38fd8b88709e5c49341630e333e13413c3e60c0d768d4c98bcb297e819ceb0f8b229d3037ac95639344bf42ee7f77922a6ac039837356dfd7c0ba3c5393548369bd71b4824326eaeb80a9c249504a08bfc164af220047cdf054d928a8d929a2fb621665122062dbd5cdde82b8289e0d510246e0bc30d34d8e96703f75c75328f99437be474315d8cb55066badbc0ee852c8ef28e1de7f5b58dda97742db5f708c6be3279d700ba147f1519485020336c260d825920870739fdb288f22b980fb7bcbf147b1a95fcc3d8d1899749d928eea8d47cccc1fbbdd5729a3f2f73d2ae352eb3e043405bcb7fa12b2a80d6a3f0178a18cbc5794fd65f0caddaff57616dfed94884a48b27b181c55200d9ecdfbb082dcd2952089938e134eecb40c2f95cb7808fc7da09282787edb1939e75bc8e284c01239a895246be025c8e0168ae83f5adc62f4f81ddbf6ba9b5fce3ddd111eb61c42777a8c303abe291aa9ef383ef1d6c26c4f8698375cc76a7e078ac948f2e84de084fdb380d38d2e1810ce8118999554c06f8d583bd37003b407dd7b41a3b14f10a5ae7c2e8fdd087cc322ddc399fe38cc542bc957b38b0fda34a3ee5c6a97d25629d26a75de211fe1cc4ca63880caa8f85f3bd489c39cf30eac81784e4456a775dee3045df2a1875623a4fbf227cf90cd237721a6dff29d26a16306e4033cc644e35cba3cc4e45cfd0cefc9c8d8a0f35bf31a8319b54fb549554c7089b9334a9867d51d71aae1f342d5602ef2d394e6c8a8aa6c15121d8c8b3abe3416367dcc276c048c65311ad70df0ecf0cf817a1a27e1dc50fedea83de8a8bb7746e23be2f335c9cda9a7f08d72b9debc35d49e9ec4c9815040c38c11375dd7f2897b20479343b86b51c317e0e90f9465d8c425857e1831931714284c60f68036134304558e53d2d42813a42a3017ab21feab6132f3a2f8c5670a1076dab6136cd6836b52d7ee54639758085438831dcd8157ccae47784a35364babff9299e4eaa389931199b4901f12185a0d228473d4a147d88e55bd11f8ed2957b7f2f3efb3e444f0aec9bef1f68cffbdac04698cc277706f2ffdd263586b84c645f1721ee3008b398918fdfb9b06b98078447c0edd7c058524825a1124e9af37fa9cb77302aded60eca394c866397c3bc18f8277d9277921abd06b61b1445f43cd7f0b5b2c023832f6d67f86d9b6ff9985edee1ec2572486b43d3be834d5b60d208b1187ca7cc8b17133f55314ee640268d5337d7dcdf1742cb543d63ae3c09e312ac05b5d585d9437bf16bd560ef739f12c878178757e1f675a8671becae2bf03f87de4bc40b4b7a3aa6e2f28f015332b10b9fe426ebd45d7a26e769bb05eb2866bb34c56b079a5bd23352bcb08c379b400512b0d8438ee5371171ccbf2921c1e150fffb5885286f933f4393088ba21c47b15d1a35de27dbd02e58859aa080f87d0a857e92d0f52c549c04cd9368c94a8024e184773cb3431d854c2855e93ac9f24d5e45d11c2acfb03755e7f279b368e2e31b3653a7d7e2e102ac67f363c195272e2896bec544f669f2d25ae8638ac30da6ed52404b32b8ee9f0f2909ef6b4e2db3a6ea88b8a6f2f2c025959efb7b94005eb307aae01af8a19ee6178270be09d93837793b43bcdab98b9c04b6bfea7ac2217c11aeec277bc199b67ac24b7352299e7fec85aa151029d14441b56bb6031cdc72a1a90ef537c6d2bce7ffc7c366a88f8bc87cd8ef4e91b5ad9d85ed84f9b85f029252ad5ff13d564d842ef310feaba90974e40889e7cb753eb44ef96bc4c25b021fe50e9957a9c3cc9904aa920fc8a8e82a826b945559b57591fa1a26c380afe65d930f9bd9a3d93f57324d28c2741e728cbd106dccdf66863e49db8a0df1398ba8594fa5102b8157e4b987f4339820df5a7aa2b1c47ed0211437ee3d81dcbffa500dc4b743d49028581234c7e9db2e951d5bf3e3c448ce58bf94a2f7ef95eda07daae00bef1794d27330927b2460778fdee580efe431ee244aae452cd60100b6c9f0cd5e79e170a7b149abfcc26b77d33c35311c95e3ba0752eabce3d1310a8aa45ecd1659e4e855919d153ebeb434581a6d352508771b030acd3fee51badf6767a7931bbba2cf195bd98fd096a6be14d7172cf1dbe3a82bae73a29223c623c090cbc5fffe8f3291", 0x2000, 0x0)
ioctl$EVIOCRMFF(r6, 0x41015500, &(0x7f0000000500)=0x1)
r7 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_ublk_setup_queues(0xffffffffffffffff, r5, &(0x7f0000000540)={0x0, 0x145f, 0x10, 0x3, 0xb2, 0x0, r7}, &(0x7f00000002c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0xcd26, 0x0, 0x3, 0x213}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1e3c, 0xb155c4dedb2408a4, 0x9, 0x102}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xf39, 0x1000, 0x3, 0x102c4}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x2e84, 0x8, 0x1, 0x21b}}], 0x4, &(0x7f0000001540)={0x2e, 0x40, 0x0, r7, 0xc0107520, 0x0, 0x0, 0x0, 0x1, {0x6}, 0x0, r4, '\x00', {0x1, 0x48a, 0x0, 0x0}}, 0x0)

2m51.769042552s ago: executing program 3 (id=396):
r0 = socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000210001000000000000000000fe8000000000000000000000000000aa00"/62, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000b500000008001f000000000050001100fe80000800000000000000000000000000000000000000000000002000000000ff200000000000000000000000007b8d41fa9e1c4e20880a3f69285b000164010100020000000000000000000000000000000000000000000a00bc056e557a0ac0ac"], 0xa8}}, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x80000, 0x28c)
socket$nl_generic(0x10, 0x3, 0x10)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x0, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf01b}, {0x0}], 0x2)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8000, &(0x7f0000000080)=0x1d6f4194, 0xb, 0x3)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
recvmmsg(r0, &(0x7f0000008900), 0x0, 0x40, &(0x7f0000008a80))
mkdir(&(0x7f0000000340)='./cgroup.cpu/cgroup.procs\x00', 0x187)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
syz_emit_vhci(&(0x7f0000000b00)=ANY=[@ANYBLOB="0600000000000000ced9c7346221e189449d7c4bca99c0fc00c80014db40aa316dd56da8a4cee28088f04e09c0d8fd706b3791ed6decba63f315ed746b49982d307ebf07e3a7005e156e4f201792eccdeb7983053236e35af6d71f5f4e0c4a3dd932180ffa31a8e2c5966869190cab2cef5134b5e4059bb20aa3ea8210a85c72bcad8c315ea65a61398111c290c1432fddeb0cbf12c7940ecf4e16a9cd61f3770c21753b20825d7ee880698f1a7a72d051ff27e751a0568e225dcea49bbfcf63614b479f7e5245f0d8371204d9587a630c86a3511b69b001d00bea74d38d908ec1eefb1dd4ec74328bf729d04c922f36d2492318486079fac7f3321868244370b39d1d0000000041455794be298c521a3d21f96b394270ae9ccca963c2e73ecec3933351b842ada418d640f06fe7422401000000f3e3da01304d4b47a863884cf7c30ef98275eb11f21839e416641ed8a6b65b03379e8b892378ec8fd62a4eb0e1a07742492d3e4ba55e7a265b679b8bfc4080809f68a964dac7c93086b86f5208e5e5b006f54795e6d9546c48fcb26e97e3a85fdd7224c889803e01578cbee1a8219bcbb41816c4c568f9d0c51f4522400787c5fa5c00e3ee530000000000000000000000b574c788ea5276781e2d7fc66d600edb885194bc8634"], 0x7)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$cgroup_int(r3, &(0x7f0000000080)=0x3, 0x12)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x2210088, &(0x7f0000000580)=ANY=[@ANYBLOB="74f5026e733d76697274696f2c70726976706f72742c646972656374696f2c63616368653d6c6f6f73652c6d73697a653d307830303030303030303030303031303030"])
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x10200, 0x2, 0xeeee8000, 0x1000, &(0x7f000038c000/0x1000)=nil})
chdir(&(0x7f0000000100)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
utime(&(0x7f0000000100)='./file1\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

2m50.431720922s ago: executing program 3 (id=398):
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xd1, 0xa0, 0x5e, 0x20, 0xccd, 0x102, 0x890e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x8, 0x54, 0x40, 0x1, "", [{{0x9, 0x4, 0xbc, 0x80, 0x0, 0xc, 0xf1, 0xc7, 0x7f}}]}}]}}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000040)=0x3e, 0x4)
getsockopt$inet6_tcp_int(r0, 0x6, 0x4, 0x0, &(0x7f0000000100))
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x40402)
r2 = socket$packet(0x11, 0x3, 0x300)
syz_open_dev$MSR(&(0x7f0000000180), 0x10000, 0x0)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4000000010003904000000000000000080040000", @ANYRES32=r4, @ANYBLOB="01980000000000002000128008000100736974001400028006000e000600000008000100", @ANYRES64=r3], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendto$packet(r2, &(0x7f0000000600)="05d936277c6f54220002097844ffcf8bd1846f7f83477ca1b278e3e4018a34844b9d62cbd7cd2a62646c", 0x2a, 0x8c1, &(0x7f00000000c0)={0x11, 0x86dd, r4, 0x1, 0x4, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600a00, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
r5 = socket(0xa, 0x2400000001, 0x0)
getsockopt$inet6_buf(r5, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000e5f000)=0x90)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f00000000c0)={0x0, 0x9, 0x1, 0x0})

2m48.98248018s ago: executing program 3 (id=403):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_open_dev$vim2m(0x0, 0x3, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f00000002c0), 0x2, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r2)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000380)={0x44, r3, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x4}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x44}}, 0x20048840)
syz_open_dev$video(&(0x7f00000010c0), 0x8, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010800d972a440b72040155ab7010203010902120001000000000904000000ff"], 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, 0x0, &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r4, 0xc0, &(0x7f0000000640)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={r5}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
semctl$SETVAL(0x0, 0x2, 0x10, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)

2m48.401923718s ago: executing program 3 (id=404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000006c0), 0x28c9c1, 0x0)
socket(0x10, 0x803, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000226aa140070ad0001310010203010902240001000000000904000002bd22f00009050303000000000009058aff92"], 0x0)
r2 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100024286bd10b00d815522f90102030109021200019ddb10010904"], 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000340)={0x24, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0003020000000800"], 0x0, 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r2, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x1a, {0x71}}}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_pressure(r4, &(0x7f0000000100)='io.pressure\x00', 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000000101010200000000000000000100000514001980080002001400000008000600124000040000140005800e000100736e6d705f74726170000000000000000000"], 0x44}}, 0x800)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008103e00f80ecdb4cb9f207c804a00f00000088080ffb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
write$cgroup_pressure(r5, &(0x7f00000000c0)={'full', 0x20, 0x17e, 0x20, 0x800000000104002}, 0x2f)
mount$tmpfs(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x400, &(0x7f00000000c0)=ANY=[@ANYBLOB='mpol=bind:7-N:'])
close_range(r1, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
pipe(&(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r10])
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d80000001c0081204e81f782db44b904021d08040e000000100d10a118000c000600142603600e1208000f0000810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee0800080e408e8d8ef52a98516277ce06ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad8099639cace81ed0bffec193e2a9ecbee5de6ccd4d6e4ed6f3d93452a92954b43370e970189", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r12 = fcntl$getown(r10, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x3, r12, 0x0, &(0x7f0000000140))
splice(r9, 0x0, r8, 0x0, 0xffffffffffff8000, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={@cgroup=r10, r8, 0xb, 0x20}, 0x20)
ioctl$SNDCTL_DSP_SETFRAGMENT(r10, 0xc004500a, &(0x7f0000000000)=0x2)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00'})

2m40.731648041s ago: executing program 35 (id=381):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @broadcast, 'macvlan1\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000006e80)=[{{0x0, 0x600, 0x0}}], 0x1, 0x24040084)

2m33.368010836s ago: executing program 36 (id=404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000006c0), 0x28c9c1, 0x0)
socket(0x10, 0x803, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000226aa140070ad0001310010203010902240001000000000904000002bd22f00009050303000000000009058aff92"], 0x0)
r2 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100024286bd10b00d815522f90102030109021200019ddb10010904"], 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000340)={0x24, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0003020000000800"], 0x0, 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r2, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x1a, {0x71}}}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_pressure(r4, &(0x7f0000000100)='io.pressure\x00', 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000000101010200000000000000000100000514001980080002001400000008000600124000040000140005800e000100736e6d705f74726170000000000000000000"], 0x44}}, 0x800)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008103e00f80ecdb4cb9f207c804a00f00000088080ffb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
write$cgroup_pressure(r5, &(0x7f00000000c0)={'full', 0x20, 0x17e, 0x20, 0x800000000104002}, 0x2f)
mount$tmpfs(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x400, &(0x7f00000000c0)=ANY=[@ANYBLOB='mpol=bind:7-N:'])
close_range(r1, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
pipe(&(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r10])
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="d80000001c0081204e81f782db44b904021d08040e000000100d10a118000c000600142603600e1208000f0000810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee0800080e408e8d8ef52a98516277ce06ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad8099639cace81ed0bffec193e2a9ecbee5de6ccd4d6e4ed6f3d93452a92954b43370e970189", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r12 = fcntl$getown(r10, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x3, r12, 0x0, &(0x7f0000000140))
splice(r9, 0x0, r8, 0x0, 0xffffffffffff8000, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={@cgroup=r10, r8, 0xb, 0x20}, 0x20)
ioctl$SNDCTL_DSP_SETFRAGMENT(r10, 0xc004500a, &(0x7f0000000000)=0x2)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00'})

9.659789019s ago: executing program 5 (id=1171):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x44, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b01, 0x0) (fail_nth: 4)

6.508194463s ago: executing program 5 (id=1188):
r0 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000400)=@generic={0x3, 0x0, 0xd})
syz_open_pts(0xffffffffffffffff, 0x81)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a7565aba55a87d2a251c295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507a0592c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd106926acb583ad63a4e7e1ca17c1b6aac63fefa9dcbe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket(0xa, 0x1, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000005c0)={@fallback, 0xffffffffffffffff, 0x36}, 0x20)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(0xffffffffffffffff, 0x111, 0x1, 0x3, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001c00070c2bbd7000000000000200", @ANYRES32=r4, @ANYBLOB="4000100a14"], 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x20024090)
r5 = socket$nl_route(0x10, 0x3, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"ff87c89d4e3e6bd4ae7ee3551b880c0ac56cb2a58b7da498a7045278c8043bbe"})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000280)={'erspan0\x00', &(0x7f0000000000)={'syztnl2\x00', <r6=>r4, 0x7, 0x7800, 0x67a, 0x7, {{0x6, 0x4, 0x2, 0x29, 0x18, 0x64, 0x0, 0x6, 0x2f, 0x0, @remote, @remote, {[@ra={0x94, 0x4}]}}}}})
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000023c0)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, 0x41000, 0x1}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x24040051}, 0x24008080)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000800)={&(0x7f0000000040)={0x2, 0x4e23, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000740)=[@mask_cswp={0x58, 0x114, 0x9, {{0x1, 0x80200000}, 0x0, 0x0, 0xfffffffffffffff8, 0xff, 0x9, 0xffffffffffffffff, 0x40, 0x4}}], 0x58, 0x4044004}, 0x40)

4.410401642s ago: executing program 8 (id=1192):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r1, &(0x7f0000001540)=[{0x0, 0xf500}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)

4.410175223s ago: executing program 8 (id=1194):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/83, 0x53}], 0x1}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x2c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r5, r7, 0x25, 0x0, @val=@tcx}, 0x1c)
r8 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r9=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x40, '\x00', r9, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, 0x0, 0x700, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x9}, @ETHTOOL_A_LINKINFO_PORT={0x5}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x7f}, @ETHTOOL_A_LINKINFO_HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x800}, 0x800)
r10 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$inet_sctp(r10, &(0x7f0000000a40)={&(0x7f0000000280)=@in6={0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, '\x00', 0x25}, 0xfffffff8}, 0x1c, &(0x7f0000000a00)=[{&(0x7f00000003c0)="caa91f2b64fde79390b326a8fa89ff5050092e11bccbb82441ba892984a7e0f79575475651dd508c15f2cb47a34d2000c2ef1748bc3124feb335dcba6ab381943c51186ce55f0cb680702c17ef0a26f49b9e7873194315dded3ae8c2594169bbcee9ed44dd2680b21b87ed695478877aea38e90f3eafe4d3b5118fc21a60b840b41de26ebea9abc7c7c413abde73d6f11766fa75236d104cdbec62d9d7e7bfa81d465655da221bd4ccf32d9d8f0ffe039b3608a0c73507ae5d664c787a8575cba0b6f9e2c0326787443a018af0ed8103cfb137ef5b6a31b360d8a3fc7c3010b4ff41dbb69178be", 0xe7}, {&(0x7f0000000500)="905e957f09c9fc0201d1f0a19c8a5417aae1b220f186fa00be4a", 0x1a}, {&(0x7f0000000640)="1313ad829b71fa0f5637ea6efd641d834dec539001a92645cb2f66bee71cd09977b0e259e3f9686afb316d356897e7bb620ae76f570bf81e552f0c8a9f5eb4beeeb639962028c8f75d81fa1cdd9690c4b453a3b742f4de0f98b0b09f3b8e8a8343abf30295af52e7f081e0895a595175c72a5498ef788ede6952311c5a39817b55fb6d4b3ba69bc9be4d5a9b5e01c048b43b3d6b855cc6d578f44116f464d9891909c6439eef5ddd4f60e473cc", 0xad}, {&(0x7f0000000840)="cde9463ffbb0bceaddd97070e7d3a0aa458d6cc60eb49ac1bfcec7df030adc1ee21b573a2ce7bcc9a12c3f3e890415f031dd7f739d5256c424536ac6a6144bf6667c9741afb3b4209219bc2ba28806d86f3a894d0b437fe9e9afb8117b35cb7be83ae590d4b0d833f068fbc310f74e519ce2f5a200b9ec220e543d004624899ebc5c7f15fc99186ba04ddae9889a176aeb55359e7aa15da2174fd0a49ceb7cdf85b3eeb2cb32a8afc107a12581db7d2354687a4bb1ccf32f5fa1dec25c0646aec4fd341c873d8f4a7c66c937da37a9dd8bb9f69c3c3d988ea158697a", 0xdc}, {&(0x7f0000000940)="7f2e8bd828b6ef282f050f65c680bd0e77c92467545b8f82bb71176db430387ab67653f2899cdf5919ac384e2850f3572ff855d6af94733837d515c380af97b8735f571d2fe16e6cdb76ddb1369dacb6a3e5a72e0318a0bdaee00727b5", 0x5d}, {&(0x7f00000009c0)="62cc1d40584b8512fee16baabfa0c82f20c259aa", 0x14}], 0x6}, 0x4001)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010001000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

4.318199967s ago: executing program 8 (id=1195):
socket$nl_generic(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f0000000040)=0xb4, 0x4)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x15, 0x0, 0x2000a, 0x9})
write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000680)="548852ac5b4eba7aeaccd2c62b2b", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x8}, 0x50)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="1401fcdb8c25000000000000000000377402007b517f0d2ff6acca5bde6fd80ed7cde05de140cbfdc3d6127fdfe35d3c57c2540d71d46c9ec5b71b184fb0cfd8fd4d99e674e746eedf21532b1ab228e99ad34ca50ae1e448c8d124624d01a83a0a5c1f47ed8d46a7647efacccd25bd71bd0332d436332dccccb0f4200427"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8010)
r4 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000040)={0x0, 0x2, 0x1000, 0xfffffffd}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_ublk_add_dev(r4, r5, r6, r7, &(0x7f0000000180)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, <r8=>0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@any_dev={0x1, 0xe50, 0x0, 0x0, 0x1000, 0x2000003, 0x0, 0x0, 0x16}}}, &(0x7f0000000280)=<r9=>0x0)
r10 = syz_open_dev$evdev(&(0x7f0000002000), 0x0, 0x20441)
syz_usb_disconnect(r10)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f0000002040)=ANY=[], 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="2d5a8bfaec0503d4ee82255ccc79459d336c02f6846ffa083727a27fef8e41f33ff61428dc81376619b5746876cab40bea6b76e7a18d9f0f45c5f33c3f3e548879927a89cca1b9829ff887d45cae3a0012b8eec038b982c41410eb0cffe4204a0387ae9ad2d2eb6f904feaea4325a355611cfdb7ac6c3495a4bcfa6a2c3285bf50ca4a25c77f383bdb14c2f038ba311fefcbe3d334550fb18a5f462cec0e41bf00e3ef37c78bb0086cbdc72b561eb2e285a15002dbb8b7a858d33bdfef916ce90eca18739db369eb9aa302efdba714da8bbd0baaeb55eb585585542cdfe62755b7dd303c01c44de59f83de2b9edf1e60279b16bc7ee4c277e23701b7d58fdad36e8d91c111be46581f230b4cbbe8b9ad764cd3e067d7b7c5e1082a55c86f7cbc77e049085b2749b2ead86b176e4c8d2498a331f1118c5ed72ab0fc4228c8214e0e48fd1f265ccfd3311eff1f9548d1217c02de43ebc6c896afbf6065592ce3bafbc138524c4ffa429c33265cc8ebfc69e1adf360f97ec2edbab35cdc965dfadfa522a591734e25f91a44023ceeaac091534ec097d7a6f9a8efe84829719e41c101ee103c7b8c6d7fb630da2ffdd692d13e9212539b8484ea7fbccc74ecd6b44e08852505badf79984da7ffd06e78b05b453e89bbeb44fb0e72d527ee63aee52eebf2e4049705c41ead90017d7a512146287226941b20b4a603d1f5d9e6c559d55c5f6de7e9159e121dbbabdcdae8f359f66c218fb24d20c3b56ca3b4a2639b4b54e0775f29c731a3fd33331a76c280df2bea7fb0778648bc55257c42cb1a4ae173a21e33a782943d733e570595aea49f391ced7df117548032f44d611d1fcafe7c08fcca48ef9bb719d41c2cde9eca1727feb7bcc14757316a3fb315eb0adf3b60f5d6cfe231e4dca32f1cd2a74a68e44b1c09471f135d6abf0d7d417a42323923ced88d39902998a177bda4d7ac9e5479f0ae49f5fe51818fa13dd9131d219658ed2de42587f415396aa610998f2b166a053cd272ef751e5447122c03f33800268f63503a237fd62235c65fa995ced4facfc61959a7b64f7ef4bced8cbc10222a18aaee1fcc282163cafc4bf899a7de76ac61499fa1bdf6e6599a9b6e46d202230ee0be421b38ba66b85c7e5cb73e26085f8b62b4141f8728515f12019e1738bc5b278074c56be74033511b21e97a727c8a5f9c186af9777574f52d957082122dcadefe3c376f73a33e41094ad7cd404b50e963a200b57cbf4329e59c5b5a42f8700613e30af94109d5562262792e77df91e7e75c40080f8ca071449bc999762d483c30a4eee68e89be2d138a4b64af3c0211c3540227d85801dc16d1bb669a16b243fa98ef40edb5b5fe05c50f8702434c4d2663e874aec996463c6d946fd1391096b02198e88f5e568300d6c4848b4fe7273af633cc6fbf6a5e37feea56cfc20a0b42a5c6266c805823bac41f8d4eb43c6c4673a4b6a8dd303fe922ade7af649cb21c2919390a9ee62a08131ea21840adc9cc023e2aab908ea6bf2d41e52918ed6423677933cd1729cfda6423e540aae3f043a1296b6eb9350d38e07abed7d1ea7249b1b67d17322050d01589c9787f4e5a904c5cfb25e047f3e46de5222121c2af122bd3a3b2b0f35ea0a81d3a862d77217e992cc74f678617223cad5ba21afdc58e6af17e7b4ee3a506f34069d2931ac62d47f86f1983d7204a32544ae0b738cd5ab3efb940ad752ebbb59cd28d98cd6e0441f020ab2d68cbe90fa44be7f7191c2f5748c418dde668ee87d579baed4358b5c47e03a89ddb98fd4209fda85a277460ca20cc6de67c0f35e39d3fcfc070530140f648b50dbd3236d8e5b5e63be12191cd67b9ef128440d8794dc452b5a16f250c9e378d52b1132efc4b1ec8a7a3fd04ef82154de056ee5054fb15dff8df06bdca1dc8b1c1d4175c967445105954d10f0fc94acf39b68105d188593584333312eb6fad6371cdbbbf16e88bed86600d9dac851661dd3cc64f9bac0b2b81ad2564274b5bcc040f065f3fc055f7e254f8954304140782b9a2390bb61fd82d7a99ddf96468f3ef43113b767552969d71190265b76c1358c4e16a21ff959631a19c6f5a686b7884d75aca2810decbfd9fe0520f3b322a80838a2e633e1c2a79df01786f605750b84e2b04b7204ca6022973fca4ab0c8c67caee2349a6b839aa6bebc862f2f8246fc293e0f14a375581036becf081e4fd6b0cc2f7465fe7f932890884794215838558c0ae6de81efd624c5290bdf52e95e4d5b1eaf280d76eb0ceddf438bcf1d4b83e8eec3aaacbd7ea0421ac84f08a480ae48edb7c23c3f94dc59a44b3c5712800789fa3b2b938bed137505d2b247a4c4a9bd5ceddb900cb9a502d10dbd620a7ef84fbf49081d52419e5d08ddd5a1873f6d3ea6a822400ffdad29899bfaf73ce3d8ff182b3ca8ef1c39fc34b93767b9a13401427c440edd2e5f801655e60dc4c5b4ba84e504421b758e0b4c743fd1a1b6be27702e751960b431f1d7a7fd68a9ab198a5c6dbbee137283e6d6c69eedba5345e551e4421f3dfc1c957bbf413c48f64871521789487707278c69eb71c33a6999d7e497dc3d7d022f008addc112c116637f6d29c9247de134eb860cd3e5af369ee474883e7a20c40ba02160ec19dcb717cd3f4f3f0293195242fa814042ad751c774728a797a8c483e0562a2cca698053c1b66c0310affdb6e5767ab6db583ac415119f1760bed5f405c5cfb63b2ccfd5dc9d119fc82a86f98551d92f02410fdddd450f0a661ce041fa39aaba50cda470d3080dec7345a54abe2a7630a7fac84bf95c30a0dff1225f7b1aebb41daec68ceff2b0f502e7433f395aeea75c1ba88229b44fa5c6fa2647e44db139eca1f2b7142b6c23d4879603bb5617e94de0d5353d1b17dfb960eb1c11c67d0d1e1cae94699cc9397b79150dacbbc7361261d5445f237210d2ab8120fe721072394b77df46894595b8fd56f034318e90e3cad94f1655911b9bcc0bd15c628c0248e134295f3ff69cf8ea536b4b7a6c11b4e04955f9f1d9bac2ad39d81ec929b0d29999ae5a865bcc2cffc8fb42af6e486ca12a4c83461c6a72b3c88e4f3d1a9c1f13adc6defbf0110746e39b1d01a5129f996a2af48bc52f06a32764d8d8dd984c5dc4e8bca0ffbbc7e4cd226cc278b35ed16bed6e8aca4a1c18120eef0966dd5327f252462477d43cbd1497654ddd3358d24883d9ddde40f1bc8c5610370841b1cb13e84162cc6d0818987350c22362b12c0f315dbc5dbc33c224bf8d57410f2621b9c45d6857b0bed5aae750db0dd4c6cf50bfd6d5e0c816a9d8951402a1c50ad8169fd94427b42c58399c6d72b1f213e009af4f650e5ef67d2f48c7dc3ef74a8ee453ab84118f2f0e4ff2b8130169ccac37198b337205cae506e8d70acba86aab28caa8117b1231d9c4b631fa3aeceb3c236182e25299392f1ed986106071097314a9b9bd0f30d853e8b4044c00f04b45b2923b572a6a41cb5293cc8dfdbeff56a1375a33bac7b220056a6f6a292035b17a3c3fd55897548c68ad7886ef432cef353da3da8deaea09df078569c042258dfc0763d54be89302b11a6d24f4086028b82520fb6d967b78b611a7e9661a92b1a8f12d407d2289e85a82bd0b7c742055acd2396ba8d101e91ce2e9f387e909fe6da3109e1937b1e12515f23c8f1b739d4c40a287cae3bf59e901fff2ba0de0a36a304428e9febe42a01dea2eacae9416a72ddabb98d2e69c70ea9edfc57cd81fc4217ec353caf01a1a61b925102f866b4090b6447cfd8eeff2a3a49e30fe0a4fff77fe1a225dbdb2fac338526c7438631b69ead8781b86801f530b04b1544be2c22aff4ac89b0ce4353526905e59e18f7f01c221e42354a5269e0e28afa29f38bcab3923fe8d64fbf81433991b0bb9df6fc4c28ba175871d87bb5ce6cf5bf4572bb873c044f0aeb2981e34a005df55d354db0353f6433f76adde2c124793a1da43aca0e62a744992ed8efa8571a26857aa65a21cfc3507471ab75525cedb559c430b5d03a5c4e923f7fbec50d0eb10fc40b3d7986245f4c6888a53df7fe7fdcc11261e70d8cca04baff938f8446bd9048baba31085f20746c5f0e00d816dca934804ea2877cca51b5c0e31dfeefb9e91e41189d67412a09af16b4cb709e6fee71b2766a71c8397578516b656633bb620dfc8bc15de4ea5f75f6845ea44805442125adef9377e98b5d8e73f3a0bfbd330467daf10d9f7a95cd6fd4827fa1b062898fa454437bf185b9e0d98c9d10a5db80364bca446205739b23a1e7e860647ed30e2b72524da94a5f70dcbcd67d8df08f0d57583011d5487669c5a45905125186590322dbe481e820a6a6c29c136fa4301ade06baddca45f0d5ce913b5b763d293da4afaa450b17ff4933e4478fbba9ad9e6e5eafe9fdeb82b7d65bc92f6690d03a49923810558b5e0f5bf47e7d000a5e132217c174445565d57d29f02e71d7205b8ec10330fea51d972fc5c81b1b36775816082f979b5b1fe3601c9c8e8fa0c3504bfa30e3603d5a0f3a7cbd27d744b27cdbf318acbed70697519605453df106123e1a6148c9146154986e288d8a70b6fed1667cc1e0b199067c704a6d41ba751b53102ebca01b3ce90226847808646c95f3eb231b6af0b0f329bd997db5a4d3ff18edf0203e351fcfa8c8ae2be6953472bbb3f40bb6ab3f8f2128d11a3bba133f0204e2e0df189cc8d2cb8af81d0941a37c2165112ed452008930bcc607fa6fe3ad1def902d89c7330e6042f6f86c3a75665ec603b6e392b417a0d907d42e6534db72adbad4266c6601d7b8bf8d9cde807088f76b07c06840d0806eb89aa545292284bf050e732e547ed54417b3ec7e7a7c5e8454a56f5092ea8cb27e74e0672c2951647e29dadbdea86d2a4d9e53ab01c9d21e902fc9c6ff4c317b3c0398561364e880e2b079d79a27d6dcc3d586abc043477981bd36746f5570840536bef104a158e2461296717d247b6004565ffb8eb9bb5258c65032f0b472c4f3667a17e3ff65b45c91e2411b5990f054e0c2a05fc175d2db7fb32ca32e4c11b46f08bae1614e2add96133ab383c1e78f4e3f21ed3010a35c76ad88714b526d3a5ba799e6f7bf9d5696e7b42c8c264162a28831baaef180f40489ad681af6c0a674cc7b65e8b8ab704d15546f70ed1e67f7643bbc8d0b8482024b8f320b5bdccb1014f5e1a34c6c795428660f026d93dd5dcabf2330dc62894bfe48fde6b931ba55dc2a222a27a3906ba5b98476321b6d27217fd58ad93b616aac91b139729d91de6f8ef49402e2741b8dd821f4cbaf7c4662ac782b255dc438164e54c417044e9bf5e13a8247777726dacea4341d8ba03bad17070dd0f07da13179d29ac00aefa41aaf4688e99eb395205f6d6d71999b3718f7f2d618117334977a92b15ed52e45e7d5df7a22be9cf0e008c41257d99b2426068c48de100b8e3019b624ce2f2849c35b74fe5ecc4478b2968a97cfcb759fc73c8cd21bda084646dadee926a4f606768749a89e11be2a23985631c922a73ba93f3619dcc4621c8da57697420859210aa43ec06feb649b9f1362fe9553f9d552b77203085d9a4da629f03fbf339bd8ccae6c411f6d8f131232575d28af2a2690529080f02a5a74fe59d1255039f09b8d565a4838930f88d6129389f2312a2ebcf0fe7d8b6dea3484cea9a1628349218b8ccefdea2b6c37676acc2a082fb73b19705e98079c1de7776cb830e79c0081a2da4059714f19587d10223fc50ea8434f1c7919a77acd7c5b20ac9fe8ad9d348e2c5bdb57fac1ec0c31a1688e22aab4f1a81826f3a47bd364505d35975c105a152aa8e42b2422a100ad3d3184d286884552143051b79294aba34bfc5cc332f0b6aa3bf186776ceb8861336ed97b85b9a7d548bf7b7a907256c7c6a2427d92aff68ba18544b95a75564029387fd2569943f8d54e64cc621123105eb56bcfaea06e38af31a05ef38302d2b6178121d52309865c5ec1147159c07b4d4e1ece24f6a1f63a492c617870c96dcabf43b73055d749e465cdbb965b18091eee65bd423f249d934ae904c2129b93d116353fe014e1afbcab5f74766a806451855bc28494653b9a863b9707c2a0fce3eb4b55c4220078651a94d3b9c6e92f4995dd56ec17d144b07bfb1b955b557d14774e64f400e0075781381b33d73a60f6b96cddbda0962b2a609e6bca56a109847bc13798be711d3779d5a8c6541bd247fe3b7477a1378cdafece044db3f31810bc95f8fb4ae7a8815303faac03651a13924308c06c8e86506b7d186a717a1bda1d7cdea2b8b682d37f954f488a8e0d65f868a81b1af4b8f7331ba84414a7ada82e81e06e76ddfa0aca0ca9a53a5de0bcdcbb77284bab522ffb6f803e95f116ac1670c50acd36d80f170e8e7e05163f050dc89dd93bf9160a545174472376e1fcbb945e9294f796a09ca78452683b8bd39049d118acc24ef0dc18ef88899dd7c27a3585e914e6f6bc8bb1950c061c722134243cf151785bc19dada45b90d97cb83bc60885a908d0c13be9e54f1929fe1f76fb9886808caf0442aca4539a42078bfee82418d611f4c432fcbc5242c35a396c17c1b93b98b277a9c8ef0143643e120c0de4b7c6beb0a582789b81a9d3a0b8f96a332c89764283d84ec5e6b8350683a2b4eebcb214a7ad430ff9ebcfc1d850717a8d38b8e35e67fea4b8f14938cc3eeacbee30616c09e848ebae3cefb8f2a904f2b3d1252019ec914278942d9b914f95574031cf21f412aa7500f3955db7b9ef9403750058d75e53d16803d4463f7884df1e361d34ce646e20b3427a45cd307283f1ff00cca6c841fb9b06543bf1a254b21ff421331facb2f08a484904ea25e049597c8b0a2140e8ed2906d574e73165ec5591c89b5dc08e5943ff7399f76b1df90947a9479b1aab40abf8ebadfa1455b6dcac672f495a64b6230fd3fe948ce6c16cb87e11ac7affc9047ef33fa64585c1dce3bab4fecc0c7d81b5ea73aed3ef63fafc880b6e2ba09d0df6d626e817075d5f330d91cec4bcf4829c20192bc0ef7f728f52dd3e074bafda4f8cd8465311a9124baad61bd73ca76a0d0d1b80cb7a5e429067ed4707b64d38613008c8af3ffcedfeb8cda26def8bef7cf947af23939d18adbf56715f90c2df716eb037d536cd36bc2b832c57f4a319f392e1ab37e02dfb392bd52b02801665c8ea28edfcb153f267dcfbd671d4eaa0d56335f7ce5eccda6b9f74621a1b322f1f3a60b00196a65327b36419394e776b2e1c1479f5f902c5918adfa5b112bfaf786eeea1abae7c8c9d3e3fe737c23092143376808b5e26cf896fb5202572533facacaac10ec26cab819f74cd372c95d50a9b6560da69c1b22d5c15759b7ab1d8118e672bea9af7e8a30458ccaa1586ed2720d5465e139fe3dfc0bc95107061471cdf28a42aa8149848a147a1710407021d13e611b36ad3624de35c4dc5a02ba8ae724b2d8cd85f15094e1893c98052cee135d0c1c11a73297775fb517abbb471a8b100cb51d8815acac16703b56f8aadae334601a84fc306efa08aeb2afbad94632b5f209603cf5e5ca634bd74ed2e525580ddd2f2ee65241788f5e867b44d7ecd71f5858d269ffda98d93860d8f1c26c47df1199f95991b54808bc26c0ab67b40745b8dfed41838e2c5594413d2c6022abe3c1f132e9f7c8c69e50729325d37e7502519d53d7e1bf0bc8f62d216fc9c88b197cfa1571ce8368cc1b4b625559cab7e8397c6c7bf537bc8b9d604f4bdb04cab86d349e4a33f92eaa07378eac07ed8d51aea9c15ef4c4b0e0a16f9c794701a1b74b58beb15cc165a4dc1a13a0886f55cba2b977447b61c01e1295a4221e19321201f1df0d25c9e14bc4433678e48a5081de7c81f79a6370843bf0d6e3e5192c1ddc0bad14a11ada8006e4f6549da3a877a991351610eb0c5bb6228d266baa27eab2b9bf4455fc54aed3c74c12590835e498c11efdc63dde52a62d8f3a3c978152018182b3e4cbd00fff317d06f8e9475b4c7506dcc5547d8ace2b71024aa0e2220936d2bd05163b8f15bc429378fec52ac39d167200758884056dc14d3329b1d47f477a217eabb651fa97e05451cd6e861996648ab439c9aa6fa032e9083b8c0f87890c88c50dd5a6e6be8c4a4361f3b4c3181c570407dd1d2d835a87dd4b24f55a649c3e478bc002f30894d06411dc4dd8277f796976b8b2884ed371013225bbd95955827741331777da30b1b3370fb4d0bb914d97660f7e06759ba54b5697a4f7cfb67035867f39e53306eb55b31ba660769ce6993b2f44a7173576766ed20992d04e6b4aff20c138102537a142ceeac3804fb0a4eaddeddb6bcc69007c5531f0ba6851854d8d836a51e8d644c7b79e071f19986090d2404b562a17e1ec1da775c171373bcf5d2c3d7dd64a587d66e42b6963d892df898766648f37c8d10ca249e28368c388f4e70a80b2992a0a390a2d51a17a0c1774fec2d399a2b0a99c802012fff6300c4275d1305b9a9d0f8144df64da9016f16369e813dafc7cff55c5a60602141fcaa62d9fc0b93df6524d8692be3c7ded5354b63014686e98ef2b5947eda93e0cd232d3fdea943d3bc92a6f2835c55aca33dcd087b7260bc68def6ce96ef5d536b61006a595219382d8b8365eb92eab44e677109971bc4dfd077a56ff1f27e9b80edffb5ecac7bde5dc2a74c30a24b9cd1b0d4356ec424350e364d0dc929d657a8626a22111d4a0f360fe33be72a1f2c4f5c1b9843145ddff70d583a9b433cab33b10d93531aab7bb8a53c738aae79222481b135eca9441f47068299deabdc9c4f77e5d4ea286e8300eb5956368d0499691dbab1499baef30bb6c4a9bb0159635dc1774203fda828bf804e8f526ffb55abd8700915232964b7f219a7bb221efa6428089263ab753eb421a1952bc780289a85ebb9b510dec67a826ccce1cdfbb29a3a55f4e1068ca2c077544efac686d77c67c927430c3ac78c7c8b1f834be9a689fdab38f1401797dba32a284f5c5f9ed13d34d8a001cfeeeb7de12aaeae7706004f96a293e52106fd945428e7e98915070b1584a323bd8f00b9803ce189c9c0af032752d979df57a5098458c7de034db79f43d27bcb720078b05e5f364f2d789343fb6fc8b2cab810b1745fa36aaccf5d27fc7f06ab821268d83e697870632814319533373f24584b35b2ba9dd9b52a4a2e559c90b1b87549530a64fdbba5587242535fd0d600fa6e8497369a5587627182c62da4a47bc6ea99f7aaa765e3b74b7d9c48e779c8b13a2535d03ef8ac4bf3fc9e6eda5628034e7e453fbd6153b8b8e9f693c5dfa37f6a0a2542e6f86ebd2ae926822d7b31963c8879557dfa2a869ba3c5dc2dfcb60bc0a0c9816c2c4c58bdc09c2d76a007e68c38fd8b88709e5c49341630e333e13413c3e60c0d768d4c98bcb297e819ceb0f8b229d3037ac95639344bf42ee7f77922a6ac039837356dfd7c0ba3c5393548369bd71b4824326eaeb80a9c249504a08bfc164af220047cdf054d928a8d929a2fb621665122062dbd5cdde82b8289e0d510246e0bc30d34d8e96703f75c75328f99437be474315d8cb55066badbc0ee852c8ef28e1de7f5b58dda97742db5f708c6be3279d700ba147f1519485020336c260d825920870739fdb288f22b980fb7bcbf147b1a95fcc3d8d1899749d928eea8d47cccc1fbbdd5729a3f2f73d2ae352eb3e043405bcb7fa12b2a80d6a3f0178a18cbc5794fd65f0caddaff57616dfed94884a48b27b181c55200d9ecdfbb082dcd2952089938e134eecb40c2f95cb7808fc7da09282787edb1939e75bc8e284c01239a895246be025c8e0168ae83f5adc62f4f81ddbf6ba9b5fce3ddd111eb61c42777a8c303abe291aa9ef383ef1d6c26c4f8698375cc76a7e078ac948f2e84de084fdb380d38d2e1810ce8118999554c06f8d583bd37003b407dd7b41a3b14f10a5ae7c2e8fdd087cc322ddc399fe38cc542bc957b38b0fda34a3ee5c6a97d25629d26a75de211fe1cc4ca63880caa8f85f3bd489c39cf30eac81784e4456a775dee3045df2a1875623a4fbf227cf90cd237721a6dff29d26a16306e4033cc644e35cba3cc4e45cfd0cefc9c8d8a0f35bf31a8319b54fb549554c7089b9334a9867d51d71aae1f342d5602ef2d394e6c8a8aa6c15121d8c8b3abe3416367dcc276c048c65311ad70df0ecf0cf817a1a27e1dc50fedea83de8a8bb7746e23be2f335c9cda9a7f08d72b9debc35d49e9ec4c9815040c38c11375dd7f2897b20479343b86b51c317e0e90f9465d8c425857e1831931714284c60f68036134304558e53d2d42813a42a3017ab21feab6132f3a2f8c5670a1076dab6136cd6836b52d7ee54639758085438831dcd8157ccae47784a35364babff9299e4eaa389931199b4901f12185a0d228473d4a147d88e55bd11f8ed2957b7f2f3efb3e444f0aec9bef1f68cffbdac04698cc277706f2ffdd263586b84c645f1721ee3008b398918fdfb9b06b98078447c0edd7c058524825a1124e9af37fa9cb77302aded60eca394c866397c3bc18f8277d9277921abd06b61b1445f43cd7f0b5b2c023832f6d67f86d9b6ff9985edee1ec2572486b43d3be834d5b60d208b1187ca7cc8b17133f55314ee640268d5337d7dcdf1742cb543d63ae3c09e312ac05b5d585d9437bf16bd560ef739f12c878178757e1f675a8671becae2bf03f87de4bc40b4b7a3aa6e2f28f015332b10b9fe426ebd45d7a26e769bb05eb2866bb34c56b079a5bd23352bcb08c379b400512b0d8438ee5371171ccbf2921c1e150fffb5885286f933f4393088ba21c47b15d1a35de27dbd02e58859aa080f87d0a857e92d0f52c549c04cd9368c94a8024e184773cb3431d854c2855e93ac9f24d5e45d11c2acfb03755e7f279b368e2e31b3653a7d7e2e102ac67f363c195272e2896bec544f669f2d25ae8638ac30da6ed52404b32b8ee9f0f2909ef6b4e2db3a6ea88b8a6f2f2c025959efb7b94005eb307aae01af8a19ee6178270be09d93837793b43bcdab98b9c04b6bfea7ac2217c11aeec277bc199b67ac24b7352299e7fec85aa151029d14441b56bb6031cdc72a1a90ef537c6d2bce7ffc7c366a88f8bc87cd8ef4e91b5ad9d85ed84f9b85f029252ad5ff13d564d842ef310feaba90974e40889e7cb753eb44ef96bc4c25b021fe50e9957a9c3cc9904aa920fc8a8e82a826b945559b57591fa1a26c380afe65d930f9bd9a3d93f57324d28c2741e728cbd106dccdf66863e49db8a0df1398ba8594fa5102b8157e4b987f4339820df5a7aa2b1c47ed0211437ee3d81dcbffa500dc4b743d49028581234c7e9db2e951d5bf3e3c448ce58bf94a2f7ef95eda07daae00bef1794d27330927b2460778fdee580efe431ee244aae452cd60100b6c9f0cd5e79e170a7b149abfcc26b77d33c35311c95e3ba0752eabce3d1310a8aa45ecd1659e4e855919d153ebeb434581a6d352508771b030acd3fee51badf6767a7931bbba2cf195bd98fd096a6be14d7172cf1dbe3a82bae73a29223c623c090cbc5fffe8f3291", 0x2000, 0x0)
socket$inet6(0xa, 0x3, 0xff)
syz_ublk_setup_queues(r4, r9, &(0x7f0000000540)={0x0, 0x145f, 0x10, 0x3, 0xb2}, &(0x7f00000002c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0xcd26, 0x0, 0x3, 0x213}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1e3c, 0xb155c4dedb2408a4, 0x9, 0x102, 0x0, r4}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xf39, 0x1000, 0x3, 0x102c4, 0x0, r4}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x2e84, 0x8, 0x1, 0x21b, 0x0, r4}}], 0x4, &(0x7f0000001540)={0x2e, 0x40, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x1, {0x6}, 0x0, r8, '\x00', {0x1, 0x48a, 0x0, 0x0}}, 0x0)

3.323329752s ago: executing program 5 (id=1199):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x2, 0x900)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000300)={0x0, &(0x7f0000000140)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000000c0)={0x0, 0x0, r1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
listen(0xffffffffffffffff, 0x5)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000100)={0xeb, 0x0, [{0x1, 0x0, 0x5, 0x7, 0x800, 0x7fffffff, 0x2}]})

2.27611343s ago: executing program 5 (id=1203):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/83, 0x53}], 0x1}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x2c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r5, r7, 0x25, 0x0, @val=@tcx}, 0x1c)
r8 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r9=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x40, '\x00', r9, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, 0x0, 0x700, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x9}, @ETHTOOL_A_LINKINFO_PORT={0x5}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x7f}, @ETHTOOL_A_LINKINFO_HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x800}, 0x800)
r10 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$inet_sctp(r10, &(0x7f0000000a40)={&(0x7f0000000280)=@in6={0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, '\x00', 0x25}, 0xfffffff8}, 0x1c, &(0x7f0000000a00)=[{&(0x7f00000003c0)="caa91f2b64fde79390b326a8fa89ff5050092e11bccbb82441ba892984a7e0f79575475651dd508c15f2cb47a34d2000c2ef1748bc3124feb335dcba6ab381943c51186ce55f0cb680702c17ef0a26f49b9e7873194315dded3ae8c2594169bbcee9ed44dd2680b21b87ed695478877aea38e90f3eafe4d3b5118fc21a60b840b41de26ebea9abc7c7c413abde73d6f11766fa75236d104cdbec62d9d7e7bfa81d465655da221bd4ccf32d9d8f0ffe039b3608a0c73507ae5d664c787a8575cba0b6f9e2c0326787443a018af0ed8103cfb137ef5b6a31b360d8a3fc7c3010b4ff41dbb69178be", 0xe7}, {&(0x7f0000000500)="905e957f09c9fc0201d1f0a19c8a5417aae1b220f186fa00be4a", 0x1a}, {&(0x7f0000000640)="1313ad829b71fa0f5637ea6efd641d834dec539001a92645cb2f66bee71cd09977b0e259e3f9686afb316d356897e7bb620ae76f570bf81e552f0c8a9f5eb4beeeb639962028c8f75d81fa1cdd9690c4b453a3b742f4de0f98b0b09f3b8e8a8343abf30295af52e7f081e0895a595175c72a5498ef788ede6952311c5a39817b55fb6d4b3ba69bc9be4d5a9b5e01c048b43b3d6b855cc6d578f44116f464d9891909c6439eef5ddd4f60e473cc", 0xad}, {&(0x7f0000000840)="cde9463ffbb0bceaddd97070e7d3a0aa458d6cc60eb49ac1bfcec7df030adc1ee21b573a2ce7bcc9a12c3f3e890415f031dd7f739d5256c424536ac6a6144bf6667c9741afb3b4209219bc2ba28806d86f3a894d0b437fe9e9afb8117b35cb7be83ae590d4b0d833f068fbc310f74e519ce2f5a200b9ec220e543d004624899ebc5c7f15fc99186ba04ddae9889a176aeb55359e7aa15da2174fd0a49ceb7cdf85b3eeb2cb32a8afc107a12581db7d2354687a4bb1ccf32f5fa1dec25c0646aec4fd341c873d8f4a7c66c937da37a9dd8bb9f69c3c3d988ea158697a", 0xdc}, {&(0x7f0000000940)="7f2e8bd828b6ef282f050f65c680bd0e77c92467545b8f82bb71176db430387ab67653f2899cdf5919ac384e2850f3572ff855d6af94733837d515c380af97b8735f571d2fe16e6cdb76ddb1369dacb6a3e5a72e0318a0bdaee00727b5", 0x5d}, {&(0x7f00000009c0)="62cc1d40584b8512fee16baabfa0c82f20c259aa", 0x14}], 0x6}, 0x4001)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010001000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

2.260874965s ago: executing program 7 (id=1204):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0x2})
r1 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000380)={@void, @void, @eth={@link_local, @local, @val={@void, {0x8100, 0x0, 0x0, 0x20}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x3e, 0x14, 0x66, 0x0, 0xfe, 0x11, 0x0, @private=0xa010100, @multicast2}}}}}}, 0x26)

2.078837433s ago: executing program 4 (id=1206):
mlock(&(0x7f0000f47000/0x4000)=nil, 0x4000)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000000c0)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x11000000}, 0x0)
r0 = userfaultfd(0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x5)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='cgroup\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0xffffff8c, 0x200000)
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)=""/184, 0xb8}], 0x1, 0xc6, 0x3)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000080)=<r3=>0xffffffffffffffff)
ioctl$VIDIOC_DQBUF(r1, 0xc04c5611, &(0x7f00000000c0)=@multiplanar_overlay={0x6, 0x2, 0x4, 0x100000, 0x1, {0x77359400}, {0x0, 0x8, 0x5, 0xf, 0x9, 0x4c, "98d8aff0"}, 0x3, 0x3, {&(0x7f0000000140)=[{0x9, 0x5, {0x6}}, {0x8, 0x1, {0x80000000}, 0x4}]}, 0x3, 0x0, r3})
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}})
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000200)={{{@in=@initdev, @in6=@private2}}, {{@in=@dev}, 0x0, @in6=@dev}}, &(0x7f0000000300)=0xe4)

1.987824937s ago: executing program 4 (id=1207):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000080), &(0x7f00000000c0), 0x2, 0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x80, 0x1000000, 0x8, 0x1}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b936, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0xd}, {0xffff, 0xb}, {0x7, 0xffe0}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xf, 0xa, 0x0, 0x6}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x4890)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x8)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
ptrace$cont(0x9, r6, 0x276, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r7=>0x0})
sendto$packet(r5, &(0x7f0000000800)="05031400d3fc140000004788031c", 0xe, 0x4, &(0x7f0000000140)={0x11, 0x88a8, r7, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.920241486s ago: executing program 4 (id=1208):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x7, 0x20, 0x0, 0x0, 0x7ff, 0x7ff0bdbe, 0x0, 0xffffffff, 0x1000005, 0x0})

1.920087059s ago: executing program 7 (id=1209):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000002200)=ANY=[@ANYBLOB="020200000d"], 0x68}, 0x1, 0x7}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/power/resume', 0x149a82, 0x80)
write$cgroup_int(r1, &(0x7f0000000040)=0x800000000001c8, 0x12)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000002001000fe040001fffe002000"/28], 0x1c}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[@ANYRES64=r1, @ANYRESOCT=r0], 0xfffffffffffffd69)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r3 = syz_open_pts(r0, 0x80)
r4 = dup3(r3, r0, 0x80000)
read$watch_queue(r4, &(0x7f0000002d40)=""/4095, 0xfff)

1.849813634s ago: executing program 4 (id=1210):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000100)={{0x100, 0x0, 0x0, 0x1}, 'syz1\x00', 0x1a})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502) (fail_nth: 2)

1.839778692s ago: executing program 7 (id=1211):
io_setup(0x5, &(0x7f00000000c0)) (async)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x20800, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r1=>0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000100)=<r2=>0xffffffffffffffff)
io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x3, r2, &(0x7f0000000180)="5179f85926f23a22ab49acaf2d339de0e089ac5d653b22b343ad7ff0b71595c68a7cb8a3038d867b912eb2c02780d807566c82f6e4bb7898ec2dd765f400e1c73a6991da1da7d89e6f8554ec0502da7fd2c4edc760c820ad227f0f84d8ce5c55a9815dfa4762d0dfc1ec25e1bbf5329bcaa36cc1ec2f69ff78e23147e8b042378daa9dde", 0x84, 0x0, 0x0, 0x1}])
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000ec0), r3)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f00000013c0)={0x74, r4, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'hsr0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:auth_cache_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}]}, 0x74}, 0x1, 0x0, 0x0, 0xc000840}, 0x20008800)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xc, r0, 0x0, 0x0, 0x8000}])

1.66000921s ago: executing program 4 (id=1212):
r0 = syz_usb_connect(0x3, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000062a10b40450c1010fce60502030109021b00010000000009043200019740a40009058203ff"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0xb2)
mount$9p_virtio(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x2210088, &(0x7f0000000580)=ANY=[@ANYBLOB="74f5026e733d76697274696f2c70726976706f72742c646972656374696f2c63616368653d6c6f6f73652c6d73697a653d307830303030303030303030303031303030"])
chdir(&(0x7f0000000100)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ftruncate(r1, 0x4a8e)
io_setup(0x200, &(0x7f0000000140)=<r2=>0x0)
socket(0x27, 0x800, 0x7f)
io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r1, &(0x7f0000000200)="0000000000e3ff00000000005d", 0xd}])
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x5, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x13}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x28, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
process_vm_writev(r4, &(0x7f0000000800)=[{&(0x7f0000000400)=""/187, 0xbb}, {&(0x7f0000000600)=""/244, 0xf4}, {&(0x7f0000000700)=""/109, 0x6d}, {&(0x7f0000000780)=""/80, 0x50}], 0x4, &(0x7f00000029c0)=[{&(0x7f0000000840)=""/60, 0x3c}, {&(0x7f0000000880)=""/3, 0x3}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/67, 0x43}, {&(0x7f0000001940)=""/103, 0x67}, {&(0x7f00000019c0)=""/4096, 0x1000}], 0x6, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="22000000040000001000000012"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r7}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xf, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a8001600200002000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a70000090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100100040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e05000000214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc00000000010000000001000000", 0xd8}], 0x1}, 0x0)
syz_usb_disconnect(r0)
write$char_usb(r5, &(0x7f00000003c0)='0', 0x1)

1.531573532s ago: executing program 7 (id=1213):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4) (fail_nth: 7)

1.480143862s ago: executing program 7 (id=1214):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x183100, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xd}, @hci_ev_le_ltk_req={{}, {0xc8, 0x9, 0x8}}}}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$DVB_DEMUX_DMX_DQBUF(r0, 0xc0186f40, &(0x7f00000000c0)={0x5, 0x7, 0x6, 0xc1, 0x7, 0x8})
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="0200000000ffdbdf25020000000800098004000b80"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x8000, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)

1.33949662s ago: executing program 5 (id=1215):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
symlinkat(0x0, 0xffffffffffffffff, 0x0)
setuid(0xee01)
r1 = userfaultfd(0x80001)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000009, 0x4000010, 0xffffffffffffffff, 0x0)
readv(r1, 0x0, 0x0)
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633bffff250b5a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a97454800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

1.059384446s ago: executing program 8 (id=1216):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r0, &(0x7f0000000000)={0x24, @short={0x2, 0x1, 0xaaa1}}, 0x14)

1.005935998s ago: executing program 8 (id=1217):
syz_open_dev$dvb_frontend(&(0x7f0000000040), 0x0, 0x0) (async)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) (async)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
write$vga_arbiter(r0, &(0x7f0000000200)=@unlock_all, 0xb) (async)
r1 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000300)={0x14}) (async)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0xa86060, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB="2c616669643d3078303030303030303030303030303030372c63616368653d7265616461686561642c63616368653d6c6f6f73652c6d6d61702c76657273696f6e777eeb31178feadcb6363d3970323030702c00"]) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)

987.93727ms ago: executing program 5 (id=1218):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x80202, 0x0)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000000140), 0x400)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000400)={0x4, 0x4, 0x1, 'queue0\x00', 0x2})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
unlink(&(0x7f0000000000)='./bus/\x00')
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x17, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000e7000000000000000900000018110000", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000065090100000000006600000020207025180100002020702500000000002020207b9a00fe000000005e9100000000000037010000f8ffffffb702000008000000b7030000ffffffff56000000060000002c93000000000000b5030000000000008500000076000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x7a, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x2020000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x13}}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054)
r7 = fsopen(&(0x7f0000000040)='ocfs2_dlmfs\x00', 0x0)
r8 = syz_io_uring_setup(0x47ec, &(0x7f0000000400)={0x0, 0x9ac7, 0x10000, 0x0, 0x55}, &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000140)=<r10=>0x0, &(0x7f0000000080)=<r11=>0x0)
syz_io_uring_submit(r9, r10, r11, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1})
io_uring_enter(r8, 0x1, 0xfffffffd, 0x9, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x8, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000380)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x8}, @hci_rp_read_auth_payload_to={{}, {0x1, 0xc8, 0x81}}}}, 0xb)

910.100571ms ago: executing program 8 (id=1219):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c)
r1 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB])
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002600)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000002640)={0x2020}, 0x2020)
setsockopt$MRT_DEL_MFC_PROXY(r0, 0x0, 0xd3, &(0x7f00000000c0)={@multicast2, @multicast1, 0x0, "c6c0e6ed8755b5dc4e0e000c58ea00000000000600", 0x0, 0xfffffffe, 0x2, 0x2}, 0x3c)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x89f6, &(0x7f0000000340)="b2d311af94b883a7c917af570ae7b1e843a0a788f69d7891ade96769393efc8056a6f002e30c8d84568d737b56856a562c77400d2763599c42c39c2c346641f570afdc53d009685de5793fa1d5eece360b7f7647069f8c0e53a28126b06a6b5e797d92fc70f0bbf7cf41ac7523191c55decb8e836ebd8eba368cc270864fb703f797122b8690d189cd617620b20d0a9b8796")
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000080)={'syzkaller1\x00', @broadcast})
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000003c0)={0x0, {0x2, 0x4e20, @rand_addr=0x64010100}, {0x2, 0x4a24, @remote}, {0x2, 0x4e25, @multicast2}, 0x204, 0x0, 0x0, 0x0, 0x2008, 0x0, 0x200003, 0x2, 0x2})
write$tun(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="080000fa"], 0xdc)
r5 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = fsmount(r5, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x185b2000)
r7 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x80100, 0x9c)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305829, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r8, 0x29, 0x41, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x54)
setsockopt$WPAN_WANTLQI(r7, 0x0, 0x3, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
connect$packet(r7, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0xa, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x9}}, 0x14)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000002280), 0xffffffffffffffff)

620.079523ms ago: executing program 7 (id=1220):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x801)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x22802, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x40000071, 0x0, 0x28cd}]})
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)={0x9c, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_PROTOINFO={0x8, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x4}}]}, 0x9c}}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})

0s ago: executing program 4 (id=1221):
r0 = socket(0x11, 0x3, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0x2, 0x6})
ioctl$TIOCOUTQ(r1, 0x4bfb, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r3=>0x0})
sendmsg(r0, &(0x7f0000000180)={&(0x7f0000000040)=@xdp={0x2c, 0x8, r3, 0x6}, 0x80, &(0x7f0000000340)=[{&(0x7f00000004c0)="000302000b00000000002d3922ff65b4355e953d23d254f0", 0x18}, {&(0x7f0000000240)="60a75dc565ef116aa412580445034943beea59637ecdd8a174caf38d", 0x1c}, {&(0x7f0000000500)="55f0e46e7aeb504dca2fb5", 0xb}, {&(0x7f00000002c0)="ba27dbcc9c7c396af4b4e76b61", 0xd}], 0x4}, 0x40011)

kernel console output (not intermixed with test programs):

klog
[  280.231208][ T9397] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.234395][ T9397] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.244840][ T9397] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.273121][ T9401] netlink: 'syz.7.835': attribute type 1 has an invalid length.
[  280.275722][ T9401] netlink: 224 bytes leftover after parsing attributes in process `syz.7.835'.
[  280.467631][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.472946][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.476989][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.617355][ T6875] usb 12-1: new high-speed USB device number 12 using dummy_hcd
[  280.772433][ T6875] usb 12-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  280.783370][ T6875] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  280.789537][ T6875] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  280.793666][ T6875] usb 12-1: Product: syz
[  280.795906][ T6875] usb 12-1: Manufacturer: syz
[  280.801282][ T6875] usb 12-1: SerialNumber: syz
[  281.077946][ T9397] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  281.132930][ T6875] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  281.254925][ T6875] usb 12-1: USB disconnect, device number 12
[  281.465912][ T6875] usblp0: removed
[  281.987317][ T6875] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  282.154405][ T6875] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  282.168103][ T6875] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  282.184042][ T6875] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  282.195111][ T6875] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  282.210778][ T6875] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  282.239338][ T6875] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  282.251078][ T6875] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  282.262411][ T6875] usb 10-1: Product: syz
[  282.267871][ T6875] usb 10-1: Manufacturer: syz
[  282.329523][ T6875] cdc_wdm 10-1:1.0: skipping garbage
[  282.342895][ T6875] cdc_wdm 10-1:1.0: skipping garbage
[  282.379182][ T6875] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  282.388506][ T6875] cdc_wdm 10-1:1.0: Unknown control protocol
[  282.696305][ T2078] usb 10-1: USB disconnect, device number 15
[  283.186003][ T9426] syzkaller0: entered promiscuous mode
[  283.192464][ T9426] syzkaller0: entered allmulticast mode
[  283.430486][ T9428] netlink: 'syz.5.844': attribute type 1 has an invalid length.
[  283.432945][ T9428] netlink: 224 bytes leftover after parsing attributes in process `syz.5.844'.
[  283.600446][ T9442] netlink: 256 bytes leftover after parsing attributes in process `syz.5.849'.
[  283.887202][ T9453] wg2 speed is unknown, defaulting to 1000
[  283.987301][ T9458] wg2 speed is unknown, defaulting to 1000
[  284.097232][ T2078] usb 12-1: new high-speed USB device number 13 using dummy_hcd
[  284.271399][ T2078] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  284.275511][ T2078] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  284.279121][ T2078] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66
[  284.282214][ T2078] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  284.285936][ T2078] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  284.292210][ T2078] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  284.295141][ T2078] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  284.297834][ T2078] usb 12-1: Product: syz
[  284.299334][ T2078] usb 12-1: Manufacturer: syz
[  284.306319][ T2078] cdc_wdm 12-1:1.0: skipping garbage
[  284.317341][ T2078] cdc_wdm 12-1:1.0: skipping garbage
[  284.324387][ T2078] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  284.333512][ T2078] cdc_wdm 12-1:1.0: Unknown control protocol
[  284.409435][ T9467] netlink: 24 bytes leftover after parsing attributes in process `syz.8.858'.
[  284.581841][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.584656][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.587542][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.590289][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.593180][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.596076][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.598851][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.601551][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.604269][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.606998][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.609592][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.612411][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.615214][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.617965][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.620721][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.623377][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.625781][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.628163][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.630569][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  284.633123][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  284.637977][ T2078] usb 12-1: USB disconnect, device number 13
[  284.994500][ T6875] usb 13-1: new high-speed USB device number 8 using dummy_hcd
[  285.036510][ T9475] netlink: 256 bytes leftover after parsing attributes in process `syz.4.861'.
[  285.193599][ T9478] syzkaller0: left promiscuous mode
[  285.195328][ T9478] syzkaller0: left allmulticast mode
[  285.248292][ T6875] usb 13-1: Using ep0 maxpacket: 16
[  285.253998][ T5840] net_ratelimit: 6 callbacks suppressed
[  285.254009][ T5840] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  285.310266][ T9484] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  285.315538][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  285.683054][ T9496] wg2 speed is unknown, defaulting to 1000
[  285.807381][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  285.977374][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  286.038942][ T9502] FAULT_INJECTION: forcing a failure.
[  286.038942][ T9502] name failslab, interval 1, probability 0, space 0, times 0
[  286.043252][ T9502] CPU: 2 UID: 0 PID: 9502 Comm: syz.4.869 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  286.043269][ T9502] Tainted: [L]=SOFTLOCKUP
[  286.043273][ T9502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  286.043279][ T9502] Call Trace:
[  286.043283][ T9502]  <TASK>
[  286.043287][ T9502]  dump_stack_lvl+0x100/0x190
[  286.043308][ T9502]  should_fail_ex.cold+0x5/0xa
[  286.043325][ T9502]  should_failslab+0xc2/0x120
[  286.043338][ T9502]  __kmalloc_cache_noprof+0x7a/0x6f0
[  286.043353][ T9502]  ? route4_init+0x3f/0xa0
[  286.043366][ T9502]  ? __pfx_route4_classify+0x10/0x10
[  286.043378][ T9502]  route4_init+0x3f/0xa0
[  286.043389][ T9502]  tc_new_tfilter+0x105c/0x24a0
[  286.043409][ T9502]  ? kasan_quarantine_put+0x104/0x240
[  286.043419][ T9502]  ? lockdep_hardirqs_on+0x78/0x100
[  286.043434][ T9502]  ? __pfx_tc_new_tfilter+0x10/0x10
[  286.043447][ T9502]  ? kfree_skbmem+0x19a/0x210
[  286.043461][ T9502]  ? skb_release_data+0x6ca/0x8e0
[  286.043474][ T9502]  ? __lock_acquire+0x4a5/0x2630
[  286.043497][ T9502]  ? find_held_lock+0x2b/0x80
[  286.043510][ T9502]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  286.043522][ T9502]  ? __pfx_tc_new_tfilter+0x10/0x10
[  286.043536][ T9502]  rtnetlink_rcv_msg+0x95e/0xe90
[  286.043549][ T9502]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  286.043564][ T9502]  ? ref_tracker_free+0x37e/0x6c0
[  286.043576][ T9502]  netlink_rcv_skb+0x159/0x420
[  286.043590][ T9502]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  286.043602][ T9502]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  286.043620][ T9502]  ? netlink_deliver_tap+0x1ae/0xcc0
[  286.043635][ T9502]  netlink_unicast+0x585/0x850
[  286.043651][ T9502]  ? __pfx_netlink_unicast+0x10/0x10
[  286.043668][ T9502]  netlink_sendmsg+0x8b0/0xda0
[  286.043684][ T9502]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.043699][ T9502]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  286.043712][ T9502]  ____sys_sendmsg+0x9e1/0xb70
[  286.043725][ T9502]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.043740][ T9502]  ? __pfx_____sys_sendmsg+0x10/0x10
[  286.043759][ T9502]  ___sys_sendmsg+0x190/0x1e0
[  286.043774][ T9502]  ? __pfx____sys_sendmsg+0x10/0x10
[  286.043794][ T9502]  ? find_held_lock+0x2b/0x80
[  286.043819][ T9502]  __sys_sendmsg+0x170/0x220
[  286.043830][ T9502]  ? __pfx___sys_sendmsg+0x10/0x10
[  286.043840][ T9502]  ? __fget_files+0x21f/0x3d0
[  286.043883][ T9502]  ? ksys_write+0x1ac/0x250
[  286.043899][ T9502]  ? rcu_is_watching+0x12/0xc0
[  286.043912][ T9502]  __do_fast_syscall_32+0xe7/0x970
[  286.043928][ T9502]  ? lockdep_hardirqs_on+0x78/0x100
[  286.043943][ T9502]  do_fast_syscall_32+0x32/0x70
[  286.043959][ T9502]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.043972][ T9502] RIP: 0023:0xf7f73f7c
[  286.043981][ T9502] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  286.043991][ T9502] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  286.044001][ T9502] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080006040
[  286.044008][ T9502] RDX: 0000000000040010 RSI: 0000000000000000 RDI: 0000000000000000
[  286.044014][ T9502] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.044020][ T9502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  286.044025][ T9502] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  286.044038][ T9502]  </TASK>
[  286.576571][ T6875] usb 13-1: unable to get BOS descriptor or descriptor too short
[  286.584504][ T6875] usb 13-1: unable to read config index 0 descriptor/start: -71
[  286.588256][ T6875] usb 13-1: can't read configurations, error -71
[  286.656087][ T9512] wg2 speed is unknown, defaulting to 1000
[  286.847545][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.008147][ T9525] overlay: ./bus is not a directory
[  287.803751][ T9551] netlink: 'syz.7.882': attribute type 12 has an invalid length.
[  287.807996][ T9551] netlink: 'syz.7.882': attribute type 29 has an invalid length.
[  287.810730][ T9551] netlink: 148 bytes leftover after parsing attributes in process `syz.7.882'.
[  287.813772][ T9551] netlink: 'syz.7.882': attribute type 1 has an invalid length.
[  287.816327][ T9551] netlink: 47 bytes leftover after parsing attributes in process `syz.7.882'.
[  287.835133][ T9551] netlink: 'syz.7.882': attribute type 12 has an invalid length.
[  287.838857][ T9551] netlink: 'syz.7.882': attribute type 29 has an invalid length.
[  287.841511][ T9551] netlink: 148 bytes leftover after parsing attributes in process `syz.7.882'.
[  287.844624][ T9551] netlink: 'syz.7.882': attribute type 1 has an invalid length.
[  287.847384][ T9551] netlink: 47 bytes leftover after parsing attributes in process `syz.7.882'.
[  287.887359][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  288.689661][ T9563] netlink: 40 bytes leftover after parsing attributes in process `syz.7.886'.
[  288.719523][ T9563] bond1: peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms
[  288.729573][ T9563] netlink: 40 bytes leftover after parsing attributes in process `syz.7.886'.
[  288.732609][ T9563] bond1: peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms
[  288.783706][ T9568] syz_tun: entered allmulticast mode
[  288.793238][ T9567] syz_tun: left allmulticast mode
[  288.871080][ T9574] wg2 speed is unknown, defaulting to 1000
[  288.932570][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  288.967198][ T9579] netlink: 256 bytes leftover after parsing attributes in process `syz.4.891'.
[  289.017383][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  289.396977][ T9594] ubi: mtd0 is already attached to ubi16
[  289.821513][ T9609] netlink: 256 bytes leftover after parsing attributes in process `syz.7.900'.
[  289.967858][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  290.195201][ T9620] netlink: 8 bytes leftover after parsing attributes in process `syz.7.903'.
[  290.287623][ T9629] wg2 speed is unknown, defaulting to 1000
[  290.429102][ T9641] netlink: 8 bytes leftover after parsing attributes in process `syz.7.908'.
[  290.445535][ T9638] wg2 speed is unknown, defaulting to 1000
[  290.936949][ T9645] wg2 speed is unknown, defaulting to 1000
[  291.049427][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  291.422241][ T9659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.912'.
[  291.827618][ T9666] FAULT_INJECTION: forcing a failure.
[  291.827618][ T9666] name failslab, interval 1, probability 0, space 0, times 0
[  291.831867][ T9666] CPU: 0 UID: 0 PID: 9666 Comm: syz.4.915 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  291.831884][ T9666] Tainted: [L]=SOFTLOCKUP
[  291.831888][ T9666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  291.831894][ T9666] Call Trace:
[  291.831899][ T9666]  <TASK>
[  291.831903][ T9666]  dump_stack_lvl+0x100/0x190
[  291.831925][ T9666]  should_fail_ex.cold+0x5/0xa
[  291.831939][ T9666]  should_failslab+0xc2/0x120
[  291.831952][ T9666]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  291.831969][ T9666]  ? skb_clone+0x190/0x400
[  291.831982][ T9666]  skb_clone+0x190/0x400
[  291.831993][ T9666]  netlink_deliver_tap+0xaed/0xcc0
[  291.832009][ T9666]  netlink_unicast+0x6a5/0x850
[  291.832025][ T9666]  ? __pfx_netlink_unicast+0x10/0x10
[  291.832042][ T9666]  netlink_ack+0x655/0xb80
[  291.832059][ T9666]  netlink_rcv_skb+0x333/0x420
[  291.832073][ T9666]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  291.832086][ T9666]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  291.832105][ T9666]  ? ns_capable+0xd2/0xf0
[  291.832119][ T9666]  nfnetlink_rcv+0x1b3/0x440
[  291.832130][ T9666]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  291.832140][ T9666]  ? netlink_deliver_tap+0x1ae/0xcc0
[  291.832156][ T9666]  netlink_unicast+0x585/0x850
[  291.832171][ T9666]  ? __pfx_netlink_unicast+0x10/0x10
[  291.832188][ T9666]  netlink_sendmsg+0x8b0/0xda0
[  291.832204][ T9666]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.832233][ T9666]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  291.832248][ T9666]  ____sys_sendmsg+0x9e1/0xb70
[  291.832261][ T9666]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.832276][ T9666]  ? __pfx_____sys_sendmsg+0x10/0x10
[  291.832296][ T9666]  ___sys_sendmsg+0x190/0x1e0
[  291.832318][ T9666]  ? __pfx____sys_sendmsg+0x10/0x10
[  291.832341][ T9666]  ? find_held_lock+0x2b/0x80
[  291.832363][ T9666]  __sys_sendmsg+0x170/0x220
[  291.832374][ T9666]  ? __pfx___sys_sendmsg+0x10/0x10
[  291.832384][ T9666]  ? __fget_files+0x21f/0x3d0
[  291.832400][ T9666]  ? ksys_write+0x1ac/0x250
[  291.832413][ T9666]  ? rcu_is_watching+0x12/0xc0
[  291.832428][ T9666]  __do_fast_syscall_32+0xe7/0x970
[  291.832443][ T9666]  ? lockdep_hardirqs_on+0x78/0x100
[  291.832459][ T9666]  do_fast_syscall_32+0x32/0x70
[  291.832480][ T9666]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  291.832499][ T9666] RIP: 0023:0xf7f73f7c
[  291.832515][ T9666] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  291.832530][ T9666] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  291.832546][ T9666] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  291.832558][ T9666] RDX: 00000000240008c4 RSI: 0000000000000000 RDI: 0000000000000000
[  291.832567][ T9666] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  291.832575][ T9666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  291.832581][ T9666] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  291.832595][ T9666]  </TASK>
[  292.057839][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.128116][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.251019][ T9680] wg2 speed is unknown, defaulting to 1000
[  292.420140][ T9682] wg2 speed is unknown, defaulting to 1000
[  292.754840][ T9692] netlink: 'syz.4.923': attribute type 1 has an invalid length.
[  292.760687][ T9692] netlink: 224 bytes leftover after parsing attributes in process `syz.4.923'.
[  293.004553][ T9699] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  293.023897][ T9699] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  293.168688][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  293.202626][ T9701] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  293.433375][ T9710] netlink: 4 bytes leftover after parsing attributes in process `syz.8.929'.
[  294.731886][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  294.850604][ T5112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  295.097397][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  295.689831][ T9730] netlink: 'syz.5.932': attribute type 1 has an invalid length.
[  295.703034][ T9730] 8021q: adding VLAN 0 to HW filter on device bond2
[  295.739026][ T9730] bond2: (slave veth9): Enslaving as a backup interface with a down link
[  295.760930][ T9730] bond2: (slave dummy0): Enslaving as a backup interface with an up link
[  295.765339][ T9730] netlink: 'syz.5.932': attribute type 10 has an invalid length.
[  295.768218][ T9730] netlink: 40 bytes leftover after parsing attributes in process `syz.5.932'.
[  295.772376][ T9730] dummy0: entered promiscuous mode
[  295.779309][ T9730] bond2: (slave dummy0): Releasing backup interface
[  295.818011][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  295.879261][ T9744] wg2 speed is unknown, defaulting to 1000
[  295.892535][ T9741] No source specified
[  296.405732][ T9751] FAULT_INJECTION: forcing a failure.
[  296.405732][ T9751] name failslab, interval 1, probability 0, space 0, times 0
[  296.412097][ T9751] CPU: 3 UID: 0 PID: 9751 Comm: syz.8.938 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  296.412128][ T9751] Tainted: [L]=SOFTLOCKUP
[  296.412135][ T9751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  296.412145][ T9751] Call Trace:
[  296.412151][ T9751]  <TASK>
[  296.412159][ T9751]  dump_stack_lvl+0x100/0x190
[  296.412195][ T9751]  should_fail_ex.cold+0x5/0xa
[  296.412217][ T9751]  should_failslab+0xc2/0x120
[  296.412238][ T9751]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  296.412265][ T9751]  ? __alloc_skb+0x140/0x710
[  296.412281][ T9751]  ? __alloc_skb+0x5b7/0x710
[  296.412315][ T9751]  __alloc_skb+0x140/0x710
[  296.412332][ T9751]  ? __alloc_skb+0x5b7/0x710
[  296.412347][ T9751]  ? __pfx___alloc_skb+0x10/0x10
[  296.412365][ T9751]  ? __pfx_nf_tables_abort+0x10/0x10
[  296.412392][ T9751]  netlink_ack+0x117/0xb80
[  296.412422][ T9751]  nfnetlink_rcv_batch+0x1d52/0x2880
[  296.412455][ T9751]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  296.412476][ T9751]  ? __dev_queue_xmit+0x9ef/0x4950
[  296.412503][ T9751]  ? __local_bh_enable_ip+0x9e/0x120
[  296.412523][ T9751]  ? lockdep_hardirqs_on+0x78/0x100
[  296.412546][ T9751]  ? __dev_queue_xmit+0x9ef/0x4950
[  296.412599][ T9751]  ? __nla_parse+0x40/0x60
[  296.412624][ T9751]  nfnetlink_rcv+0x3bd/0x440
[  296.412641][ T9751]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  296.412666][ T9751]  netlink_unicast+0x585/0x850
[  296.412698][ T9751]  ? __pfx_netlink_unicast+0x10/0x10
[  296.412727][ T9751]  netlink_sendmsg+0x8b0/0xda0
[  296.412754][ T9751]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.412778][ T9751]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  296.412800][ T9751]  ____sys_sendmsg+0x9e1/0xb70
[  296.412821][ T9751]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.412845][ T9751]  ? __pfx_____sys_sendmsg+0x10/0x10
[  296.412896][ T9751]  ___sys_sendmsg+0x190/0x1e0
[  296.412921][ T9751]  ? __pfx____sys_sendmsg+0x10/0x10
[  296.412956][ T9751]  ? find_held_lock+0x2b/0x80
[  296.412993][ T9751]  __sys_sendmsg+0x170/0x220
[  296.413012][ T9751]  ? __pfx___sys_sendmsg+0x10/0x10
[  296.413028][ T9751]  ? __fget_files+0x21f/0x3d0
[  296.413055][ T9751]  ? ksys_write+0x1ac/0x250
[  296.413077][ T9751]  ? rcu_is_watching+0x12/0xc0
[  296.413100][ T9751]  __do_fast_syscall_32+0xe7/0x970
[  296.413124][ T9751]  ? lockdep_hardirqs_on+0x78/0x100
[  296.413150][ T9751]  do_fast_syscall_32+0x32/0x70
[  296.413175][ T9751]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  296.413196][ T9751] RIP: 0023:0xf700ef7c
[  296.413211][ T9751] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  296.413228][ T9751] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  296.413245][ T9751] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000500
[  296.413256][ T9751] RDX: 0000000020008000 RSI: 0000000000000000 RDI: 0000000000000000
[  296.413267][ T9751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  296.413276][ T9751] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  296.413286][ T9751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.413309][ T9751]  </TASK>
[  296.557593][ T9753] netlink: 8 bytes leftover after parsing attributes in process `syz.8.939'.
[  296.824873][ T9759] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.827203][ T9759] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.849488][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  296.863303][ T5532] wg2 speed is unknown, defaulting to 1000
[  296.940406][ T9763] syzkaller1: entered promiscuous mode
[  296.942554][ T9763] syzkaller1: entered allmulticast mode
[  297.157875][ T5532] usb 12-1: new high-speed USB device number 14 using dummy_hcd
[  297.309573][ T5532] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  297.316403][ T5532] usb 12-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  297.324011][ T5532] usb 12-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  297.332404][ T5532] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.341264][ T5532] usb 12-1: config 0 descriptor??
[  297.348545][ T5532] usbhid 12-1:0.0: couldn't find an input interrupt endpoint
[  297.436698][ T9781] FAULT_INJECTION: forcing a failure.
[  297.436698][ T9781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.442778][ T9781] CPU: 0 UID: 0 PID: 9781 Comm: syz.5.949 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  297.442806][ T9781] Tainted: [L]=SOFTLOCKUP
[  297.442811][ T9781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  297.442829][ T9781] Call Trace:
[  297.442833][ T9781]  <TASK>
[  297.442837][ T9781]  dump_stack_lvl+0x100/0x190
[  297.442858][ T9781]  should_fail_ex.cold+0x5/0xa
[  297.442872][ T9781]  _copy_from_iter+0x1f4/0x1690
[  297.442889][ T9781]  ? __asan_memset+0x23/0x50
[  297.442905][ T9781]  ? __pfx__copy_from_iter+0x10/0x10
[  297.442919][ T9781]  ? __pfx___alloc_skb+0x10/0x10
[  297.442935][ T9781]  netlink_sendmsg+0x808/0xda0
[  297.442953][ T9781]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.442968][ T9781]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  297.442982][ T9781]  ____sys_sendmsg+0x9e1/0xb70
[  297.442995][ T9781]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.443010][ T9781]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.443030][ T9781]  ___sys_sendmsg+0x190/0x1e0
[  297.443045][ T9781]  ? __pfx____sys_sendmsg+0x10/0x10
[  297.443065][ T9781]  ? find_held_lock+0x2b/0x80
[  297.443087][ T9781]  __sys_sendmsg+0x170/0x220
[  297.443097][ T9781]  ? __pfx___sys_sendmsg+0x10/0x10
[  297.443107][ T9781]  ? __fget_files+0x21f/0x3d0
[  297.443123][ T9781]  ? ksys_write+0x1ac/0x250
[  297.443136][ T9781]  ? rcu_is_watching+0x12/0xc0
[  297.443154][ T9781]  __do_fast_syscall_32+0xe7/0x970
[  297.443170][ T9781]  ? lockdep_hardirqs_on+0x78/0x100
[  297.443185][ T9781]  do_fast_syscall_32+0x32/0x70
[  297.443200][ T9781]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  297.443214][ T9781] RIP: 0023:0xf7fc7f7c
[  297.443223][ T9781] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  297.443234][ T9781] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  297.443244][ T9781] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  297.443251][ T9781] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  297.443256][ T9781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  297.443262][ T9781] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  297.443268][ T9781] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  297.443281][ T9781]  </TASK>
[  297.665820][   T34] usb 12-1: USB disconnect, device number 14
[  297.888521][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  298.131081][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  298.421779][ T9800] overlayfs: failed to resolve './bus': -2
[  298.510120][ T9807] ubi: mtd0 is already attached to ubi16
[  298.512592][ T9807] netlink: 'syz.4.957': attribute type 3 has an invalid length.
[  298.552681][ T9803] netlink: 'syz.7.958': attribute type 2 has an invalid length.
[  298.576754][ T9813] 9p: Bad value for 'wfdno'
[  298.650470][ T9818] 9p: Bad value for 'rfdno'
[  298.945374][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  299.049416][ T9833] FAULT_INJECTION: forcing a failure.
[  299.049416][ T9833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.053552][ T9833] CPU: 3 UID: 0 PID: 9833 Comm: syz.8.967 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  299.053571][ T9833] Tainted: [L]=SOFTLOCKUP
[  299.053574][ T9833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  299.053581][ T9833] Call Trace:
[  299.053585][ T9833]  <TASK>
[  299.053589][ T9833]  dump_stack_lvl+0x100/0x190
[  299.053613][ T9833]  should_fail_ex.cold+0x5/0xa
[  299.053634][ T9833]  _copy_from_user+0x2e/0xd0
[  299.053657][ T9833]  get_compat_msghdr+0xb3/0x4b0
[  299.053670][ T9833]  ? __pfx_get_compat_msghdr+0x10/0x10
[  299.053687][ T9833]  ___sys_sendmsg+0x1b6/0x1e0
[  299.053703][ T9833]  ? __pfx____sys_sendmsg+0x10/0x10
[  299.053723][ T9833]  ? find_held_lock+0x2b/0x80
[  299.053744][ T9833]  __sys_sendmsg+0x170/0x220
[  299.053755][ T9833]  ? __pfx___sys_sendmsg+0x10/0x10
[  299.053764][ T9833]  ? __fget_files+0x21f/0x3d0
[  299.053780][ T9833]  ? ksys_write+0x1ac/0x250
[  299.053793][ T9833]  ? rcu_is_watching+0x12/0xc0
[  299.053807][ T9833]  __do_fast_syscall_32+0xe7/0x970
[  299.053823][ T9833]  ? lockdep_hardirqs_on+0x78/0x100
[  299.053838][ T9833]  do_fast_syscall_32+0x32/0x70
[  299.053854][ T9833]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  299.053867][ T9833] RIP: 0023:0xf700ef7c
[  299.053877][ T9833] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  299.053887][ T9833] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  299.053898][ T9833] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  299.053905][ T9833] RDX: 0000000024000004 RSI: 0000000000000000 RDI: 0000000000000000
[  299.053911][ T9833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  299.053917][ T9833] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  299.053923][ T9833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  299.053935][ T9833]  </TASK>
[  299.215928][ T9836] netlink: 8 bytes leftover after parsing attributes in process `syz.8.968'.
[  299.364888][ T9838] syzkaller0: entered promiscuous mode
[  299.366807][ T9838] syzkaller0: entered allmulticast mode
[  299.788890][ T9851] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  299.791164][ T9851] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  299.796385][ T9855] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:00fb:a200 with DS=0x5
[  299.799242][ T9851] vhci_hcd vhci_hcd.0: Device attached
[  299.799573][ T9855] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:00fb:a200 with DS=0x5
[  299.805517][ T9855] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:00fb:a200 with DS=0x5
[  299.810457][ T9855] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:00fb:a200 with DS=0x5
[  299.814162][ T9855] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:00fb:a200 with DS=0x5
[  299.817914][ T9855] ip6_tunnel: non-ECT from fc01:0000:0000:0000:0000:0000:00fb:a200 with DS=0x5
[  300.003411][ T9860] wg2 speed is unknown, defaulting to 1000
[  300.067227][ T2078] usb 46-1: SetAddress Request (2) to port 0
[  300.070971][ T2078] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  300.090970][ T9864] wg2 speed is unknown, defaulting to 1000
[  300.371554][ T9852] vhci_hcd: connection reset by peer
[  300.375837][   T58] vhci_hcd vhci_hcd.4: stop threads
[  300.379111][   T58] vhci_hcd vhci_hcd.4: release socket
[  300.381278][   T58] vhci_hcd vhci_hcd.4: disconnect device
[  300.837231][ T5743] usb 13-1: new high-speed USB device number 10 using dummy_hcd
[  300.998631][ T5743] usb 13-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  301.120838][ T9879] FAULT_INJECTION: forcing a failure.
[  301.120838][ T9879] name failslab, interval 1, probability 0, space 0, times 0
[  301.125347][ T9879] CPU: 0 UID: 0 PID: 9879 Comm: syz.4.982 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  301.125366][ T9879] Tainted: [L]=SOFTLOCKUP
[  301.125370][ T9879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  301.125376][ T9879] Call Trace:
[  301.125381][ T9879]  <TASK>
[  301.125386][ T9879]  dump_stack_lvl+0x100/0x190
[  301.125408][ T9879]  should_fail_ex.cold+0x5/0xa
[  301.125422][ T9879]  should_failslab+0xc2/0x120
[  301.125436][ T9879]  __kmalloc_cache_noprof+0x7a/0x6f0
[  301.125451][ T9879]  ? sctp_association_new+0xbb/0x2990
[  301.125467][ T9879]  sctp_association_new+0xbb/0x2990
[  301.125483][ T9879]  sctp_connect_new_asoc+0x1a8/0x770
[  301.125499][ T9879]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  301.125516][ T9879]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  301.125532][ T9879]  sctp_sendmsg+0x1743/0x22e0
[  301.125549][ T9879]  ? __pfx_sctp_sendmsg+0x10/0x10
[  301.125565][ T9879]  ? aa_sk_perm+0x309/0xaa0
[  301.125580][ T9879]  ? __pfx_aa_sk_perm+0x10/0x10
[  301.125592][ T9879]  ? __might_fault+0xc5/0x140
[  301.125617][ T9879]  ? __pfx_sctp_sendmsg+0x10/0x10
[  301.125631][ T9879]  inet_sendmsg+0x11c/0x140
[  301.125648][ T9879]  __sys_sendto+0x446/0x4b0
[  301.125665][ T9879]  ? __pfx_inet_sendmsg+0x10/0x10
[  301.125681][ T9879]  ? __pfx___sys_sendto+0x10/0x10
[  301.125701][ T9879]  ? __fget_files+0x215/0x3d0
[  301.125713][ T9879]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  301.125735][ T9879]  ? fput+0x79/0x100
[  301.125748][ T9879]  ? ksys_write+0x1ac/0x250
[  301.125761][ T9879]  __ia32_sys_sendto+0xdd/0x1b0
[  301.125777][ T9879]  ? __do_fast_syscall_32+0x98/0x970
[  301.125792][ T9879]  ? lockdep_hardirqs_on+0x78/0x100
[  301.125807][ T9879]  __do_fast_syscall_32+0xe7/0x970
[  301.125822][ T9879]  ? lockdep_hardirqs_on+0x78/0x100
[  301.125837][ T9879]  do_fast_syscall_32+0x32/0x70
[  301.125853][ T9879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  301.125867][ T9879] RIP: 0023:0xf7f73f7c
[  301.125876][ T9879] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  301.125887][ T9879] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[  301.125898][ T9879] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080847fff
[  301.125905][ T9879] RDX: 0000000000000001 RSI: 00000000000000e0 RDI: 000000008005ffe4
[  301.125911][ T9879] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  301.125917][ T9879] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  301.125922][ T9879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  301.125935][ T9879]  </TASK>
[  301.240155][ T9881] FAULT_INJECTION: forcing a failure.
[  301.240155][ T9881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.244357][ T9881] CPU: 0 UID: 0 PID: 9881 Comm: syz.4.983 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  301.244383][ T9881] Tainted: [L]=SOFTLOCKUP
[  301.244389][ T9881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  301.244400][ T9881] Call Trace:
[  301.244406][ T9881]  <TASK>
[  301.244414][ T9881]  dump_stack_lvl+0x100/0x190
[  301.244448][ T9881]  should_fail_ex.cold+0x5/0xa
[  301.244471][ T9881]  _copy_from_iter+0x1f4/0x1690
[  301.244499][ T9881]  ? __asan_memset+0x23/0x50
[  301.244525][ T9881]  ? __pfx__copy_from_iter+0x10/0x10
[  301.244549][ T9881]  ? __pfx___alloc_skb+0x10/0x10
[  301.244575][ T9881]  netlink_sendmsg+0x808/0xda0
[  301.244602][ T9881]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.244628][ T9881]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  301.244652][ T9881]  ____sys_sendmsg+0x9e1/0xb70
[  301.244674][ T9881]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.244698][ T9881]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.244736][ T9881]  ___sys_sendmsg+0x190/0x1e0
[  301.244759][ T9881]  ? __pfx____sys_sendmsg+0x10/0x10
[  301.244790][ T9881]  ? find_held_lock+0x2b/0x80
[  301.244826][ T9881]  __sys_sendmsg+0x170/0x220
[  301.244844][ T9881]  ? __pfx___sys_sendmsg+0x10/0x10
[  301.244858][ T9881]  ? __fget_files+0x21f/0x3d0
[  301.244878][ T9881]  ? ksys_write+0x1ac/0x250
[  301.244891][ T9881]  ? rcu_is_watching+0x12/0xc0
[  301.244905][ T9881]  __do_fast_syscall_32+0xe7/0x970
[  301.244921][ T9881]  ? lockdep_hardirqs_on+0x78/0x100
[  301.244937][ T9881]  do_fast_syscall_32+0x32/0x70
[  301.244952][ T9881]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  301.244966][ T9881] RIP: 0023:0xf7f73f7c
[  301.244976][ T9881] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  301.244986][ T9881] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  301.244997][ T9881] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  301.245003][ T9881] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  301.245009][ T9881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  301.245015][ T9881] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  301.245021][ T9881] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  301.245033][ T9881]  </TASK>
[  301.567188][ T1341] usb 12-1: new high-speed USB device number 15 using dummy_hcd
[  301.629669][ T5743] usb 13-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  301.697222][ T1341] usb 12-1: device descriptor read/64, error -71
[  301.834022][ T5743] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 66
[  301.835399][ T9893] FAULT_INJECTION: forcing a failure.
[  301.835399][ T9893] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.836865][ T5743] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  301.855068][ T5743] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  301.861024][ T9893] CPU: 2 UID: 0 PID: 9893 Comm: syz.4.987 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  301.861043][ T9893] Tainted: [L]=SOFTLOCKUP
[  301.861046][ T9893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  301.861053][ T9893] Call Trace:
[  301.861057][ T9893]  <TASK>
[  301.861061][ T9893]  dump_stack_lvl+0x100/0x190
[  301.861083][ T5743] usb 13-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  301.861084][ T9893]  should_fail_ex.cold+0x5/0xa
[  301.861098][ T9893]  _copy_to_user+0x32/0xd0
[  301.861115][ T9893]  simple_read_from_buffer+0xcb/0x170
[  301.861129][ T9893]  proc_fail_nth_read+0x1af/0x230
[  301.861147][ T9893]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.861164][ T9893]  ? rw_verify_area+0xce/0x6d0
[  301.861175][ T9893]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.861192][ T9893]  vfs_read+0x1e4/0xb30
[  301.861205][ T9893]  ? __pfx_vfs_read+0x10/0x10
[  301.861216][ T9893]  ? find_held_lock+0x2b/0x80
[  301.861230][ T9893]  ? __fget_files+0x215/0x3d0
[  301.861244][ T9893]  ? __fget_files+0x21f/0x3d0
[  301.861260][ T9893]  ksys_read+0x12a/0x250
[  301.861271][ T9893]  ? __pfx_ksys_read+0x10/0x10
[  301.861283][ T9893]  ? rcu_is_watching+0x12/0xc0
[  301.861295][ T9893]  ? rcu_is_watching+0x12/0xc0
[  301.861309][ T9893]  do_int80_emulation+0x14b/0x720
[  301.861327][ T9893]  asm_int80_emulation+0x1a/0x20
[  301.861338][ T9893] RIP: 0023:0xf71761ab
[  301.861347][ T9893] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  301.861357][ T9893] RSP: 002b:00000000f54364bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  301.861368][ T9893] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f54365d0
[  301.861374][ T9893] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  301.861380][ T9893] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  301.861386][ T9893] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  301.861392][ T9893] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  301.861405][ T9893]  </TASK>
[  301.928958][ T5743] usb 13-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  301.931481][ T5743] usb 13-1: Product: syz
[  301.933000][ T5743] usb 13-1: Manufacturer: syz
[  301.940971][ T5743] cdc_wdm 13-1:1.0: skipping garbage
[  301.942711][ T5743] cdc_wdm 13-1:1.0: skipping garbage
[  301.946673][ T5743] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[  301.948573][ T5743] cdc_wdm 13-1:1.0: Unknown control protocol
[  301.957192][ T9895] wg2 speed is unknown, defaulting to 1000
[  301.957193][ T1341] usb 12-1: new high-speed USB device number 16 using dummy_hcd
[  302.097204][ T1341] usb 12-1: device descriptor read/64, error -71
[  302.211167][ T1341] usb usb12-port1: attempt power cycle
[  302.547250][ T1341] usb 12-1: new high-speed USB device number 17 using dummy_hcd
[  302.567767][ T1341] usb 12-1: device descriptor read/8, error -71
[  302.817276][ T1341] usb 12-1: new high-speed USB device number 18 using dummy_hcd
[  302.847702][ T5743] net_ratelimit: 3326 callbacks suppressed
[  302.847716][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.848451][ T1341] usb 12-1: device descriptor read/8, error -71
[  302.884880][ T9910] syzkaller1: entered promiscuous mode
[  302.894556][ T9910] syzkaller1: entered allmulticast mode
[  302.957837][ T1341] usb usb12-port1: unable to enumerate USB device
[  303.025760][ T9914] netlink: 7 bytes leftover after parsing attributes in process `syz.4.995'.
[  303.340751][ T9924] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.343547][ T9924] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.347817][ T9924] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.489142][ T9924] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.492129][ T9924] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.494791][ T9924] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.497405][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.547455][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.585413][ T5532] usb 13-1: USB disconnect, device number 10
[  303.767360][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  304.067387][ T5532] usb 13-1: new high-speed USB device number 11 using dummy_hcd
[  304.217212][ T5532] usb 13-1: Using ep0 maxpacket: 8
[  304.222576][ T5532] usb 13-1: config index 0 descriptor too short (expected 301, got 45)
[  304.225355][ T5532] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  304.228943][ T5532] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  304.242574][ T5532] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  304.246449][ T5532] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  304.250758][ T5532] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  304.254071][ T5532] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.320711][ T9940] nbd: must specify a size in bytes for the device
[  304.467323][ T5532] usb 13-1: usb_control_msg returned -32
[  304.469091][ T5532] usbtmc 13-1:16.0: can't read capabilities
[  304.509374][ T9951] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1009'.
[  304.597282][ T5743] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  304.644159][ T9953] wg2 speed is unknown, defaulting to 1000
[  304.647242][   T34] usb 12-1: new high-speed USB device number 19 using dummy_hcd
[  304.757158][ T5743] usb 10-1: Using ep0 maxpacket: 8
[  304.762174][ T5743] usb 10-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=99.03
[  304.768751][ T5743] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.773890][ T9932] usbtmc 13-1:16.0: INITIATE_CLEAR returned 89
[  304.776697][ T5743] usb 10-1: Product: syz
[  304.778229][ T5743] usb 10-1: Manufacturer: syz
[  304.779756][ T5743] usb 10-1: SerialNumber: syz
[  304.782757][ T5743] usb 10-1: config 0 descriptor??
[  304.788962][ T5743] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[  304.791843][ T5743] dvb-usb: bulk message failed: -22 (2/0)
[  304.793704][ T5743] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  304.796961][ T5743] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[  304.800033][ T5743] usb 10-1: media controller created
[  304.808280][ T5743] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  304.820927][   T34] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  304.827019][   T34] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  304.832390][   T34] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66
[  304.838179][ T5743] dvb-usb: bulk message failed: -22 (1/0)
[  304.839953][   T34] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  304.846977][ T5743] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[  304.850146][   T34] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  304.859321][ T5743] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb10/10-1/input/input19
[  304.864474][   T34] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  304.870058][   T34] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  304.872580][   T34] usb 12-1: Product: syz
[  304.873932][   T34] usb 12-1: Manufacturer: syz
[  304.875695][ T5743] dvb-usb: schedule remote query interval to 50 msecs.
[  304.878012][ T5743] dvb-usb: bulk message failed: -22 (2/0)
[  304.880883][ T5743] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[  304.891246][   T34] cdc_wdm 12-1:1.0: skipping garbage
[  304.896905][   T34] cdc_wdm 12-1:1.0: skipping garbage
[  304.903447][   T34] cdc_wdm 12-1:1.0: cdc-wdm1: USB WDM device
[  304.907347][   T34] cdc_wdm 12-1:1.0: Unknown control protocol
[  304.928058][ T9967] 9p: Bad value for 'wfdno'
[  304.950925][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  304.953834][   T34] dvb-usb: error while querying for an remote control event.
[  304.956428][ T9967] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1011'.
[  304.956459][ T9967] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1011'.
[  304.972312][   T34] usb 13-1: USB disconnect, device number 11
[  305.034676][ T5743] dvb-usb: bulk message failed: -22 (1/0)
[  305.036771][ T5743] dvb-usb: error while querying for an remote control event.
[  305.097045][ T5743] usb 12-1: USB disconnect, device number 19
[  305.099234][ T5848] dvb-usb: bulk message failed: -22 (1/0)
[  305.101009][ T5848] dvb-usb: error while querying for an remote control event.
[  305.168218][  T842] dvb-usb: bulk message failed: -22 (1/0)
[  305.170013][  T842] dvb-usb: error while querying for an remote control event.
[  305.170067][ T2078] usb 46-1: device descriptor read/8, error -110
[  305.247270][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  305.249157][   T34] dvb-usb: error while querying for an remote control event.
[  305.307179][ T5743] dvb-usb: bulk message failed: -22 (1/0)
[  305.309044][ T5743] dvb-usb: error while querying for an remote control event.
[  305.319817][ T5532] usb 10-1: USB disconnect, device number 16
[  305.352434][ T5532] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[  305.630861][ T2078] usb usb46-port1: attempt power cycle
[  305.672830][ T9981] netlink: 44 bytes leftover after parsing attributes in process `syz.7.1014'.
[  305.748612][ T9983] wg2 speed is unknown, defaulting to 1000
[  305.751135][ T9985] FAULT_INJECTION: forcing a failure.
[  305.751135][ T9985] name failslab, interval 1, probability 0, space 0, times 0
[  305.756210][ T9985] CPU: 3 UID: 0 PID: 9985 Comm: syz.7.1015 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  305.756238][ T9985] Tainted: [L]=SOFTLOCKUP
[  305.756244][ T9985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  305.756254][ T9985] Call Trace:
[  305.756260][ T9985]  <TASK>
[  305.756267][ T9985]  dump_stack_lvl+0x100/0x190
[  305.756302][ T9985]  should_fail_ex.cold+0x5/0xa
[  305.756324][ T9985]  ? sk_prot_alloc+0x10b/0x2a0
[  305.756345][ T9985]  should_failslab+0xc2/0x120
[  305.756366][ T9985]  __kmalloc_noprof+0xe0/0x850
[  305.756398][ T9985]  sk_prot_alloc+0x10b/0x2a0
[  305.756422][ T9985]  sk_alloc+0x36/0xe80
[  305.756439][ T9985]  bpf_prog_test_run_skb+0x4db/0x3540
[  305.756470][ T9985]  ? find_held_lock+0x2b/0x80
[  305.756498][ T9985]  ? __fget_files+0x131/0x3d0
[  305.756524][ T9985]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  305.756550][ T9985]  ? fput+0x79/0x100
[  305.756576][ T9985]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  305.756599][ T9985]  __sys_bpf+0x1725/0x4b90
[  305.756621][ T9985]  ? __pfx___sys_bpf+0x10/0x10
[  305.756634][ T9985]  ? get_pid_task+0x106/0x250
[  305.756659][ T9985]  ? proc_fail_nth_write+0x9f/0x220
[  305.756685][ T9985]  ? find_held_lock+0x2b/0x80
[  305.756710][ T9985]  ? find_held_lock+0x2b/0x80
[  305.756731][ T9985]  ? ksys_write+0x190/0x250
[  305.756754][ T9985]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  305.756779][ T9985]  ? __pfx_vfs_write+0x3/0x10
[  305.756812][ T9985]  ? fput+0x79/0x100
[  305.756835][ T9985]  ? ksys_write+0x1ac/0x250
[  305.756857][ T9985]  __ia32_sys_bpf+0x79/0xf0
[  305.756875][ T9985]  ? lockdep_hardirqs_on+0x78/0x100
[  305.756899][ T9985]  __do_fast_syscall_32+0xe7/0x970
[  305.756924][ T9985]  ? lockdep_hardirqs_on+0x78/0x100
[  305.756950][ T9985]  do_fast_syscall_32+0x32/0x70
[  305.756975][ T9985]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  305.756997][ T9985] RIP: 0023:0xf709ef7c
[  305.757011][ T9985] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  305.757027][ T9985] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  305.757044][ T9985] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000800002c0
[  305.757054][ T9985] RDX: 000000000000004c RSI: 0000000000000000 RDI: 0000000000000000
[  305.757064][ T9985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.757073][ T9985] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  305.757083][ T9985] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.757121][ T9985]  </TASK>
[  306.251919][ T2078] usb usb46-port1: unable to enumerate USB device
[  306.674932][T10003] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  306.676999][T10003] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  306.684214][T10003] vhci_hcd vhci_hcd.0: Device attached
[  306.733182][T10003] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1019'.
[  306.838189][ T6717] usb 12-1: new high-speed USB device number 20 using dummy_hcd
[  306.987637][ T2078] usb 48-1: SetAddress Request (2) to port 0
[  306.989608][ T2078] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[  307.019021][ T6717] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  307.021813][ T6717] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  307.024914][ T6717] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66
[  307.027857][ T6717] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  307.031228][ T6717] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  307.035840][ T6717] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  307.038851][ T6717] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  307.042446][ T6717] usb 12-1: Product: syz
[  307.043817][ T6717] usb 12-1: Manufacturer: syz
[  307.054037][ T6717] cdc_wdm 12-1:1.0: skipping garbage
[  307.056928][ T6717] cdc_wdm 12-1:1.0: skipping garbage
[  307.060513][ T6717] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  307.062418][ T6717] cdc_wdm 12-1:1.0: Unknown control protocol
[  307.094325][T10012] FAULT_INJECTION: forcing a failure.
[  307.094325][T10012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  307.099370][T10012] CPU: 0 UID: 0 PID: 10012 Comm: syz.4.1023 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  307.099398][T10012] Tainted: [L]=SOFTLOCKUP
[  307.099404][T10012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  307.099414][T10012] Call Trace:
[  307.099420][T10012]  <TASK>
[  307.099426][T10012]  dump_stack_lvl+0x100/0x190
[  307.099461][T10012]  should_fail_ex.cold+0x5/0xa
[  307.099482][T10012]  _copy_to_user+0x32/0xd0
[  307.099508][T10012]  simple_read_from_buffer+0xcb/0x170
[  307.099531][T10012]  proc_fail_nth_read+0x1af/0x230
[  307.099583][T10012]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  307.099611][T10012]  ? rw_verify_area+0xce/0x6d0
[  307.099627][T10012]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  307.099653][T10012]  vfs_read+0x1e4/0xb30
[  307.099675][T10012]  ? __pfx_vfs_read+0x10/0x10
[  307.099691][T10012]  ? find_held_lock+0x2b/0x80
[  307.099712][T10012]  ? __fget_files+0x215/0x3d0
[  307.099736][T10012]  ? __fget_files+0x21f/0x3d0
[  307.099762][T10012]  ksys_read+0x12a/0x250
[  307.099781][T10012]  ? __pfx_ksys_read+0x10/0x10
[  307.099798][T10012]  ? rcu_is_watching+0x12/0xc0
[  307.099817][T10012]  ? rcu_is_watching+0x12/0xc0
[  307.099839][T10012]  do_int80_emulation+0x14b/0x720
[  307.099868][T10012]  asm_int80_emulation+0x1a/0x20
[  307.099884][T10012] RIP: 0023:0xf71761ab
[  307.099898][T10012] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  307.099913][T10012] RSP: 002b:00000000f54364bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  307.099929][T10012] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54365d0
[  307.099939][T10012] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  307.099948][T10012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  307.099957][T10012] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  307.099967][T10012] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  307.099990][T10012]  </TASK>
[  307.166970][ T1341] usb 13-1: new full-speed USB device number 12 using dummy_hcd
[  307.259799][    C1] wdm_int_callback: 9 callbacks suppressed
[  307.259821][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.264929][    C1] wdm_int_callback: 9 callbacks suppressed
[  307.264945][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.269829][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.272457][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.274813][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.276960][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.279191][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.281235][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.283267][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.285479][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.287750][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.289774][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.291785][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.293788][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.296464][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.299079][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.301404][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.303402][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.305922][    C1] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  307.307275][ T1341] usb 13-1: device descriptor read/64, error -71
[  307.308305][    C1] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  307.320323][T10004] vhci_hcd: connection reset by peer
[  307.321837][ T6717] usb 12-1: USB disconnect, device number 20
[  307.329244][   T46] vhci_hcd vhci_hcd.5: stop threads
[  307.331337][   T46] vhci_hcd vhci_hcd.5: release socket
[  307.334888][   T46] vhci_hcd vhci_hcd.5: disconnect device
[  307.365327][T10016] FAULT_INJECTION: forcing a failure.
[  307.365327][T10016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  307.369953][T10016] CPU: 0 UID: 0 PID: 10016 Comm: syz.4.1025 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  307.369972][T10016] Tainted: [L]=SOFTLOCKUP
[  307.369975][T10016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  307.369986][T10016] Call Trace:
[  307.369990][T10016]  <TASK>
[  307.369994][T10016]  dump_stack_lvl+0x100/0x190
[  307.370016][T10016]  should_fail_ex.cold+0x5/0xa
[  307.370030][T10016]  _copy_from_iter+0x1f4/0x1690
[  307.370046][T10016]  ? __asan_memset+0x23/0x50
[  307.370063][T10016]  ? __pfx__copy_from_iter+0x10/0x10
[  307.370077][T10016]  ? __pfx___alloc_skb+0x10/0x10
[  307.370088][T10016]  ? __pfx___might_resched+0x10/0x10
[  307.370104][T10016]  netlink_sendmsg+0x808/0xda0
[  307.370120][T10016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.370135][T10016]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  307.370148][T10016]  ____sys_sendmsg+0x9e1/0xb70
[  307.370161][T10016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.370175][T10016]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.370195][T10016]  ___sys_sendmsg+0x190/0x1e0
[  307.370210][T10016]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.370230][T10016]  ? find_held_lock+0x2b/0x80
[  307.370251][T10016]  __sys_sendmsg+0x170/0x220
[  307.370262][T10016]  ? __pfx___sys_sendmsg+0x10/0x10
[  307.370271][T10016]  ? __fget_files+0x21f/0x3d0
[  307.370289][T10016]  ? rcu_is_watching+0x12/0xc0
[  307.370303][T10016]  __do_fast_syscall_32+0xe7/0x970
[  307.370319][T10016]  ? lockdep_hardirqs_on+0x78/0x100
[  307.370334][T10016]  do_fast_syscall_32+0x32/0x70
[  307.370350][T10016]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  307.370363][T10016] RIP: 0023:0xf7f73f7c
[  307.370372][T10016] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  307.370382][T10016] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  307.370393][T10016] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  307.370399][T10016] RDX: 00000000040c0080 RSI: 0000000000000000 RDI: 0000000000000000
[  307.370405][T10016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  307.370411][T10016] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  307.370416][T10016] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  307.370429][T10016]  </TASK>
[  307.580749][T10021] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1026'.
[  308.006356][ T5918] net_ratelimit: 19 callbacks suppressed
[  308.006377][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  308.073032][ T1341] usb 13-1: new full-speed USB device number 13 using dummy_hcd
[  308.426805][T10031] netlink: 'syz.5.1029': attribute type 62 has an invalid length.
[  308.475061][T10033] wg2 speed is unknown, defaulting to 1000
[  308.527381][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  308.537412][ T1341] usb 13-1: device descriptor read/64, error -71
[  308.657723][ T1341] usb usb13-port1: attempt power cycle
[  309.017252][ T1341] usb 13-1: new full-speed USB device number 14 using dummy_hcd
[  309.040283][ T1341] usb 13-1: device descriptor read/8, error -71
[  309.239422][T10037] netlink: 'syz.4.1031': attribute type 1 has an invalid length.
[  309.241887][T10037] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1031'.
[  309.367284][ T1341] usb 13-1: new full-speed USB device number 15 using dummy_hcd
[  310.116714][ T1341] usb 13-1: device descriptor read/8, error -71
[  310.229500][ T1341] usb usb13-port1: unable to enumerate USB device
[  310.235333][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  310.240119][ T5743] usb 12-1: new high-speed USB device number 21 using dummy_hcd
[  310.398791][ T5743] usb 12-1: config 0 has an invalid interface number: 50 but max is 0
[  310.402132][ T5743] usb 12-1: config 0 has no interface number 0
[  310.404552][ T5743] usb 12-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  310.410799][ T5743] usb 12-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  310.414257][ T5743] usb 12-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  310.416968][ T5743] usb 12-1: Product: syz
[  310.418379][ T5743] usb 12-1: Manufacturer: syz
[  310.419839][ T5743] usb 12-1: SerialNumber: syz
[  310.422503][ T5743] usb 12-1: config 0 descriptor??
[  310.430560][ T5743] yurex 12-1:0.50: USB YUREX device now attached to Yurex #0
[  310.631533][T10048] 9pnet_virtio: no channels available for device syz
[  310.667532][T10048] netlink: 'syz.7.1035': attribute type 21 has an invalid length.
[  310.807400][ T6875] usb 13-1: new high-speed USB device number 16 using dummy_hcd
[  311.012932][ T6875] usb 13-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  311.024902][ T6875] usb 13-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  311.047237][ T6875] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 66
[  311.068577][ T6875] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  311.081860][    C3] usb 12-1: yurex_control_callback - control failed: -71
[  311.097573][ T6875] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  311.110763][   T59] usb 12-1: USB disconnect, device number 21
[  311.130786][   T59] yurex 12-1:0.50: USB YUREX #0 now disconnected
[  311.151613][ T6875] usb 13-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  311.154974][ T6875] usb 13-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  311.163575][ T6875] usb 13-1: Product: syz
[  311.167922][ T6875] usb 13-1: Manufacturer: syz
[  311.209173][ T6875] cdc_wdm 13-1:1.0: skipping garbage
[  311.211229][ T6875] cdc_wdm 13-1:1.0: skipping garbage
[  311.227532][ T6875] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[  311.230829][ T6875] cdc_wdm 13-1:1.0: Unknown control protocol
[  311.248244][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  311.453476][    C2] cdc_wdm 13-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  311.456859][ T5532] usb 13-1: USB disconnect, device number 16
[  311.717780][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  311.908806][T10071] wg2 speed is unknown, defaulting to 1000
[  312.019304][ T5743] usb 12-1: new high-speed USB device number 22 using dummy_hcd
[  312.047273][ T2078] usb 48-1: device descriptor read/8, error -110
[  312.128944][T10074] syz_tun: entered allmulticast mode
[  312.154960][T10073] syz_tun: left allmulticast mode
[  312.168758][ T5743] usb 12-1: config 0 has an invalid interface number: 50 but max is 0
[  312.175020][ T5743] usb 12-1: config 0 has no interface number 0
[  312.183031][ T5743] usb 12-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  312.192600][ T5743] usb 12-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  312.197805][ T5743] usb 12-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  312.204565][ T5743] usb 12-1: Product: syz
[  312.206233][ T5743] usb 12-1: Manufacturer: syz
[  312.215050][ T5743] usb 12-1: SerialNumber: syz
[  312.220579][ T5743] usb 12-1: config 0 descriptor??
[  312.232197][ T5743] yurex 12-1:0.50: USB YUREX device now attached to Yurex #0
[  312.285221][T10081] FAULT_INJECTION: forcing a failure.
[  312.285221][T10081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.290610][T10081] CPU: 1 UID: 0 PID: 10081 Comm: syz.8.1044 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  312.290630][T10081] Tainted: [L]=SOFTLOCKUP
[  312.290634][T10081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  312.290641][T10081] Call Trace:
[  312.290645][T10081]  <TASK>
[  312.290650][T10081]  dump_stack_lvl+0x100/0x190
[  312.290672][T10081]  should_fail_ex.cold+0x5/0xa
[  312.290687][T10081]  _copy_from_iter+0x1f4/0x1690
[  312.290704][T10081]  ? __asan_memset+0x23/0x50
[  312.290722][T10081]  ? __pfx__copy_from_iter+0x10/0x10
[  312.290737][T10081]  ? __pfx___alloc_skb+0x10/0x10
[  312.290753][T10081]  netlink_sendmsg+0x808/0xda0
[  312.290770][T10081]  ? __pfx_netlink_sendmsg+0x10/0x10
[  312.290786][T10081]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  312.290800][T10081]  ____sys_sendmsg+0x9e1/0xb70
[  312.290815][T10081]  ? __pfx_netlink_sendmsg+0x10/0x10
[  312.290830][T10081]  ? __pfx_____sys_sendmsg+0x10/0x10
[  312.290855][T10081]  ___sys_sendmsg+0x190/0x1e0
[  312.290877][T10081]  ? __pfx____sys_sendmsg+0x10/0x10
[  312.290909][T10081]  ? find_held_lock+0x2b/0x80
[  312.290932][T10081]  __sys_sendmsg+0x170/0x220
[  312.290944][T10081]  ? __pfx___sys_sendmsg+0x10/0x10
[  312.290954][T10081]  ? __fget_files+0x21f/0x3d0
[  312.290971][T10081]  ? ksys_write+0x1ac/0x250
[  312.290987][T10081]  ? rcu_is_watching+0x12/0xc0
[  312.291001][T10081]  __do_fast_syscall_32+0xe7/0x970
[  312.291018][T10081]  ? lockdep_hardirqs_on+0x78/0x100
[  312.291034][T10081]  do_fast_syscall_32+0x32/0x70
[  312.291051][T10081]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  312.291065][T10081] RIP: 0023:0xf700ef7c
[  312.291074][T10081] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  312.291085][T10081] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  312.291096][T10081] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[  312.291103][T10081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  312.291109][T10081] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  312.291115][T10081] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  312.291121][T10081] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  312.291135][T10081]  </TASK>
[  312.297915][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  312.527549][T10069] netlink: 'syz.7.1041': attribute type 21 has an invalid length.
[  312.650519][ T5112] usb 12-1: USB disconnect, device number 22
[  312.654162][T10069] yurex 12-1:0.50: yurex_write - failed to send bulk msg, error -19
[  312.659218][ T5112] yurex 12-1:0.50: USB YUREX #0 now disconnected
[  312.933183][ T2078] usb usb48-port1: attempt power cycle
[  313.327751][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  313.490042][ T2078] usb usb48-port1: unable to enumerate USB device
[  313.729934][ T5743] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  313.735552][T10098] netlink: 'syz.8.1050': attribute type 1 has an invalid length.
[  313.759560][T10098] 8021q: adding VLAN 0 to HW filter on device bond2
[  313.787826][T10098] bond2: (slave geneve2): making interface the new active one
[  313.792531][T10098] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  313.882488][ T5743] usb 9-1: config 0 has an invalid interface number: 50 but max is 0
[  313.886101][ T5743] usb 9-1: config 0 has no interface number 0
[  313.889184][ T5743] usb 9-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  313.896424][ T5743] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  313.900064][ T5743] usb 9-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  313.903197][ T5743] usb 9-1: Product: syz
[  313.904946][ T5743] usb 9-1: Manufacturer: syz
[  313.906885][ T5743] usb 9-1: SerialNumber: syz
[  313.910082][ T5743] usb 9-1: config 0 descriptor??
[  313.916864][ T5743] yurex 9-1:0.50: USB YUREX device now attached to Yurex #0
[  314.047671][ T5112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  314.117250][T10093] 9pnet_virtio: no channels available for device syz
[  314.148479][T10093] netlink: 'syz.4.1049': attribute type 21 has an invalid length.
[  314.269748][T10109] geneve2: entered promiscuous mode
[  314.324601][ T5112] usb 9-1: USB disconnect, device number 11
[  314.331638][T10093] yurex 9-1:0.50: yurex_write - failed to send bulk msg, error -19
[  314.371108][ T5112] yurex 9-1:0.50: USB YUREX #0 now disconnected
[  314.377538][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  314.443528][T10110] ptrace attach of ""[10111] was attempted by "/syz-executor exec"[10110]
[  314.450067][   T40] kauditd_printk_skb: 68 callbacks suppressed
[  314.450083][   T40] audit: type=1800 audit(1781111058.637:126): pid=10110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1053" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  314.627274][T10113] wg2 speed is unknown, defaulting to 1000
[  314.777631][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  314.810400][T10117] syzkaller0: entered promiscuous mode
[  314.812191][T10117] syzkaller0: entered allmulticast mode
[  314.910309][T10120] netlink: 216 bytes leftover after parsing attributes in process `syz.8.1056'.
[  314.914549][T10120] netlink: 'syz.8.1056': attribute type 2 has an invalid length.
[  314.973015][T10122] wg2 speed is unknown, defaulting to 1000
[  315.417705][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  316.348815][T10142] wg2 speed is unknown, defaulting to 1000
[  316.518936][T10147] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1063'.
[  316.715881][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  316.748377][T10149] FAULT_INJECTION: forcing a failure.
[  316.748377][T10149] name failslab, interval 1, probability 0, space 0, times 0
[  316.753370][T10149] CPU: 2 UID: 0 PID: 10149 Comm: syz.8.1065 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  316.753399][T10149] Tainted: [L]=SOFTLOCKUP
[  316.753405][T10149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  316.753416][T10149] Call Trace:
[  316.753424][T10149]  <TASK>
[  316.753431][T10149]  dump_stack_lvl+0x100/0x190
[  316.753467][T10149]  should_fail_ex.cold+0x5/0xa
[  316.753499][T10149]  should_failslab+0xc2/0x120
[  316.753529][T10149]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  316.753554][T10149]  ? skb_clone+0x190/0x400
[  316.753576][T10149]  skb_clone+0x190/0x400
[  316.753594][T10149]  netlink_deliver_tap+0xaed/0xcc0
[  316.753621][T10149]  netlink_unicast+0x62b/0x850
[  316.753645][T10149]  ? __pfx_netlink_unicast+0x10/0x10
[  316.753672][T10149]  netlink_sendmsg+0x8b0/0xda0
[  316.753696][T10149]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.753719][T10149]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  316.753740][T10149]  ____sys_sendmsg+0x9e1/0xb70
[  316.753761][T10149]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.753785][T10149]  ? __pfx_____sys_sendmsg+0x10/0x10
[  316.753819][T10149]  ___sys_sendmsg+0x190/0x1e0
[  316.753843][T10149]  ? __pfx____sys_sendmsg+0x10/0x10
[  316.753879][T10149]  ? find_held_lock+0x2b/0x80
[  316.753916][T10149]  __sys_sendmsg+0x170/0x220
[  316.753935][T10149]  ? __pfx___sys_sendmsg+0x10/0x10
[  316.753950][T10149]  ? __fget_files+0x21f/0x3d0
[  316.753979][T10149]  ? ksys_write+0x1ac/0x250
[  316.753999][T10149]  ? rcu_is_watching+0x12/0xc0
[  316.754020][T10149]  __do_fast_syscall_32+0xe7/0x970
[  316.754046][T10149]  ? lockdep_hardirqs_on+0x78/0x100
[  316.754071][T10149]  do_fast_syscall_32+0x32/0x70
[  316.754097][T10149]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  316.754119][T10149] RIP: 0023:0xf700ef7c
[  316.754132][T10149] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  316.754148][T10149] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  316.754165][T10149] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  316.754176][T10149] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  316.754185][T10149] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  316.754194][T10149] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  316.754204][T10149] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  316.754227][T10149]  </TASK>
[  316.960017][T10155] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.962800][T10155] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.018202][ T1341] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  317.074433][T10155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.082321][T10155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.157304][ T5840] usb 13-1: new high-speed USB device number 17 using dummy_hcd
[  317.166850][ T5918] wg2 speed is unknown, defaulting to 1000
[  317.166931][   T46] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.171148][ T5918] syz2: Port: 1 Link DOWN
[  317.175245][   T46] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.178311][ T1341] usb 10-1: config 0 has an invalid interface number: 50 but max is 0
[  317.181029][   T46] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.185106][ T1341] usb 10-1: config 0 has no interface number 0
[  317.188828][ T1341] usb 10-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  317.195633][   T46] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.200148][ T5918] wg2 speed is unknown, defaulting to 1000
[  317.203794][ T1341] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  317.207675][ T1341] usb 10-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  317.210969][ T1341] usb 10-1: Product: syz
[  317.212720][ T1341] usb 10-1: Manufacturer: syz
[  317.214630][ T1341] usb 10-1: SerialNumber: syz
[  317.233598][ T1341] usb 10-1: config 0 descriptor??
[  317.250650][ T1341] yurex 10-1:0.50: USB YUREX device now attached to Yurex #0
[  317.318451][ T5840] usb 13-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  317.322089][ T5840] usb 13-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  317.325239][ T5840] usb 13-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  317.329723][ T5840] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.338336][T10153] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  317.354370][ T5840] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[  317.357091][T10161] wg2 speed is unknown, defaulting to 1000
[  317.436490][T10165] syzkaller0: entered promiscuous mode
[  317.438674][T10165] syzkaller0: entered allmulticast mode
[  317.443177][T10165] FAULT_INJECTION: forcing a failure.
[  317.443177][T10165] name failslab, interval 1, probability 0, space 0, times 0
[  317.447277][T10165] CPU: 2 UID: 0 PID: 10165 Comm: syz.7.1071 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  317.447295][T10165] Tainted: [L]=SOFTLOCKUP
[  317.447299][T10165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  317.447306][T10165] Call Trace:
[  317.447310][T10165]  <TASK>
[  317.447315][T10165]  dump_stack_lvl+0x100/0x190
[  317.447337][T10165]  should_fail_ex.cold+0x5/0xa
[  317.447351][T10165]  should_failslab+0xc2/0x120
[  317.447364][T10165]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  317.447381][T10165]  ? __alloc_skb+0x140/0x710
[  317.447390][T10165]  ? __alloc_skb+0x5b7/0x710
[  317.447452][T10165]  __alloc_skb+0x140/0x710
[  317.447463][T10165]  ? __alloc_skb+0x5b7/0x710
[  317.447472][T10165]  ? __pfx___alloc_skb+0x10/0x10
[  317.447485][T10165]  alloc_skb_with_frags+0xdd/0x760
[  317.447497][T10165]  ? __might_fault+0xc5/0x140
[  317.447515][T10165]  ? __might_fault+0xc5/0x140
[  317.447533][T10165]  sock_alloc_send_pskb+0x801/0x980
[  317.447551][T10165]  ? _copy_from_iter+0x270/0x1690
[  317.447576][T10165]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  317.447601][T10165]  ? find_held_lock+0x2b/0x80
[  317.447617][T10165]  ? dev_get_by_index+0x180/0x380
[  317.447626][T10165]  ? dev_get_by_index+0x180/0x380
[  317.447639][T10165]  packet_sendmsg+0x1eda/0x5100
[  317.447660][T10165]  ? __pfx___might_resched+0x10/0x10
[  317.447671][T10165]  ? __lock_acquire+0x4a5/0x2630
[  317.447688][T10165]  ? aa_sk_perm+0x309/0xaa0
[  317.447703][T10165]  ? __pfx_packet_sendmsg+0x10/0x10
[  317.447717][T10165]  ? __pfx_aa_sk_perm+0x10/0x10
[  317.447733][T10165]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  317.447746][T10165]  ____sys_sendmsg+0x9e1/0xb70
[  317.447772][T10165]  ? __pfx_packet_sendmsg+0x10/0x10
[  317.447788][T10165]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.447808][T10165]  ___sys_sendmsg+0x190/0x1e0
[  317.447830][T10165]  ? __pfx____sys_sendmsg+0x10/0x10
[  317.447863][T10165]  ? find_held_lock+0x2b/0x80
[  317.447898][T10165]  __sys_sendmsg+0x170/0x220
[  317.447919][T10165]  ? __pfx___sys_sendmsg+0x10/0x10
[  317.447932][T10165]  ? __fget_files+0x21f/0x3d0
[  317.447949][T10165]  ? ksys_write+0x1ac/0x250
[  317.447962][T10165]  ? rcu_is_watching+0x12/0xc0
[  317.447976][T10165]  __do_fast_syscall_32+0xe7/0x970
[  317.447993][T10165]  ? lockdep_hardirqs_on+0x78/0x100
[  317.448014][T10165]  do_fast_syscall_32+0x32/0x70
[  317.448030][T10165]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  317.448044][T10165] RIP: 0023:0xf709ef7c
[  317.448053][T10165] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  317.448064][T10165] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  317.448075][T10165] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[  317.448081][T10165] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  317.448087][T10165] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  317.448093][T10165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  317.448099][T10165] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  317.448112][T10165]  </TASK>
[  317.605687][  T842] usb 13-1: USB disconnect, device number 17
[  317.676269][T10151] netlink: 'syz.5.1066': attribute type 21 has an invalid length.
[  317.727541][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  317.801364][ T1341] usb 10-1: USB disconnect, device number 17
[  317.806517][ T1341] yurex 10-1:0.50: USB YUREX #0 now disconnected
[  317.809760][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.137278][  T842] usb 13-1: new high-speed USB device number 18 using dummy_hcd
[  318.267216][  T842] usb 13-1: device descriptor read/64, error -71
[  318.507345][  T842] usb 13-1: new high-speed USB device number 19 using dummy_hcd
[  318.637230][  T842] usb 13-1: device descriptor read/64, error -71
[  318.751172][  T842] usb usb13-port1: attempt power cycle
[  318.767501][ T5848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.097550][  T842] usb 13-1: new high-speed USB device number 20 using dummy_hcd
[  319.117674][  T842] usb 13-1: device descriptor read/8, error -71
[  319.357245][  T842] usb 13-1: new high-speed USB device number 21 using dummy_hcd
[  319.379232][  T842] usb 13-1: device descriptor read/8, error -71
[  319.432756][T10177] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1073'.
[  319.484518][T10179] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1075'.
[  319.499241][  T842] usb usb13-port1: unable to enumerate USB device
[  319.538585][T10181] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1076'.
[  319.603269][T10183] netlink: 256 bytes leftover after parsing attributes in process `syz.5.1077'.
[  319.807516][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.968930][T10190] FAULT_INJECTION: forcing a failure.
[  319.968930][T10190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.974825][T10190] CPU: 1 UID: 0 PID: 10190 Comm: syz.8.1079 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  319.974842][T10190] Tainted: [L]=SOFTLOCKUP
[  319.974846][T10190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  319.974852][T10190] Call Trace:
[  319.974856][T10190]  <TASK>
[  319.974861][T10190]  dump_stack_lvl+0x100/0x190
[  319.974882][T10190]  should_fail_ex.cold+0x5/0xa
[  319.974897][T10190]  _copy_to_user+0x32/0xd0
[  319.974927][T10190]  simple_read_from_buffer+0xcb/0x170
[  319.974942][T10190]  proc_fail_nth_read+0x1af/0x230
[  319.974959][T10190]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  319.974976][T10190]  ? rw_verify_area+0xce/0x6d0
[  319.974987][T10190]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  319.975003][T10190]  vfs_read+0x1e4/0xb30
[  319.975016][T10190]  ? __pfx_vfs_read+0x10/0x10
[  319.975027][T10190]  ? find_held_lock+0x2b/0x80
[  319.975040][T10190]  ? __fget_files+0x215/0x3d0
[  319.975055][T10190]  ? __fget_files+0x21f/0x3d0
[  319.975070][T10190]  ksys_read+0x12a/0x250
[  319.975081][T10190]  ? __pfx_ksys_read+0x10/0x10
[  319.975093][T10190]  ? rcu_is_watching+0x12/0xc0
[  319.975118][T10190]  ? rcu_is_watching+0x12/0xc0
[  319.975132][T10190]  do_int80_emulation+0x14b/0x720
[  319.975150][T10190]  asm_int80_emulation+0x1a/0x20
[  319.975163][T10190] RIP: 0023:0xf71461ab
[  319.975171][T10190] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  319.975182][T10190] RSP: 002b:00000000f53fd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  319.975192][T10190] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f53fd5d0
[  319.975198][T10190] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  319.975204][T10190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  319.975210][T10190] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  319.975216][T10190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  319.975229][T10190]  </TASK>
[  320.105817][T10192] netlink: 'syz.8.1080': attribute type 1 has an invalid length.
[  320.109618][T10192] netlink: 224 bytes leftover after parsing attributes in process `syz.8.1080'.
[  320.397532][ T1341] usb 13-1: new high-speed USB device number 22 using dummy_hcd
[  320.577105][ T1341] usb 13-1: config 0 has an invalid interface number: 50 but max is 0
[  320.582282][ T1341] usb 13-1: config 0 has no interface number 0
[  320.585394][ T1341] usb 13-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  320.615346][ T1341] usb 13-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  320.624891][ T1341] usb 13-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  320.633733][ T1341] usb 13-1: Product: syz
[  320.649998][ T1341] usb 13-1: Manufacturer: syz
[  320.656464][ T1341] usb 13-1: SerialNumber: syz
[  320.720641][ T1341] usb 13-1: config 0 descriptor??
[  320.852091][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  320.859549][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  320.970991][ T1341] yurex 13-1:0.50: USB YUREX device now attached to Yurex #0
[  321.493582][T10194] netlink: 'syz.8.1081': attribute type 21 has an invalid length.
[  321.643934][ T5918] usb 13-1: USB disconnect, device number 22
[  321.649523][ T5918] yurex 13-1:0.50: USB YUREX #0 now disconnected
[  321.732297][ T1433] ieee802154 phy0 wpan0: encryption failed: -22
[  321.889245][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  322.458784][T10215] netlink: 256 bytes leftover after parsing attributes in process `syz.7.1087'.
[  322.722602][T10220] wg2 speed is unknown, defaulting to 1000
[  322.928301][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.133089][T10225] Mount JFS Failure: -5
[  323.134470][T10225] jfs_mount failed w/return code = -5
[  323.457229][   T40] audit: type=1326 audit(1781111067.607:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10219 comm="syz.7.1088" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf709ef7c code=0x0
[  323.657407][ T5840] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.852947][T10238] overlayfs: missing 'workdir'
[  323.897482][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.967758][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.208860][ T5743] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  324.371691][ T5743] usb 9-1: config 0 has an invalid interface number: 50 but max is 0
[  324.374725][ T5743] usb 9-1: config 0 has no interface number 0
[  324.376609][ T5743] usb 9-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  324.382237][ T5743] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  324.385082][ T5743] usb 9-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  324.387704][ T5743] usb 9-1: Product: syz
[  324.389201][ T5743] usb 9-1: Manufacturer: syz
[  324.390953][ T5743] usb 9-1: SerialNumber: syz
[  324.394702][ T5743] usb 9-1: config 0 descriptor??
[  324.407054][ T5743] yurex 9-1:0.50: USB YUREX device now attached to Yurex #0
[  324.684179][T10244] netlink: 'syz.4.1094': attribute type 21 has an invalid length.
[  324.815127][T10251] wg2 speed is unknown, defaulting to 1000
[  324.837720][ T5743] usb 9-1: USB disconnect, device number 12
[  324.845013][T10244] yurex 9-1:0.50: yurex_write - failed to send bulk msg, error -19
[  324.845165][ T5743] yurex 9-1:0.50: USB YUREX #0 now disconnected
[  325.007800][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  325.855570][T10258] syzkaller0: entered promiscuous mode
[  325.857535][T10258] syzkaller0: entered allmulticast mode
[  326.048409][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  326.278415][T10268] netlink: 260 bytes leftover after parsing attributes in process `syz.8.1100'.
[  326.367356][ T5744] Bluetooth: hci3: command 0x1003 tx timeout
[  326.376580][   T62] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  326.574096][T10274] TCP: TCP_TX_DELAY enabled
[  326.646370][T10279] FAULT_INJECTION: forcing a failure.
[  326.646370][T10279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.651460][T10279] CPU: 0 UID: 0 PID: 10279 Comm: syz.8.1104 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  326.651487][T10279] Tainted: [L]=SOFTLOCKUP
[  326.651493][T10279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  326.651503][T10279] Call Trace:
[  326.651509][T10279]  <TASK>
[  326.651516][T10279]  dump_stack_lvl+0x100/0x190
[  326.651547][T10279]  should_fail_ex.cold+0x5/0xa
[  326.651569][T10279]  _copy_from_iter+0x1f4/0x1690
[  326.651596][T10279]  ? __asan_memset+0x23/0x50
[  326.651621][T10279]  ? __pfx__copy_from_iter+0x10/0x10
[  326.651642][T10279]  ? __pfx___alloc_skb+0x10/0x10
[  326.651664][T10279]  netlink_sendmsg+0x808/0xda0
[  326.651686][T10279]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.651706][T10279]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  326.651725][T10279]  ____sys_sendmsg+0x9e1/0xb70
[  326.651742][T10279]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.651761][T10279]  ? __pfx_____sys_sendmsg+0x10/0x10
[  326.651796][T10279]  ___sys_sendmsg+0x190/0x1e0
[  326.651817][T10279]  ? __pfx____sys_sendmsg+0x10/0x10
[  326.651846][T10279]  ? find_held_lock+0x2b/0x80
[  326.651878][T10279]  __sys_sendmsg+0x170/0x220
[  326.651894][T10279]  ? __pfx___sys_sendmsg+0x10/0x10
[  326.651909][T10279]  ? __fget_files+0x21f/0x3d0
[  326.651935][T10279]  ? ksys_write+0x1ac/0x250
[  326.651956][T10279]  ? rcu_is_watching+0x12/0xc0
[  326.651979][T10279]  __do_fast_syscall_32+0xe7/0x970
[  326.652004][T10279]  ? lockdep_hardirqs_on+0x78/0x100
[  326.652029][T10279]  do_fast_syscall_32+0x32/0x70
[  326.652053][T10279]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  326.652076][T10279] RIP: 0023:0xf700ef7c
[  326.652090][T10279] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  326.652107][T10279] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  326.652122][T10279] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  326.652131][T10279] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  326.652139][T10279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  326.652148][T10279] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  326.652157][T10279] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  326.652178][T10279]  </TASK>
[  326.853680][T10282] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1105'.
[  326.899333][T10284] wg2 speed is unknown, defaulting to 1000
[  326.912857][T10286] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1107'.
[  326.927474][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  326.988623][T10292] ieee802154 phy0 wpan0: encryption failed: -90
[  327.092337][T10295] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  327.096049][T10295] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  327.098791][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  327.101556][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  327.104725][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  327.447302][ T6717] usb 13-1: new high-speed USB device number 23 using dummy_hcd
[  327.601476][ T6717] usb 13-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  327.606153][ T6717] usb 13-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  327.613430][ T6717] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 66
[  327.619230][ T6717] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  327.625233][ T6717] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  327.636888][ T6717] usb 13-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  327.641249][ T6717] usb 13-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  327.644021][ T6717] usb 13-1: Product: syz
[  327.645594][ T6717] usb 13-1: Manufacturer: syz
[  327.655332][ T6717] cdc_wdm 13-1:1.0: skipping garbage
[  327.658003][ T6717] cdc_wdm 13-1:1.0: skipping garbage
[  327.661730][ T6717] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[  327.664243][ T6717] cdc_wdm 13-1:1.0: Unknown control protocol
[  327.863999][ T6717] usb 13-1: USB disconnect, device number 23
[  328.093042][T10313] netlink: 'syz.7.1116': attribute type 1 has an invalid length.
[  328.096541][T10313] netlink: 'syz.7.1116': attribute type 2 has an invalid length.
[  328.351774][T10320] syzkaller1: entered promiscuous mode
[  328.353551][T10320] syzkaller1: entered allmulticast mode
[  328.851648][T10328] wg2 speed is unknown, defaulting to 1000
[  329.175227][ T5743] net_ratelimit: 246 callbacks suppressed
[  329.175276][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  329.941293][T10341] wg2 speed is unknown, defaulting to 1000
[  329.967589][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  330.128881][T10348] netlink: 76 bytes leftover after parsing attributes in process `syz.7.1123'.
[  331.264762][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  331.273524][T10352] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  331.276469][T10352] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  331.279416][T10352] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  331.512615][T10358] FAULT_INJECTION: forcing a failure.
[  331.512615][T10358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  331.518458][T10358] CPU: 1 UID: 0 PID: 10358 Comm: syz.8.1127 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  331.518475][T10358] Tainted: [L]=SOFTLOCKUP
[  331.518479][T10358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  331.518485][T10358] Call Trace:
[  331.518488][T10358]  <TASK>
[  331.518492][T10358]  dump_stack_lvl+0x100/0x190
[  331.518515][T10358]  should_fail_ex.cold+0x5/0xa
[  331.518528][T10358]  _copy_from_iter+0x1f4/0x1690
[  331.518545][T10358]  ? __asan_memset+0x23/0x50
[  331.518561][T10358]  ? __pfx__copy_from_iter+0x10/0x10
[  331.518575][T10358]  ? __pfx___alloc_skb+0x10/0x10
[  331.518590][T10358]  netlink_sendmsg+0x808/0xda0
[  331.518606][T10358]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.518622][T10358]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  331.518635][T10358]  ____sys_sendmsg+0x9e1/0xb70
[  331.518648][T10358]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.518663][T10358]  ? __pfx_____sys_sendmsg+0x10/0x10
[  331.518682][T10358]  ___sys_sendmsg+0x190/0x1e0
[  331.518697][T10358]  ? __pfx____sys_sendmsg+0x10/0x10
[  331.518721][T10358]  ? find_held_lock+0x2b/0x80
[  331.518744][T10358]  __sys_sendmsg+0x170/0x220
[  331.518760][T10358]  ? __pfx___sys_sendmsg+0x10/0x10
[  331.518770][T10358]  ? __fget_files+0x21f/0x3d0
[  331.518785][T10358]  ? ksys_write+0x1ac/0x250
[  331.518799][T10358]  ? rcu_is_watching+0x12/0xc0
[  331.518813][T10358]  __do_fast_syscall_32+0xe7/0x970
[  331.518829][T10358]  ? lockdep_hardirqs_on+0x78/0x100
[  331.518844][T10358]  do_fast_syscall_32+0x32/0x70
[  331.518859][T10358]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  331.518872][T10358] RIP: 0023:0xf700ef7c
[  331.518882][T10358] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  331.518893][T10358] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  331.518903][T10358] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  331.518910][T10358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  331.518915][T10358] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  331.518922][T10358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  331.518928][T10358] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  331.518940][T10358]  </TASK>
[  331.683016][T10360] binder: 10359:10360 ioctl 4068aea3 80000240 returned -22
[  331.737203][  T842] usb 12-1: new high-speed USB device number 23 using dummy_hcd
[  331.888967][  T842] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  331.891707][  T842] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  331.894734][  T842] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66
[  332.034805][T10372] netem: change failed
[  332.047247][ T6875] usb 13-1: new high-speed USB device number 24 using dummy_hcd
[  332.067228][T10375] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1133'.
[  332.445486][  T842] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  332.448994][ T5743] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  332.670896][  T842] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  332.675546][  T842] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  332.683989][  T842] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  332.686019][ T6875] usb 13-1: config 0 has an invalid interface number: 50 but max is 0
[  332.686477][  T842] usb 12-1: Product: syz
[  332.691067][  T842] usb 12-1: Manufacturer: syz
[  332.699809][  T842] cdc_wdm 12-1:1.0: skipping garbage
[  332.701510][  T842] cdc_wdm 12-1:1.0: skipping garbage
[  332.704100][  T842] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  332.705997][  T842] cdc_wdm 12-1:1.0: Unknown control protocol
[  332.901839][  T842] usb 12-1: USB disconnect, device number 23
[  333.007704][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  333.247773][ T5532] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  333.441421][T10386] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1137'.
[  333.446012][ T6875] usb 13-1: config 0 has no interface number 0
[  333.450238][ T6875] usb 13-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  333.456635][ T6875] usb 13-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  333.459710][ T6875] usb 13-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  333.463383][ T6875] usb 13-1: Product: syz
[  333.464761][ T6875] usb 13-1: Manufacturer: syz
[  333.466332][ T6875] usb 13-1: SerialNumber: syz
[  333.470284][ T6875] usb 13-1: config 0 descriptor??
[  333.479917][ T6875] yurex 13-1:0.50: USB YUREX device now attached to Yurex #0
[  333.488157][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  333.593036][T10389] netlink: 'syz.7.1138': attribute type 1 has an invalid length.
[  333.600157][T10389] netlink: 224 bytes leftover after parsing attributes in process `syz.7.1138'.
[  333.721556][T10398] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1141'.
[  333.865130][T10403] FAULT_INJECTION: forcing a failure.
[  333.865130][T10403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.869291][T10403] CPU: 3 UID: 0 PID: 10403 Comm: syz.5.1142 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  333.869308][T10403] Tainted: [L]=SOFTLOCKUP
[  333.869311][T10403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  333.869317][T10403] Call Trace:
[  333.869322][T10403]  <TASK>
[  333.869326][T10403]  dump_stack_lvl+0x100/0x190
[  333.869348][T10403]  should_fail_ex.cold+0x5/0xa
[  333.869362][T10403]  _copy_from_user+0x2e/0xd0
[  333.869378][T10403]  generic_map_update_batch+0x452/0x800
[  333.869399][T10403]  ? __pfx_generic_map_update_batch+0x10/0x10
[  333.869418][T10403]  ? __pfx_generic_map_update_batch+0x10/0x10
[  333.869435][T10403]  bpf_map_do_batch+0x66f/0x6d0
[  333.869450][T10403]  __sys_bpf+0x302/0x4b90
[  333.869462][T10403]  ? __pfx___sys_bpf+0x10/0x10
[  333.869471][T10403]  ? get_pid_task+0x106/0x250
[  333.869487][T10403]  ? proc_fail_nth_write+0x9f/0x220
[  333.869504][T10403]  ? find_held_lock+0x2b/0x80
[  333.869519][T10403]  ? find_held_lock+0x2b/0x80
[  333.869531][T10403]  ? ksys_write+0x190/0x250
[  333.869546][T10403]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  333.869561][T10403]  ? __pfx_vfs_write+0x3/0x10
[  333.869579][T10403]  ? fput+0x79/0x100
[  333.869593][T10403]  ? ksys_write+0x1ac/0x250
[  333.869606][T10403]  __ia32_sys_bpf+0x79/0xf0
[  333.869616][T10403]  ? lockdep_hardirqs_on+0x78/0x100
[  333.869630][T10403]  __do_fast_syscall_32+0xe7/0x970
[  333.869645][T10403]  ? lockdep_hardirqs_on+0x78/0x100
[  333.869661][T10403]  do_fast_syscall_32+0x32/0x70
[  333.869676][T10403]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  333.869689][T10403] RIP: 0023:0xf7fc7f7c
[  333.869698][T10403] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  333.869708][T10403] RSP: 002b:00000000f546550c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  333.869719][T10403] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 00000000800008c0
[  333.869725][T10403] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  333.869736][T10403] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  333.869742][T10403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  333.869748][T10403] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  333.869761][T10403]  </TASK>
[  333.941897][T10366] netlink: 'syz.8.1130': attribute type 21 has an invalid length.
[  333.964348][ T5840] usb 13-1: USB disconnect, device number 24
[  333.973652][T10366] yurex 13-1:0.50: yurex_write - failed to send bulk msg, error -19
[  333.986777][ T5840] yurex 13-1:0.50: USB YUREX #0 now disconnected
[  334.250638][T10417] wg2 speed is unknown, defaulting to 1000
[  334.258446][T10418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1144'.
[  334.261476][T10418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1144'.
[  334.527486][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.742172][T10422] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1154'.
[  334.838757][T10426] wg2 speed is unknown, defaulting to 1000
[  335.047278][ T1341] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  335.199030][ T1341] usb 9-1: config 0 has an invalid interface number: 50 but max is 0
[  335.202459][ T1341] usb 9-1: config 0 has no interface number 0
[  335.204971][ T1341] usb 9-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  335.215563][ T1341] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  335.219638][ T1341] usb 9-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  335.223000][ T1341] usb 9-1: Product: syz
[  335.224731][ T1341] usb 9-1: Manufacturer: syz
[  335.226641][ T1341] usb 9-1: SerialNumber: syz
[  335.230327][ T1341] usb 9-1: config 0 descriptor??
[  335.239085][ T1341] yurex 9-1:0.50: USB YUREX device now attached to Yurex #0
[  335.311784][  T842] IPVS: starting estimator thread 0...
[  335.380486][T10436] pimreg: entered allmulticast mode
[  335.384892][T10436] netlink: 'syz.7.1151': attribute type 1 has an invalid length.
[  335.400776][T10433] IPVS: using max 44 ests per chain, 105600 per kthread
[  335.526218][T10445] wg2 speed is unknown, defaulting to 1000
[  335.564491][T10424] netlink: 'syz.4.1147': attribute type 21 has an invalid length.
[  335.567752][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  335.681037][ T6717] usb 9-1: USB disconnect, device number 13
[  335.684763][T10424] yurex 9-1:0.50: yurex_write - failed to send bulk msg, error -19
[  335.685174][ T6717] yurex 9-1:0.50: USB YUREX #0 now disconnected
[  335.907260][ T6875] usb 13-1: new high-speed USB device number 25 using dummy_hcd
[  336.047359][ T1341] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.079350][ T6875] usb 13-1: config 0 has no interfaces?
[  336.083050][ T6875] usb 13-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  336.086679][ T6875] usb 13-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  336.089402][ T6875] usb 13-1: Product: syz
[  336.090827][ T6875] usb 13-1: Manufacturer: syz
[  336.096292][ T6875] usb 13-1: config 0 descriptor??
[  336.259438][T10455] wg2 speed is unknown, defaulting to 1000
[  336.318302][T10451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.323402][T10451] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.343299][T10451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.348476][T10451] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.365249][ T6875] usb 13-1: USB disconnect, device number 25
[  336.608523][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.971794][T10478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.980531][T10478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.989260][T10478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.992696][T10478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.995916][T10478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.127371][ T5532] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  337.290281][ T5532] usb 9-1: config 0 has an invalid interface number: 50 but max is 0
[  337.304029][ T5532] usb 9-1: config 0 has no interface number 0
[  337.306076][ T5532] usb 9-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  337.313956][ T5532] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  337.317058][ T5532] usb 9-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  337.321385][ T5532] usb 9-1: Product: syz
[  337.322833][ T5532] usb 9-1: Manufacturer: syz
[  337.324360][ T5532] usb 9-1: SerialNumber: syz
[  337.327485][ T5532] usb 9-1: config 0 descriptor??
[  337.332267][ T5532] yurex 9-1:0.50: USB YUREX device now attached to Yurex #0
[  337.583510][T10467] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.701396][T10474] netlink: 'syz.4.1164': attribute type 21 has an invalid length.
[  337.802539][ T6875] usb 9-1: USB disconnect, device number 14
[  337.802710][T10474] yurex 9-1:0.50: yurex_write - failed to send bulk msg, error -19
[  337.816556][ T6875] yurex 9-1:0.50: USB YUREX #0 now disconnected
[  337.880326][T10492] Mount JFS Failure: -5
[  337.881793][T10492] jfs_mount failed w/return code = -5
[  338.077516][ T5918] usb 13-1: new full-speed USB device number 26 using dummy_hcd
[  338.239845][ T5918] usb 13-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  338.243012][ T5918] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.246257][ T5918] usb 13-1: Product: syz
[  338.247784][ T5918] usb 13-1: Manufacturer: syz
[  338.249551][ T5918] usb 13-1: SerialNumber: syz
[  338.668839][T10498] mac80211_hwsim hwsim11 syzkaller0: Caught tx_queue_len zero misconfig
[  338.677612][ T5918] usblp 13-1:1.0: usblp0: USB Unidirectional printer dev 26 if 0 alt 0 proto 1 vid 0x04B8 pid 0x0202
[  338.876734][T10505] ieee802154 phy0 wpan0: encryption failed: -22
[  338.907271][  T842] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  338.983016][T10509] netlink: 'syz.7.1174': attribute type 1 has an invalid length.
[  338.986455][T10509] netlink: 224 bytes leftover after parsing attributes in process `syz.7.1174'.
[  338.995228][T10510] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1173'.
[  339.088585][  T842] usb 10-1: Using ep0 maxpacket: 8
[  339.092618][  T842] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  339.096343][  T842] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  339.100670][  T842] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  339.104774][  T842] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  339.109996][  T842] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  339.115229][  T842] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  339.119235][  T842] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.329166][  T842] usb 10-1: usb_control_msg returned -32
[  339.331021][  T842] usbtmc 10-1:16.0: can't read capabilities
[  340.027314][ T5532] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  340.048386][ T6009] net_ratelimit: 3 callbacks suppressed
[  340.048401][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.061800][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.179663][ T5532] usb 9-1: config 0 has no interfaces?
[  340.183835][ T5532] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  340.188030][ T5532] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  340.191376][ T5532] usb 9-1: Product: syz
[  340.193267][ T5532] usb 9-1: Manufacturer: syz
[  340.195224][ T5532] usb 9-1: SerialNumber: syz
[  340.202601][ T5532] usb 9-1: config 0 descriptor??
[  340.294671][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.447248][T10556] overlayfs: overlapping lowerdir path
[  340.453484][   T10] usb 9-1: USB disconnect, device number 15
[  341.024432][T10563] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  341.034822][ T5532] usb 13-1: USB disconnect, device number 26
[  341.065563][ T5532] usblp0: removed
[  341.327543][  T842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.423340][T10573] netlink: 'syz.7.1183': attribute type 1 has an invalid length.
[  341.426085][T10573] netlink: 224 bytes leftover after parsing attributes in process `syz.7.1183'.
[  341.600867][T10582] Cannot find set identified by id 2 to match
[  341.697597][  T842] usb 10-1: USB disconnect, device number 18
[  341.825799][T10591] netlink: 'syz.4.1187': attribute type 12 has an invalid length.
[  341.860333][T10589] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  341.862551][T10589] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  341.865395][T10589] vhci_hcd vhci_hcd.0: Device attached
[  342.133947][   T99] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  342.159174][ T5743] usb 46-1: SetAddress Request (6) to port 0
[  342.162604][ T5743] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd
[  342.377804][ T5848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  342.517596][T10597] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1188'.
[  342.621700][T10595] atomic_op ffff88801b761998 conn xmit_atomic 0000000000000000
[  342.632725][T10590] vhci_hcd: connection reset by peer
[  342.636057][  T171] vhci_hcd vhci_hcd.4: stop threads
[  342.637607][  T171] vhci_hcd vhci_hcd.4: release socket
[  342.641509][  T171] vhci_hcd vhci_hcd.4: disconnect device
[  343.178668][ T5744] Bluetooth: hci3: command 0x1003 tx timeout
[  343.180261][   T62] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  343.984857][T10612] netlink: 'syz.8.1194': attribute type 1 has an invalid length.
[  343.987377][T10612] netlink: 224 bytes leftover after parsing attributes in process `syz.8.1194'.
[  344.932533][T10597] team0: left allmulticast mode
[  344.936422][T10597] team0: left promiscuous mode
[  344.937870][T10624] ieee802154 phy0 wpan0: encryption failed: -22
[  344.996916][T10599] FAULT_INJECTION: forcing a failure.
[  344.996916][T10599] name failslab, interval 1, probability 0, space 0, times 0
[  345.005271][T10599] CPU: 3 UID: 0 PID: 10599 Comm: syz.4.1189 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  345.005301][T10599] Tainted: [L]=SOFTLOCKUP
[  345.005305][T10599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  345.005311][T10599] Call Trace:
[  345.005315][T10599]  <TASK>
[  345.005320][T10599]  dump_stack_lvl+0x100/0x190
[  345.005341][T10599]  should_fail_ex.cold+0x5/0xa
[  345.005355][T10599]  should_failslab+0xc2/0x120
[  345.005368][T10599]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  345.005385][T10599]  ? __alloc_skb+0x140/0x710
[  345.005398][T10599]  __alloc_skb+0x140/0x710
[  345.005407][T10599]  ? __alloc_skb+0x5b7/0x710
[  345.005415][T10599]  ? __pfx___alloc_skb+0x10/0x10
[  345.005424][T10599]  ? genl_rcv_msg+0x4be/0x800
[  345.005444][T10599]  netlink_ack+0x117/0xb80
[  345.005462][T10599]  netlink_rcv_skb+0x333/0x420
[  345.005476][T10599]  ? __pfx_genl_rcv_msg+0x10/0x10
[  345.005492][T10599]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  345.005512][T10599]  ? netlink_deliver_tap+0x1ae/0xcc0
[  345.005527][T10599]  genl_rcv+0x28/0x40
[  345.005541][T10599]  netlink_unicast+0x585/0x850
[  345.005557][T10599]  ? __pfx_netlink_unicast+0x10/0x10
[  345.005574][T10599]  netlink_sendmsg+0x8b0/0xda0
[  345.005594][T10599]  ? __pfx_netlink_sendmsg+0x10/0x10
[  345.005610][T10599]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  345.005623][T10599]  ____sys_sendmsg+0x9e1/0xb70
[  345.005637][T10599]  ? __pfx_netlink_sendmsg+0x10/0x10
[  345.005657][T10599]  ? __pfx_____sys_sendmsg+0x10/0x10
[  345.005678][T10599]  ___sys_sendmsg+0x190/0x1e0
[  345.005693][T10599]  ? __pfx____sys_sendmsg+0x10/0x10
[  345.005714][T10599]  ? find_held_lock+0x2b/0x80
[  345.005737][T10599]  __sys_sendmsg+0x170/0x220
[  345.005748][T10599]  ? __pfx___sys_sendmsg+0x10/0x10
[  345.005758][T10599]  ? __fget_files+0x21f/0x3d0
[  345.005774][T10599]  ? ksys_write+0x1ac/0x250
[  345.005787][T10599]  ? rcu_is_watching+0x12/0xc0
[  345.005801][T10599]  __do_fast_syscall_32+0xe7/0x970
[  345.005817][T10599]  ? lockdep_hardirqs_on+0x78/0x100
[  345.005834][T10599]  do_fast_syscall_32+0x32/0x70
[  345.005849][T10599]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  345.005863][T10599] RIP: 0023:0xf7f73f7c
[  345.005873][T10599] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  345.005883][T10599] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  345.005894][T10599] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  345.005900][T10599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  345.005906][T10599] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  345.005912][T10599] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  345.005918][T10599] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  345.005931][T10599]  </TASK>
[  345.199149][ T6017] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  345.225953][ T6017] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  345.233768][   T12] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  345.266565][   T12] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  346.098612][T10637] FAULT_INJECTION: forcing a failure.
[  346.098612][T10637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.104228][T10637] CPU: 1 UID: 0 PID: 10637 Comm: syz.4.1202 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  346.104254][T10637] Tainted: [L]=SOFTLOCKUP
[  346.104261][T10637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  346.104272][T10637] Call Trace:
[  346.104279][T10637]  <TASK>
[  346.104286][T10637]  dump_stack_lvl+0x100/0x190
[  346.104318][T10637]  should_fail_ex.cold+0x5/0xa
[  346.104340][T10637]  _copy_from_user+0x2e/0xd0
[  346.104363][T10637]  kstrtouint_from_user+0xd6/0x1d0
[  346.104382][T10637]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  346.104400][T10637]  ? __lock_acquire+0x4a5/0x2630
[  346.104439][T10637]  proc_fail_nth_write+0x83/0x220
[  346.104465][T10637]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  346.104498][T10637]  vfs_write+0x2aa/0x1070
[  346.104527][T10637]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  346.104551][T10637]  ? __pfx_vfs_write+0x10/0x10
[  346.104565][T10637]  ? find_held_lock+0x2b/0x80
[  346.104589][T10637]  ? __fget_files+0x215/0x3d0
[  346.104611][T10637]  ? __fget_files+0x21f/0x3d0
[  346.104639][T10637]  ksys_write+0x12a/0x250
[  346.104658][T10637]  ? __pfx_ksys_write+0x10/0x10
[  346.104680][T10637]  ? rcu_is_watching+0x12/0xc0
[  346.104705][T10637]  do_int80_emulation+0x14b/0x720
[  346.104733][T10637]  asm_int80_emulation+0x1a/0x20
[  346.104749][T10637] RIP: 0023:0xf71761ab
[  346.104763][T10637] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  346.104779][T10637] RSP: 002b:00000000f54364bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  346.104795][T10637] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f54365d0
[  346.104807][T10637] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  346.104818][T10637] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  346.104827][T10637] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  346.104838][T10637] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.104878][T10637]  </TASK>
[  346.453268][T10649] usb usb7: usbfs: process 10649 (syz.4.1208) did not claim interface 0 before use
[  346.482256][T10648] block device autoloading is deprecated and will be removed.
[  346.543313][T10651] input: syz1 as /devices/virtual/input/input21
[  346.550538][T10651] FAULT_INJECTION: forcing a failure.
[  346.550538][T10651] name failslab, interval 1, probability 0, space 0, times 0
[  346.555327][T10651] CPU: 1 UID: 0 PID: 10651 Comm: syz.4.1210 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  346.555345][T10651] Tainted: [L]=SOFTLOCKUP
[  346.555349][T10651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  346.555355][T10651] Call Trace:
[  346.555360][T10651]  <TASK>
[  346.555364][T10651]  dump_stack_lvl+0x100/0x190
[  346.555388][T10651]  should_fail_ex.cold+0x5/0xa
[  346.555402][T10651]  ? tomoyo_encode2+0xfb/0x3c0
[  346.555416][T10651]  should_failslab+0xc2/0x120
[  346.555429][T10651]  __kmalloc_noprof+0xe0/0x850
[  346.555445][T10651]  ? d_absolute_path+0x136/0x1b0
[  346.555459][T10651]  tomoyo_encode2+0xfb/0x3c0
[  346.555475][T10651]  tomoyo_encode+0x29/0x50
[  346.555489][T10651]  tomoyo_realpath_from_path+0x18c/0x690
[  346.555512][T10651]  tomoyo_path_number_perm+0x23c/0x580
[  346.555525][T10651]  ? tomoyo_path_number_perm+0x22e/0x580
[  346.555538][T10651]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  346.555552][T10651]  ? get_pid_task+0x106/0x250
[  346.555579][T10651]  ? find_held_lock+0x2b/0x80
[  346.555591][T10651]  ? __fget_files+0x215/0x3d0
[  346.555603][T10651]  ? hook_file_ioctl_common+0x149/0x410
[  346.555615][T10651]  ? __fget_files+0x215/0x3d0
[  346.555629][T10651]  ? __fget_files+0x21f/0x3d0
[  346.555643][T10651]  security_file_ioctl_compat+0xd3/0x230
[  346.555657][T10651]  __ia32_compat_sys_ioctl+0xc2/0x360
[  346.555669][T10651]  __do_fast_syscall_32+0xe7/0x970
[  346.555697][T10651]  ? lockdep_hardirqs_on+0x78/0x100
[  346.555714][T10651]  do_fast_syscall_32+0x32/0x70
[  346.555730][T10651]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  346.555743][T10651] RIP: 0023:0xf7f73f7c
[  346.555752][T10651] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  346.555762][T10651] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  346.555773][T10651] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005502
[  346.555780][T10651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  346.555785][T10651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  346.555791][T10651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  346.555797][T10651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.555821][T10651]  </TASK>
[  346.555952][T10651] ERROR: Out of memory at tomoyo_realpath_from_path.
[  346.749936][T10658] netlink: 'syz.7.1213': attribute type 12 has an invalid length.
[  346.752261][T10658] netlink: 'syz.7.1213': attribute type 29 has an invalid length.
[  346.754703][T10658] netlink: 148 bytes leftover after parsing attributes in process `syz.7.1213'.
[  346.758062][T10658] FAULT_INJECTION: forcing a failure.
[  346.758062][T10658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.763079][T10658] CPU: 0 UID: 0 PID: 10658 Comm: syz.7.1213 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  346.763106][T10658] Tainted: [L]=SOFTLOCKUP
[  346.763112][T10658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  346.763122][T10658] Call Trace:
[  346.763131][T10658]  <TASK>
[  346.763139][T10658]  dump_stack_lvl+0x100/0x190
[  346.763174][T10658]  should_fail_ex.cold+0x5/0xa
[  346.763197][T10658]  _copy_to_user+0x32/0xd0
[  346.763224][T10658]  simple_read_from_buffer+0xcb/0x170
[  346.763248][T10658]  proc_fail_nth_read+0x1af/0x230
[  346.763276][T10658]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  346.763306][T10658]  ? rw_verify_area+0xce/0x6d0
[  346.763323][T10658]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  346.763350][T10658]  vfs_read+0x1e4/0xb30
[  346.763373][T10658]  ? __pfx_vfs_read+0x10/0x10
[  346.763391][T10658]  ? find_held_lock+0x2b/0x80
[  346.763414][T10658]  ? __fget_files+0x215/0x3d0
[  346.763438][T10658]  ? __fget_files+0x21f/0x3d0
[  346.763466][T10658]  ksys_read+0x12a/0x250
[  346.763485][T10658]  ? __pfx_ksys_read+0x10/0x10
[  346.763504][T10658]  ? rcu_is_watching+0x12/0xc0
[  346.763525][T10658]  ? rcu_is_watching+0x12/0xc0
[  346.763548][T10658]  do_int80_emulation+0x14b/0x720
[  346.763577][T10658]  asm_int80_emulation+0x1a/0x20
[  346.763601][T10658] RIP: 0023:0xf71d61ab
[  346.763616][T10658] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  346.763633][T10658] RSP: 002b:00000000f548d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  346.763650][T10658] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f548d5d0
[  346.763661][T10658] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  346.763671][T10658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  346.763681][T10658] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  346.763691][T10658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.763717][T10658]  </TASK>
[  346.944485][T10635] netlink: 'syz.5.1203': attribute type 1 has an invalid length.
[  346.947053][T10635] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1203'.
[  346.967294][   T10] usb 9-1: new high-speed USB device number 16 using dummy_hcd
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x87000)
[  347.047972][ T1128] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  347.050254][ T1128] ata1: failed to read log page 10h (errno=-5)
[  347.052278][ T1128] ata1.00: exception Emask 0x1 SAct 0x40000002 SErr 0x0 action 0x0
[  347.055194][ T1128] ata1.00: irq_stat 0x41000008
[  347.056818][ T1128] ata1.00: failed command: WRITE FPDMA QUEUED
[  347.059129][ T1128] ata1.00: cmd 61/48:08:ee:2f:09/01:00:00:00:00/40 tag 1 ncq dma 167936 out
[  347.059129][ T1128]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  347.065412][ T1128] ata1.00: status: { DRDY }
[  347.066950][ T1128] ata1.00: error: { ABRT }
[  347.070403][ T1128] ata1.00: failed command: WRITE FPDMA QUEUED
[  347.072512][ T1128] ata1.00: cmd 61/38:f0:fe:2c:0a/04:00:00:00:00/40 tag 30 ncq dma 552960 out
[  347.072512][ T1128]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  347.078509][ T1128] ata1.00: status: { DRDY }
[  347.080126][ T1128] ata1.00: error: { ABRT }
[  347.082421][ T1128] ata1.00: configured for UDMA/100
[  347.086118][ T1128] ata1: EH complete
[  347.119114][   T10] usb 9-1: config 0 has an invalid interface number: 50 but max is 0
[  347.122633][   T10] usb 9-1: config 0 has no interface number 0
[  347.125411][   T10] usb 9-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  347.133103][   T10] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  347.136931][   T10] usb 9-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  347.140902][   T10] usb 9-1: Product: syz
[  347.142737][   T10] usb 9-1: Manufacturer: syz
[  347.144865][   T10] usb 9-1: SerialNumber: syz
[  347.148888][   T10] usb 9-1: config 0 descriptor??
[  347.156887][   T10] yurex 9-1:0.50: USB YUREX device now attached to Yurex #0
[  347.258886][ T5743] usb 46-1: device descriptor read/8, error -110
[  347.493480][T10656] netlink: 'syz.4.1212': attribute type 21 has an invalid length.
[  347.648204][ T5743] usb usb46-port1: attempt power cycle
[  347.649326][ T5112] usb 9-1: USB disconnect, device number 16
[  347.651406][T10681] batman_adv: batadv0: Adding interface: gretap1
[  347.654954][T10681] batman_adv: batadv0: Interface activated: gretap1
[  347.658857][ T5112] yurex 9-1:0.50: USB YUREX #0 now disconnected
[  347.677226][ T5532] usb 13-1: new high-speed USB device number 27 using dummy_hcd
[  347.827359][ T5532] usb 13-1: Using ep0 maxpacket: 8
[  347.831132][ T5532] usb 13-1: config 179 has an invalid interface number: 65 but max is 0
[  347.834060][ T5532] usb 13-1: config 179 has no interface number 0
[  347.836081][ T5532] usb 13-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  347.839782][ T5532] usb 13-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  347.843418][ T5532] usb 13-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  347.846849][ T5532] usb 13-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  347.850471][ T5532] usb 13-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  347.854653][ T5532] usb 13-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  347.857582][ T5532] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.862908][T10678] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x1b0000)
[  348.008239][ T1128] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  348.010720][ T1128] ata1: failed to read log page 10h (errno=-5)
[  348.012697][ T1128] ata1.00: exception Emask 0x1 SAct 0x800 SErr 0x0 action 0x0
[  348.015119][ T1128] ata1.00: irq_stat 0x41000000
[  348.016674][ T1128] ata1.00: failed command: READ FPDMA QUEUED
[  348.018694][ T1128] ata1.00: cmd 60/80:58:ee:32:01/0d:00:00:00:00/40 tag 11 ncq dma 1769472 in
[  348.018694][ T1128]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  348.024260][ T1128] ata1.00: status: { DRDY }
[  348.025922][ T1128] ata1.00: error: { ABRT }
[  348.028322][ T1128] ata1.00: configured for UDMA/100
[  348.030312][ T1128] sd 0:0:0:0: [sda] tag#11 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  348.033389][ T1128] sd 0:0:0:0: [sda] tag#11 Sense Key : Aborted Command [current] 
[  348.035919][ T1128] sd 0:0:0:0: [sda] tag#11 Add. Sense: No additional sense information
[  348.038625][ T1128] sd 0:0:0:0: [sda] tag#11 CDB: Read(10) 28 00 00 01 32 ee 00 0d 80 00
[  348.041248][ T1128] I/O error, dev sda, sector 78574 op 0x0:(READ) flags 0x80700 phys_seg 116 prio class 2
[  348.044527][ T1128] ata1: EH complete
[  348.228127][ T5743] usb usb46-port1: unable to enumerate USB device
[  348.281591][T10678] syzkaller1: entered promiscuous mode
[  348.283993][T10678] syzkaller1: entered allmulticast mode
[  348.641712][ T5743] usb 13-1: USB disconnect, device number 27
[  348.641826][    C2] xpad 13-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  348.646924][    C2] xpad 13-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  348.649872][    C2] ==================================================================
[  348.652360][    C2] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x23b/0x260
[  348.654714][    C2] Read of size 4 at addr ffff888023f2d85c by task udevd/9169
[  348.657716][    C2] 
[  348.659013][    C2] CPU: 2 UID: 0 PID: 9169 Comm: udevd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  348.659030][    C2] Tainted: [L]=SOFTLOCKUP
[  348.659034][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  348.659041][    C2] Call Trace:
[  348.659045][    C2]  <IRQ>
[  348.659050][    C2]  dump_stack_lvl+0x100/0x190
[  348.659069][    C2]  print_report+0x13d/0x4b0
[  348.659086][    C2]  ? __virt_addr_valid+0x239/0x430
[  348.659103][    C2]  ? do_raw_spin_lock+0x23b/0x260
[  348.659113][    C2]  kasan_report+0xdf/0x1d0
[  348.659126][    C2]  ? do_raw_spin_lock+0x23b/0x260
[  348.659139][    C2]  do_raw_spin_lock+0x23b/0x260
[  348.659150][    C2]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  348.659162][    C2]  ? kcov_remote_stop+0x201/0x540
[  348.659176][    C2]  ? kcov_remote_stop+0x201/0x540
[  348.659191][    C2]  _raw_spin_lock_irqsave+0x42/0x60
[  348.659204][    C2]  ? __wake_up+0x1c/0x60
[  348.659218][    C2]  __wake_up+0x1c/0x60
[  348.659232][    C2]  usb_anchor_resume_wakeups+0xc7/0xf0
[  348.659250][    C2]  __usb_hcd_giveback_urb+0x3d6/0x610
[  348.659265][    C2]  usb_hcd_giveback_urb+0x3ca/0x4a0
[  348.659279][    C2]  dummy_timer+0xda1/0x36c0
[  348.659293][    C2]  ? find_held_lock+0x2b/0x80
[  348.659308][    C2]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  348.659321][    C2]  ? debug_object_deactivate+0x2e4/0x3b0
[  348.659336][    C2]  ? __pfx_debug_object_deactivate+0x10/0x10
[  348.659350][    C2]  ? __pfx_dummy_timer+0x10/0x10
[  348.659361][    C2]  ? rcu_is_watching+0x12/0xc0
[  348.659373][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  348.659386][    C2]  ? __pfx_dummy_timer+0x10/0x10
[  348.659398][    C2]  __hrtimer_run_queues+0x470/0xa00
[  348.659412][    C2]  hrtimer_run_softirq+0x17d/0x2c0
[  348.659425][    C2]  handle_softirqs+0x1ea/0xa00
[  348.659440][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  348.659452][    C2]  ? _raw_spin_unlock+0x28/0x50
[  348.659465][    C2]  ? __hrtimer_rearm_deferred+0x9b/0x740
[  348.659478][    C2]  __irq_exit_rcu+0x162/0x210
[  348.659490][    C2]  irq_exit_rcu+0x9/0x30
[  348.659502][    C2]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  348.659517][    C2]  </IRQ>
[  348.659521][    C2]  <TASK>
[  348.659525][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  348.659541][    C2] RIP: 0010:kasan_byte_accessible+0x18/0x30
[  348.659557][    C2] Code: 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 0f b6 07 <3c> 07 0f 96 c0 e9 8e 47 15 09 66 66 2e 0f 1f 84 00 00 00 00 00 0f
[  348.659568][    C2] RSP: 0018:ffffc9000d387b38 EFLAGS: 00000282
[  348.659577][    C2] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  348.659584][    C2] RDX: 0000000000000000 RSI: ffffffff8257f5fe RDI: ffffed1002762067
[  348.659591][    C2] RBP: ffff888013b10338 R08: 0000000000000001 R09: 0000000000000000
[  348.659598][    C2] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8257f5fe
[  348.659604][    C2] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[  348.659611][    C2]  ? __might_fault+0xde/0x140
[  348.659628][    C2]  ? __might_fault+0xde/0x140
[  348.659644][    C2]  __kasan_check_byte+0x13/0x50
[  348.659657][    C2]  lock_acquire+0x12a/0x370
[  348.659672][    C2]  ? __pfx___might_resched+0x10/0x10
[  348.659685][    C2]  ? __might_fault+0xc5/0x140
[  348.659700][    C2]  __might_fault+0xde/0x140
[  348.659715][    C2]  ? __might_fault+0xc5/0x140
[  348.659731][    C2]  _copy_to_user+0x2d/0xd0
[  348.659745][    C2]  cp_new_stat+0x467/0x5c0
[  348.659759][    C2]  ? __pfx_cp_new_stat+0x10/0x10
[  348.659773][    C2]  ? __pfx___up_read+0x10/0x10
[  348.659786][    C2]  ? vfs_getattr_nosec+0x340/0x430
[  348.659800][    C2]  ? __pfx_kernfs_iop_getattr+0x10/0x10
[  348.659813][    C2]  __do_sys_newfstat+0xab/0x110
[  348.659828][    C2]  ? __pfx___do_sys_newfstat+0x10/0x10
[  348.659848][    C2]  ? rcu_is_watching+0x12/0xc0
[  348.659860][    C2]  do_syscall_64+0x115/0x840
[  348.659875][    C2]  ? clear_bhb_loop+0x40/0x90
[  348.659887][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.659898][    C2] RIP: 0033:0x7ff128d11ad7
[  348.659908][    C2] Code: 73 01 c3 48 8b 0d 21 f3 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 05 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8
[  348.659919][    C2] RSP: 002b:00007ffe64847498 EFLAGS: 00000297 ORIG_RAX: 0000000000000005
[  348.659928][    C2] RAX: ffffffffffffffda RBX: 000055cc9757d8a0 RCX: 00007ff128d11ad7
[  348.659936][    C2] RDX: 00007ff128defea0 RSI: 00007ffe648474a0 RDI: 0000000000000008
[  348.659942][    C2] RBP: 00007ff128defff0 R08: 0000000000000001 R09: 0000000000000000
[  348.659949][    C2] R10: 0000000000000000 R11: 0000000000000297 R12: 000000000000000a
[  348.659955][    C2] R13: 0000000000003fff R14: 0000000000000000 R15: 000055cc9757d8a0
[  348.659965][    C2]  </TASK>
[  348.659969][    C2] 
[  348.800951][    C2] Allocated by task 5532:
[  348.802272][    C2]  kasan_save_stack+0x30/0x50
[  348.803721][    C2]  kasan_save_track+0x14/0x30
[  348.805187][    C2]  __kasan_kmalloc+0xaa/0xb0
[  348.806601][    C2]  xpad_probe+0x28e/0x1f60
[  348.807979][    C2]  usb_probe_interface+0x303/0x8f0
[  348.809539][    C2]  really_probe+0x241/0xa60
[  348.810927][    C2]  __driver_probe_device+0x22e/0x480
[  348.812571][    C2]  driver_probe_device+0x4c/0x1b0
[  348.814188][    C2]  __device_attach_driver+0x1df/0x340
[  348.815859][    C2]  bus_for_each_drv+0x159/0x1e0
[  348.817343][    C2]  __device_attach+0x1e4/0x4d0
[  348.818805][    C2]  device_initial_probe+0xaf/0xd0
[  348.820346][    C2]  bus_probe_device+0x64/0x160
[  348.821809][    C2]  device_add+0x1210/0x1950
[  348.823247][    C2]  usb_set_configuration+0xd97/0x1c60
[  348.824851][    C2]  usb_generic_driver_probe+0xa1/0xe0
[  348.826490][    C2]  usb_probe_device+0xef/0x400
[  348.827976][    C2]  really_probe+0x241/0xa60
[  348.829382][    C2]  __driver_probe_device+0x22e/0x480
[  348.831096][    C2]  driver_probe_device+0x4c/0x1b0
[  348.832654][    C2]  __device_attach_driver+0x1df/0x340
[  348.834293][    C2]  bus_for_each_drv+0x159/0x1e0
[  348.835862][    C2]  __device_attach+0x1e4/0x4d0
[  348.837341][    C2]  device_initial_probe+0xaf/0xd0
[  348.838889][    C2]  bus_probe_device+0x64/0x160
[  348.840396][    C2]  device_add+0x1210/0x1950
[  348.841800][    C2]  usb_new_device.cold+0x685/0x115c
[  348.843416][    C2]  hub_event+0x314d/0x4af0
[  348.844800][    C2]  process_one_work+0xa0e/0x1980
[  348.846355][    C2]  worker_thread+0x5ef/0xe50
[  348.847748][    C2]  kthread+0x370/0x450
[  348.848997][    C2]  ret_from_fork+0x72b/0xd50
[  348.850416][    C2]  ret_from_fork_asm+0x1a/0x30
[  348.851893][    C2] 
[  348.852654][    C2] Freed by task 5743:
[  348.853878][    C2]  kasan_save_stack+0x30/0x50
[  348.855368][    C2]  kasan_save_track+0x14/0x30
[  348.856818][    C2]  kasan_save_free_info+0x3b/0x70
[  348.858361][    C2]  __kasan_slab_free+0x5f/0x80
[  348.859831][    C2]  kfree+0x223/0x6c0
[  348.861041][    C2]  xpad_disconnect+0x1cf/0x530
[  348.862458][    C2]  usb_unbind_interface+0x1dd/0x9e0
[  348.864048][    C2]  device_remove+0x12a/0x180
[  348.865473][    C2]  device_release_driver_internal+0x44e/0x620
[  348.867354][    C2]  bus_remove_device+0x2bc/0x560
[  348.868870][    C2]  device_del+0x376/0x9b0
[  348.870200][    C2]  usb_disable_device+0x367/0x810
[  348.871766][    C2]  usb_disconnect+0x2e2/0x9a0
[  348.873217][    C2]  hub_event+0x1d0c/0x4af0
[  348.874589][    C2]  process_one_work+0xa0e/0x1980
[  348.876134][    C2]  worker_thread+0x5ef/0xe50
[  348.877540][    C2]  kthread+0x370/0x450
[  348.878796][    C2]  ret_from_fork+0x72b/0xd50
[  348.880222][    C2]  ret_from_fork_asm+0x1a/0x30
[  348.881692][    C2] 
[  348.882438][    C2] The buggy address belongs to the object at ffff888023f2d800
[  348.882438][    C2]  which belongs to the cache kmalloc-1k of size 1024
[  348.886581][    C2] The buggy address is located 92 bytes inside of
[  348.886581][    C2]  freed 1024-byte region [ffff888023f2d800, ffff888023f2dc00)
[  348.890648][    C2] 
[  348.891422][    C2] The buggy address belongs to the physical page:
[  348.893325][    C2] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23f28
[  348.895941][    C2] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  348.898466][    C2] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  348.900739][    C2] page_type: f5(slab)
[  348.901966][    C2] raw: 00fff00000000040 ffff88801b842dc0 dead000000000100 dead000000000122
[  348.904545][    C2] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  348.907137][    C2] head: 00fff00000000040 ffff88801b842dc0 dead000000000100 dead000000000122
[  348.909730][    C2] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  348.912348][    C2] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  348.914992][    C2] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  348.917605][    C2] page dumped because: kasan: bad access detected
[  348.919556][    C2] page_owner tracks the page as allocated
[  348.921280][    C2] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5742, tgid 5742 (syz-executor), ts 54888844616, free_ts 26880007507
[  348.927419][    C2]  post_alloc_hook+0xfd/0x120
[  348.928875][    C2]  get_page_from_freelist+0x11a6/0x3410
[  348.930563][    C2]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  348.932385][    C2]  new_slab+0xa6/0x6c0
[  348.933648][    C2]  refill_objects+0x277/0x420
[  348.935129][    C2]  __pcs_replace_empty_main+0x375/0x650
[  348.936841][    C2]  __kmalloc_cache_noprof+0x493/0x6f0
[  348.938497][    C2]  batadv_hard_if_event+0x853/0x13e0
[  348.940132][    C2]  notifier_call_chain+0x99/0x400
[  348.941684][    C2]  call_netdevice_notifiers_info+0xbe/0x110
[  348.943491][    C2]  register_netdevice+0x18fe/0x24b0
[  348.945098][    C2]  hsr_dev_finalize+0x6e4/0xd00
[  348.946593][    C2]  hsr_newlink+0x4ab/0xab0
[  348.947969][    C2]  rtnl_newlink+0x1499/0x2380
[  348.949408][    C2]  rtnetlink_rcv_msg+0x95e/0xe90
[  348.950920][    C2]  netlink_rcv_skb+0x159/0x420
[  348.952382][    C2] page last free pid 5169 tgid 5169 stack trace:
[  348.954304][    C2]  __free_frozen_pages+0x794/0x10a0
[  348.955926][    C2]  qlist_free_all+0x47/0xf0
[  348.957325][    C2]  kasan_quarantine_reduce+0x1a0/0x1f0
[  348.958972][    C2]  __kasan_slab_alloc+0x69/0x90
[  348.960457][    C2]  __kmalloc_noprof+0x2b9/0x850
[  348.962034][    C2]  tomoyo_realpath_from_path+0xb6/0x690
[  348.963741][    C2]  tomoyo_check_open_permission+0x2af/0x3c0
[  348.965572][    C2]  tomoyo_file_open+0x6b/0x90
[  348.967020][    C2]  security_file_open+0xb5/0x1e0
[  348.968536][    C2]  do_dentry_open+0x588/0x14d0
[  348.970006][    C2]  vfs_open+0x82/0x3f0
[  348.971265][    C2]  path_openat+0x208c/0x31a0
[  348.972702][    C2]  do_file_open+0x20e/0x430
[  348.974098][    C2]  do_sys_openat2+0x10d/0x1e0
[  348.975570][    C2]  __x64_sys_openat+0x12d/0x210
[  348.977085][    C2]  do_syscall_64+0x115/0x840
[  348.978512][    C2] 
[  348.979266][    C2] Memory state around the buggy address:
[  348.980961][    C2]  ffff888023f2d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  348.983364][    C2]  ffff888023f2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  348.985797][    C2] >ffff888023f2d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  348.988214][    C2]                                                     ^
[  348.990289][    C2]  ffff888023f2d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  348.992720][    C2]  ffff888023f2d900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  348.995146][    C2] ==================================================================
[  348.997548][    C2] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  348.999715][    C2] CPU: 2 UID: 0 PID: 9169 Comm: udevd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  349.002779][    C2] Tainted: [L]=SOFTLOCKUP
[  349.004096][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  349.007159][    C2] Call Trace:
[  349.008189][    C2]  <IRQ>
[  349.009080][    C2]  dump_stack_lvl+0x100/0x190
[  349.010523][    C2]  vpanic+0x552/0x970
[  349.011762][    C2]  ? __pfx_vpanic+0x10/0x10
[  349.013116][    C2]  ? __pfx_vprintk_emit+0x10/0x10
[  349.014644][    C2]  ? do_raw_spin_lock+0x23b/0x260
[  349.016219][    C2]  panic+0xd1/0xe0
[  349.017384][    C2]  ? __pfx_panic+0x10/0x10
[  349.018760][    C2]  ? end_report.part.0+0x23/0x90
[  349.020288][    C2]  ? rcu_is_watching+0x12/0xc0
[  349.021757][    C2]  ? end_report.part.0+0x23/0x90
[  349.023276][    C2]  ? check_panic_on_warn+0x1f/0x90
[  349.024842][    C2]  check_panic_on_warn.cold+0x19/0x34
[  349.026487][    C2]  end_report.part.0+0x3a/0x90
[  349.027969][    C2]  kasan_report.cold+0xe/0x18
[  349.029415][    C2]  ? do_raw_spin_lock+0x23b/0x260
[  349.030921][    C2]  do_raw_spin_lock+0x23b/0x260
[  349.032262][    C2]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  349.033799][    C2]  ? kcov_remote_stop+0x201/0x540
[  349.035349][    C2]  ? kcov_remote_stop+0x201/0x540
[  349.036898][    C2]  _raw_spin_lock_irqsave+0x42/0x60
[  349.038494][    C2]  ? __wake_up+0x1c/0x60
[  349.039814][    C2]  __wake_up+0x1c/0x60
[  349.041071][    C2]  usb_anchor_resume_wakeups+0xc7/0xf0
[  349.042734][    C2]  __usb_hcd_giveback_urb+0x3d6/0x610
[  349.044372][    C2]  usb_hcd_giveback_urb+0x3ca/0x4a0
[  349.045987][    C2]  dummy_timer+0xda1/0x36c0
[  349.047396][    C2]  ? find_held_lock+0x2b/0x80
[  349.048847][    C2]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  349.050631][    C2]  ? debug_object_deactivate+0x2e4/0x3b0
[  349.052359][    C2]  ? __pfx_debug_object_deactivate+0x10/0x10
[  349.054182][    C2]  ? __pfx_dummy_timer+0x10/0x10
[  349.055732][    C2]  ? rcu_is_watching+0x12/0xc0
[  349.057214][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  349.059007][    C2]  ? __pfx_dummy_timer+0x10/0x10
[  349.060532][    C2]  __hrtimer_run_queues+0x470/0xa00
[  349.062120][    C2]  hrtimer_run_softirq+0x17d/0x2c0
[  349.063702][    C2]  handle_softirqs+0x1ea/0xa00
[  349.065206][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  349.066820][    C2]  ? _raw_spin_unlock+0x28/0x50
[  349.068321][    C2]  ? __hrtimer_rearm_deferred+0x9b/0x740
[  349.069989][    C2]  __irq_exit_rcu+0x162/0x210
[  349.071376][    C2]  irq_exit_rcu+0x9/0x30
[  349.072638][    C2]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  349.074261][    C2]  </IRQ>
[  349.075191][    C2]  <TASK>
[  349.076100][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  349.077896][    C2] RIP: 0010:kasan_byte_accessible+0x18/0x30
[  349.079696][    C2] Code: 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 0f b6 07 <3c> 07 0f 96 c0 e9 8e 47 15 09 66 66 2e 0f 1f 84 00 00 00 00 00 0f
[  349.085476][    C2] RSP: 0018:ffffc9000d387b38 EFLAGS: 00000282
[  349.087337][    C2] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  349.089730][    C2] RDX: 0000000000000000 RSI: ffffffff8257f5fe RDI: ffffed1002762067
[  349.092149][    C2] RBP: ffff888013b10338 R08: 0000000000000001 R09: 0000000000000000
[  349.094543][    C2] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8257f5fe
[  349.096960][    C2] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[  349.099338][    C2]  ? __might_fault+0xde/0x140
[  349.100780][    C2]  ? __might_fault+0xde/0x140
[  349.102158][    C2]  __kasan_check_byte+0x13/0x50
[  349.103588][    C2]  lock_acquire+0x12a/0x370
[  349.105041][    C2]  ? __pfx___might_resched+0x10/0x10
[  349.106660][    C2]  ? __might_fault+0xc5/0x140
[  349.108127][    C2]  __might_fault+0xde/0x140
[  349.109532][    C2]  ? __might_fault+0xc5/0x140
[  349.110990][    C2]  _copy_to_user+0x2d/0xd0
[  349.112383][    C2]  cp_new_stat+0x467/0x5c0
[  349.113768][    C2]  ? __pfx_cp_new_stat+0x10/0x10
[  349.115319][    C2]  ? __pfx___up_read+0x10/0x10
[  349.116807][    C2]  ? vfs_getattr_nosec+0x340/0x430
[  349.118374][    C2]  ? __pfx_kernfs_iop_getattr+0x10/0x10
[  349.120065][    C2]  __do_sys_newfstat+0xab/0x110
[  349.121564][    C2]  ? __pfx___do_sys_newfstat+0x10/0x10
[  349.123244][    C2]  ? rcu_is_watching+0x12/0xc0
[  349.124720][    C2]  do_syscall_64+0x115/0x840
[  349.126183][    C2]  ? clear_bhb_loop+0x40/0x90
[  349.127592][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.129355][    C2] RIP: 0033:0x7ff128d11ad7
[  349.130731][    C2] Code: 73 01 c3 48 8b 0d 21 f3 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 05 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8
[  349.136560][    C2] RSP: 002b:00007ffe64847498 EFLAGS: 00000297 ORIG_RAX: 0000000000000005
[  349.139060][    C2] RAX: ffffffffffffffda RBX: 000055cc9757d8a0 RCX: 00007ff128d11ad7
[  349.141453][    C2] RDX: 00007ff128defea0 RSI: 00007ffe648474a0 RDI: 0000000000000008
[  349.143856][    C2] RBP: 00007ff128defff0 R08: 0000000000000001 R09: 0000000000000000
[  349.146254][    C2] R10: 0000000000000000 R11: 0000000000000297 R12: 000000000000000a
[  349.148678][    C2] R13: 0000000000003fff R14: 0000000000000000 R15: 000055cc9757d8a0
[  349.151087][    C2]  </TASK>
[  349.152742][    C2] Kernel Offset: disabled
[  349.154069][    C2] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:04:53  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000001 RBX=ffffffff8b89dfae RCX=1ffffffff3631470 RDX=0000000000000001
RSI=ffffffff8c1c4600 RDI=0000000000000001 RBP=0000000000000246 RSP=ffffc90002d6f6f0
R8 =0000000000000000 R9 =fffffbfff21ae90a R10=ffffffff90d74857 R11=0000000000000000
R12=0000000000000000 R13=ffffc90002d6f878 R14=ffff88806a18a2e8 R15=ffffc90002d6f888
RIP=ffffffff81d4785e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809718e000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080e83018 CR3=0000000062f3d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000c228c5 RBX=ffff88801c32a540 RCX=ffffffff8b870225 RDX=0000000000000000
RSI=ffffffff8df1ae8f RDI=ffffffff8c1c4680 RBP=0000000000000000 RSP=ffffc9000046fdf0
R8 =0000000000000001 R9 =ffffed10056667b5 R10=ffff88802b333dab R11=0000000000000000
R12=0000000000000001 R13=ffffed10038654a8 R14=0000000000000001 R15=ffffffff90d74850
RIP=ffffffff8b86e87f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809728e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7257810 CR3=0000000070110000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fec0e000 Opmask01=000000000000003f Opmask02=00000000fffdffbf Opmask03=0000000000000000
Opmask04=00000000ffffffdf Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc9756d520
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc97567aa0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff128df1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff ffffff00ffffff00
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0504040519694645 585e44454905194e
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 584b49054e445f45 59051a041d18101b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 31346e6931387069 4435637369464663 6931327064414463 7364343163644245
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000091 0000000000000000 0000000000000000 35362e3937313a31
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc9756fa30 000055cc975774f0 000055cc975769d0 000055cc97567aa0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc9757c040 000055cc975690e0 000055cc97569060 000055cc976c97a0
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc97565c60 000055cc97567cc0 000055cc97565ce0 000055cc9756b740
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc9756b6c0 000055cc9756c160 000055cc9756c0e0 000055cc97574e00
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc000000000d RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff857c45a0 RDI=ffffffff9b449300 RBP=ffffffff9b4492c0 RSP=ffffc900005384e8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=ffffffff9b449580 R14=ffffffff9b449310 R15=0000000000000000
RIP=ffffffff857c45c7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ff1293b0880 ffffffff 00c00000
GS =0000 ffff88809738e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002ee00ff8 CR3=0000000053ede000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002000002 Opmask01=0000000000000022 Opmask02=000000007ffeffff Opmask03=0000000000000000
Opmask04=00000000ffffffdf Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc97567980
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff128df1b20
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff128df1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 754f4645425d051a 474f475a05414945
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4648051a041a4f49 4b5a594f474b4405
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e69646165520073 25203a656c696620 7974706d6520676e 697070696b530065
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4245484d4952005f 090c164940454a0c 55585c41490c4b42 455c5c4547530049
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 273a6166703a756b 733a302e30312d35 33712d6370727663 3a3174633a554d45
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 516e76633a302e30 312d3533712d6370 7276703a5f393030 322c394843492b35
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 33515f4350647261 646e6174536e703a 554d45516e76733a 302e3072623a3431
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30322f31302f3430 64623a322d332e36 312e312d6e616962 65642d332e36312e
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc28571b50 0000000000000041 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000708 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000060b187 RBX=ffff88801c3ca540 RCX=ffffffff8b870225 RDX=0000000000000000
RSI=ffffffff8df1ae8f RDI=ffffffff8c1c4680 RBP=0000000000000000 RSP=ffffc9000048fdf0
R8 =0000000000000001 R9 =ffffed10056a67b5 R10=ffff88802b533dab R11=0000000000000000
R12=0000000000000003 R13=ffffed10038794a8 R14=0000000000000003 R15=ffffffff90d74850
RIP=ffffffff8b86e87f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809748e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f3a30000 CR3=0000000066eee000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fe00e000 Opmask01=0000000087000000 Opmask02=00000000ffff7fdf Opmask03=0000000000000000
Opmask04=00000000ffffffdf Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc9756c180
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cc975566a0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff128df1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73435e405e1a7343 1e161e035c18101c
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1f115c435d431610 120300161e121d5c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 31346e6931387069 4435637369464663 6931327064414463 7364343163644245
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000331 0000000000003078 657275792f637300 35362e3937313a31
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7766736c6d61722c 4339312c3739312c 3339312c3239312c 3139312c3039312c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4638312c4538312c 3938312c3438312c 4436312c3636312c 3136312c3036312c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 46432c44412c3741 2c30382c37372c34 372c33372c32372c 31376b2c312c3065
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2d33303939653833 3030704443433076 33303030623a7475 706e693d5341494c
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000