last executing test programs:

12m54.662586507s ago: executing program 2 (id=3):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0xc8, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000394000/0x1000)=nil, 0x1000, 0x0)
r2 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_delete(0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="a8000000210001000000000000000000fe8000000000ddff3f000000000000aa00000004834e27db72fc7b959b4a4bf981bc00000000000000000000000000000000000000000000c179cd8cc0", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000b500000008001f000000000050001100fe80000000000000000000000000000000000000000000000000000000000000ff01000000000000000000000000000164010100000000000000000000000000000000000000000000000a00"], 0xa8}}, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x80000, 0x28c)
socket$nl_generic(0x10, 0x3, 0x10)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_FFBIT(r4, 0x4004556b, 0x4076)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x0, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf01b}, {0x0}], 0x2)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8000, &(0x7f0000000080)=0x1d6f4194, 0xb, 0x3)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
recvmmsg(r3, &(0x7f0000008900)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000600)=""/233, 0xe9}], 0x1, &(0x7f0000000740)=""/236, 0xec}, 0xe5}, {{&(0x7f0000000880)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000000a00), 0x0, &(0x7f0000000a40)=""/163, 0xa3}, 0xf8}, {{&(0x7f0000000b00)=@pptp={0x18, 0x2, {0x0, @dev}}, 0x80, 0x0}, 0x6}, {{&(0x7f0000002000)=@phonet, 0x80, &(0x7f0000002300)=[{&(0x7f0000002080)}, {0x0}, {&(0x7f0000002100)=""/241, 0xf1}, {&(0x7f0000002200)=""/3, 0x3}, {&(0x7f0000002240)=""/171, 0xab}], 0x5, &(0x7f00000047c0)=""/4096, 0x1000}, 0x3}, {{&(0x7f00000057c0)=@l2tp, 0x80, &(0x7f0000005b40)=[{&(0x7f0000005840)=""/54, 0x36}, {&(0x7f0000005900)=""/190, 0xbe}, {&(0x7f0000005a00)=""/190, 0xbe}, {&(0x7f0000005ac0)=""/73, 0x49}], 0x4, &(0x7f0000005b80)}, 0x1}, {{&(0x7f0000007300)=@x25={0x9, @remote}, 0x80, &(0x7f0000007640)=[{0x0}, {0x0}], 0x2, &(0x7f0000007680)=""/114, 0x72}, 0x7}], 0x6, 0x1, &(0x7f0000008a80))
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.kill\x00', 0x275a, 0x0)
read$FUSE(r6, &(0x7f0000002780)={0x2020}, 0xffffffffffffff41)
openat$vnet(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="f00100001000ffff28bd7000f8dbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8144080009060000300012800b000100697036746e6c0000200002801400020000000000000000000000ffffe0000002050009000400000008000400010100000800040005000004"], 0x1f0}}, 0x40014)

12m52.934927581s ago: executing program 2 (id=6):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0xc8, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000394000/0x1000)=nil, 0x1000, 0x0)
r2 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_delete(0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="a8000000210001000000000000000000fe8000000000ddff3f000000000000aa00000004834e27db72fc7b959b4a4bf981bc00000000000000000000000000000000000000000000c179cd8cc0", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000b500000008001f000000000050001100fe80000000000000000000000000000000000000000000000000000000000000ff01000000000000000000000000000164010100000000000000000000000000000000000000000000000a00"], 0xa8}}, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x80000, 0x28c)
socket$nl_generic(0x10, 0x3, 0x10)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_FFBIT(r4, 0x4004556b, 0x4076)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x0, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf01b}, {0x0}], 0x2)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8000, &(0x7f0000000080)=0x1d6f4194, 0xb, 0x3)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
recvmmsg(r3, &(0x7f0000008900)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000600)=""/233, 0xe9}], 0x1, &(0x7f0000000740)=""/236, 0xec}, 0xe5}, {{&(0x7f0000000880)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000000a00), 0x0, &(0x7f0000000a40)=""/163, 0xa3}, 0xf8}, {{&(0x7f0000000b00)=@pptp={0x18, 0x2, {0x0, @dev}}, 0x80, 0x0}, 0x6}, {{&(0x7f0000002000)=@phonet, 0x80, &(0x7f0000002300)=[{&(0x7f0000002080)}, {&(0x7f0000002100)=""/241, 0xf1}, {&(0x7f0000002200)=""/3, 0x3}, {&(0x7f0000002240)=""/171, 0xab}], 0x4, &(0x7f00000047c0)=""/4096, 0x1000}, 0x3}, {{&(0x7f00000057c0)=@l2tp, 0x80, &(0x7f0000005b40)=[{&(0x7f0000005840)=""/54, 0x36}, {&(0x7f0000005900)=""/190, 0xbe}, {&(0x7f0000005a00)=""/190, 0xbe}, {&(0x7f0000005ac0)=""/73, 0x49}], 0x4, &(0x7f0000005b80)}, 0x1}, {{&(0x7f0000007300)=@x25={0x9, @remote}, 0x80, &(0x7f0000007640)=[{0x0}, {0x0}], 0x2, &(0x7f0000007680)=""/114, 0x72}, 0x7}], 0x6, 0x1, &(0x7f0000008a80))
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.kill\x00', 0x275a, 0x0)
read$FUSE(r6, &(0x7f0000002780)={0x2020}, 0xffffffffffffff41)
openat$vnet(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="f00100001000ffff28bd7000f8dbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8144080009060000300012800b000100697036746e6c0000200002801400020000000000000000000000ffffe0000002050009000400000008000400010100000800040005000004"], 0x1f0}}, 0x40014)

12m50.004367633s ago: executing program 2 (id=12):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000360001000000e9f33da533bdecf9eb08bb2cc726b62089b6a9b9e3f939000002"], 0x14}], 0x1}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="58000000020605000000000000000000000000030c000300686173683a6970000900020073797a32000000000500040000000000050005000a000000050001000600000014000780080006400000000208000c"], 0x58}}, 0x20000000)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010ac054402000000002d7b0902"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000467000/0x2000)=nil, 0x2000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)

12m48.222119086s ago: executing program 2 (id=17):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x10000043}, 0x20000000)
fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1, 0x3, 0x95, 0x2, 0xffffffffffffffff})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000000)={@desc={0x1, 0x0, @auto="4edac0ba9b3ea72d"}})
mknod(&(0x7f0000000080)='./bus\x00', 0x8000, 0x6)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f0000000180)='jfs\x00', 0x400080, &(0x7f00000001c0)='discard')

12m47.874493307s ago: executing program 2 (id=19):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0xf0, 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}}, 0x50)
r3 = open$dir(&(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r3, 0xc0406619, &(0x7f00000001c0)={@id={0x2, 0x0, @a}})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x80000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0xa57, 0x80000001, 0x0, 0x0, {0x40000006, 0x0, 0x0, 0x0, 0x1000001, 0x0, 0x0, 0x0, 0x1, 0x2000, 0x0, 0x0, r2, 0x10b, 0xb333}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00222200000096231306e53f93b2938f8d2a9000070900be0083"], 0x0}, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000001a40), 0x1, 0x40a00)
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r5, 0xc0045520, &(0x7f0000001a80)=0x9)
r6 = syz_open_dev$evdev(&(0x7f0000003880), 0x4, 0x2)
ioctl$EVIOCSKEYCODE_V2(r6, 0x40284504, &(0x7f0000000000)={0xfb, 0x10, 0x1323, 0xf0, "4d512c91002a4950676142687108dcd3f82acf5a895bd90fca2bb40bb4fbf29c"})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x80782, 0x0)
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
ioctl$TIOCGPTPEER(r7, 0x5441, 0x6)
r10 = syz_open_dev$video4linux(&(0x7f00000007c0), 0x5, 0x20040)
ioctl$VIDIOC_SUBDEV_S_FMT(r10, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x1, 0x0, 0x3009, 0x4, 0xc, 0x0, 0x5, 0x17}})
creat(&(0x7f0000000000)='./file0/file1\x00', 0x2)

12m32.348923762s ago: executing program 32 (id=19):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0xf0, 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}}, 0x50)
r3 = open$dir(&(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r3, 0xc0406619, &(0x7f00000001c0)={@id={0x2, 0x0, @a}})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x80000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0xa57, 0x80000001, 0x0, 0x0, {0x40000006, 0x0, 0x0, 0x0, 0x1000001, 0x0, 0x0, 0x0, 0x1, 0x2000, 0x0, 0x0, r2, 0x10b, 0xb333}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00222200000096231306e53f93b2938f8d2a9000070900be0083"], 0x0}, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000001a40), 0x1, 0x40a00)
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r5, 0xc0045520, &(0x7f0000001a80)=0x9)
r6 = syz_open_dev$evdev(&(0x7f0000003880), 0x4, 0x2)
ioctl$EVIOCSKEYCODE_V2(r6, 0x40284504, &(0x7f0000000000)={0xfb, 0x10, 0x1323, 0xf0, "4d512c91002a4950676142687108dcd3f82acf5a895bd90fca2bb40bb4fbf29c"})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x80782, 0x0)
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
ioctl$TIOCGPTPEER(r7, 0x5441, 0x6)
r10 = syz_open_dev$video4linux(&(0x7f00000007c0), 0x5, 0x20040)
ioctl$VIDIOC_SUBDEV_S_FMT(r10, 0xc0585605, &(0x7f00000000c0)={0x1, 0x0, {0x1, 0x0, 0x3009, 0x4, 0xc, 0x0, 0x5, 0x17}})
creat(&(0x7f0000000000)='./file0/file1\x00', 0x2)

11m42.656231006s ago: executing program 3 (id=585):
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r0, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x13}, 0x7}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001640), r1)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0)

11m41.823637843s ago: executing program 3 (id=591):
socket$nl_rdma(0x10, 0x3, 0x14)
socket$unix(0x1, 0x2, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e21, @loopback}, {0x2, 0x0, @remote}, {0x2, 0x4e23, @local}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x6})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x24018807)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

11m41.754920563s ago: executing program 3 (id=592):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x7, {"a2e3ad21ed0d52f91b23330987f70e06d038e7ff7fc6e5539b0d47078b089b3907346d090890e0878f0e1ac6e7049b334a959b669a240d5d67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07670936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70fe98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf1a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e470dea05918b41243513f000800000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3e3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14d9fdb8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a19000000000000006f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69b15c9f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d44400009a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc01008cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c16c02ed4b5d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaab1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106d26658b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6b14effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c110000a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b51028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6815d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3f3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51090840517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4e004a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6ce1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c817e9177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d543902113c4c859465c3c115c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc248850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafcc009fc074bb6b68a1f0c4649820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948998cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2fd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5dc4ff8f0104000000000000df72279fdb0d2b9e936e5a983c12fded79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d3700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa6e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9f07b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e3ebb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3fec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4cddd5d0fc5a752f9000", 0x1000}}, 0x1006)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x5000, 0x80000001, @remote, 0x7}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)

11m41.754428989s ago: executing program 3 (id=593):
unshare(0x6a040000)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f00000000c0)=0x6, 0x4)
setsockopt$packet_int(r2, 0x107, 0xa, 0x0, 0x0)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, 0x0, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, r3)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r4, 0x0, 0x0, 0x880, 0x0, 0x0)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
unshare(0x22020400)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(0x0, &(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00')
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r8 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)

11m41.658471188s ago: executing program 3 (id=594):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet(0x2, 0x1, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(r0, 0x1)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', 0x0, 0x0)
r5 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
tkill(r5, 0xb)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x55fdb4595c3d8036)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="04"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, 0xffffffffffffffff, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x541c, 0x0)

11m41.333308346s ago: executing program 3 (id=595):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='htcp', 0x4)
r1 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b9"], 0x0)
syz_usb_control_io$sierra_net(r1, 0x0, 0x0)
shutdown(r0, 0x1)

11m41.315846478s ago: executing program 33 (id=595):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000440)='htcp', 0x4)
r1 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b9"], 0x0)
syz_usb_control_io$sierra_net(r1, 0x0, 0x0)
shutdown(r0, 0x1)

8.251239889s ago: executing program 1 (id=4057):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x80000)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0xf0, &(0x7f0000000700)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000240)={@flat=@binder={0x73622a85, 0x0, 0x3}, @fd={0x66642a85, 0x0, r2}}, &(0x7f0000000200)={0x0, 0x18, 0x38}}, 0x1000}], 0xffffffffffffff2d, 0x0, 0x0})

8.105190247s ago: executing program 1 (id=4058):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x4)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79})
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000002380)={0xdc, 0x0, 0xa39})
ppoll(0x0, 0x0, &(0x7f00000000c0)={0x77359400}, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CAP_HYPERV_SYNIC2(r6, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x4, 0x0, 0x0, @msi={0x0, 0x31, 0xfffffffc, 0x7}}]})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000140)={0x0, 0x401})
personality(0x400000b)
pselect6(0x40, &(0x7f0000000040)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7}, &(0x7f0000000080)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x5]}, 0x8})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r8 = accept4(r7, 0x0, 0x0, 0x800)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb09587", 0x4b}, {&(0x7f00000003c0)="e8700e444d", 0x5}], 0x3}], 0x1, 0x40800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/81, 0x51}], 0x2}, 0x32062)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_DEST(r8, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r9, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xc0}]}, 0x1c}}, 0x2f9fb67db50b0e75)

7.641806348s ago: executing program 1 (id=4060):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="ec0500000000000061106c0000000000"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
syz_io_uring_setup(0x49f, &(0x7f0000000400)={0x0, 0xf97f, 0x400, 0x1, 0x9}, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8800)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045)
syz_genetlink_get_family_id$team(&(0x7f0000000300), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000580)={'syztnl1\x00', &(0x7f0000000500)={'ip6tnl0\x00', 0x0, 0x29, 0xcf, 0x3, 0x401, 0x0, @dev={0xfe, 0x80, '\x00', 0x40}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1, 0x7, 0x6, 0x4}})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044040}, 0x24008040)
r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
write$binfmt_register(r1, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0xffffffffffffffff, 0x3a, 'allow_other', 0x3a, '', 0x3a, './cgroup.cpu/cpuset.cpus', 0x3a, [0x46, 0x46]}, 0x45)
r2 = syz_usb_connect(0x0, 0x34, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009bbd8b08e80430ffd1a601220301090222000100000000090400000129fddd000905e2ffbe"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000003880), 0x4, 0x2)
syz_usb_control_io$hid(r2, 0x0, &(0x7f00000004c0)={0x18, 0x0, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000380)={0x0, 0x8, 0x1, 0x6}, &(0x7f00000003c0), &(0x7f0000000480)={0x20, 0x3, 0x1, 0x4}})
ioctl$EVIOCSKEYCODE_V2(r3, 0x40284504, &(0x7f0000004e40)={0xff, 0x8, 0xfffc, 0x0, "4d512c91002a495067614268710cdcd3f82acf5a890400000000000000fbf29c"})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000900)={'syz1\x00', {0x9, 0x0, 0x6}, 0x37b4, [0xfeff, 0x4, 0x9, 0x0, 0x0, 0x20001, 0x4, 0x0, 0x0, 0x1, 0x0, 0x8, 0x3, 0x5, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x10000000, 0x10000000, 0xbffffffe, 0x0, 0x0, 0x4, 0x0, 0x0, 0x94e, 0x0, 0xb, 0x1, 0x0, 0x9, 0x3, 0x2, 0x0, 0x4, 0x80, 0x20, 0x6, 0x3a3, 0x0, 0x0, 0x0, 0x8, 0x1, 0xfffffffd, 0x0, 0x6, 0x0, 0x7, 0x2, 0x6, 0x0, 0x2000000, 0x20005, 0x0, 0x0, 0x105, 0x0, 0x800000], [0x11, 0xffff0003, 0x7, 0x8, 0xffffffff, 0x9, 0xad9, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffb, 0x4f3, 0x0, 0x4, 0xbb, 0x1, 0xfffffffc, 0x5, 0x800, 0x8001, 0xf, 0x0, 0x100, 0x0, 0x10000, 0xec6a, 0xca86, 0x40000000, 0xffffffff, 0xfffffffc, 0x8, 0xfffffffd, 0x7fffffff, 0xfffffffc, 0x1, 0x0, 0x0, 0x4, 0x0, 0x3, 0xfffffffc, 0x4, 0x18c, 0x9, 0x0, 0x4000002, 0x3, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x4, 0x1, 0x80, 0x8000, 0x40000004, 0x6, 0x3, 0x8f, 0x7], [0xe, 0x4, 0x0, 0x0, 0xffffffff, 0x1, 0xa000000, 0x0, 0xffb, 0xffff7fff, 0xfffffffd, 0x0, 0x6cd7, 0x0, 0x0, 0x6, 0x0, 0x0, 0x10000, 0x0, 0x2, 0x420, 0xc, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0xfffffffc, 0x7, 0xfffffffc, 0x2af, 0x5, 0x9, 0x0, 0x10000, 0x3, 0x0, 0x0, 0x0, 0x8, 0x404, 0x1, 0x0, 0x0, 0x5, 0x0, 0x3, 0x1, 0x0, 0xff, 0x4000005, 0x0, 0x4, 0x4, 0x400000, 0x0, 0x6, 0x0, 0x0, 0x1, 0xd, 0xffffffdb], [0x2, 0x0, 0x4, 0x6, 0x0, 0x401, 0x1000, 0x213, 0x4, 0x7ff, 0x100, 0x3, 0xa, 0xf862, 0x80, 0x0, 0x3, 0x0, 0x7d, 0x5, 0x6, 0x9, 0x4, 0x71, 0x0, 0xfffffffe, 0x0, 0x0, 0x5d66, 0x1, 0x0, 0x9, 0x5, 0x0, 0x0, 0x6, 0xbfb6, 0x4, 0x4, 0x3, 0x0, 0xfffffffd, 0x1, 0xffffffff, 0x100, 0x74, 0x6, 0x3, 0xfffffffd, 0x53591a27, 0x3fffffd, 0x0, 0x0, 0x5, 0x400, 0x7, 0x9, 0x0, 0x0, 0x80000000, 0x1000000, 0x80000000, 0x5, 0x400]}, 0x45c)

5.262677562s ago: executing program 5 (id=4066):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newtfilter={0x34, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x6, 0x6}, {0x0, 0x4}, {0x1, 0xfff1}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4084}, 0x24040084)
recvmmsg$unix(r0, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/219, 0xdb}], 0x1}}], 0x1, 0x60, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
r2 = socket$inet(0x2, 0x80000, 0xe7)
ioctl$XFS_IOC_FSGROWFSRT(r2, 0x400c5870, &(0x7f00000000c0)={0x1, 0xfffffff8})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[], 0xc3}, 0x1, 0x100000000000000, 0x0, 0x2000}, 0x40400c0)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000440)={{0x1, 0x1, 0x18, <r4=>r2, {0x80000001}}, './file0\x00'})
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000077c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000004200)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x207601a}}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x15, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x16}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xa0}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x6}, 0x70)
write$FUSE_WRITE(r4, &(0x7f0000000480)={0x18, 0x0, r6, {0x414}}, 0x18)
ioctl$SIOCX25GCAUSEDIAG(r3, 0x89e6, &(0x7f0000000000)={0xf, 0x8})
r7 = socket(0x10, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000200), r0)
r9 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r9, &(0x7f0000001740)={'syz0\x00', {0x8000}, 0x0, [0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0xc0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x400, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x1000, 0x10], [0x0, 0xffffffff, 0xffffffff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x8001, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x7, 0xe2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0xfffffff9, 0x0, 0x400, 0x40, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x806, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x28000000], [0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0x681, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffa, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0xff, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x2, 0x0, 0x0, 0x8]}, 0x45c)
ioctl$UI_ABS_SETUP(r9, 0x401c5504, &(0x7f0000000080)={0xa, {0x2, 0xffffffff, 0x4, 0xfff, 0x5, 0x9}})
sendmsg$SEG6_CMD_GET_TUNSRC(r7, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="10002aa07080fcdbdf25040000000500050000000000080002000700000005000600007b0000"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000801)
sendmmsg(r7, &(0x7f0000005440), 0x0, 0x45)

5.083146495s ago: executing program 4 (id=4068):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x8020000)
creat(&(0x7f0000000100)='./file0\x00', 0x112)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x80f6, &(0x7f0000001dc0)={0x9, 0x72}, 0x49)

5.082848276s ago: executing program 0 (id=4069):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x80000)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000700)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000240)={@flat=@binder={0x73622a85, 0x0, 0x3}, @fd={0x66642a85, 0x0, r2}}, &(0x7f0000000200)={0x0, 0x18, 0x38}}, 0x1000}], 0xffffffffffffff2d, 0x0, 0x0}) (fail_nth: 6)

4.964374452s ago: executing program 0 (id=4070):
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, 0x0, &(0x7f0000000040))
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "2d1cc967f6f6661360e795c004488acf", 0x2}}}, 0xfa)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="04221001000000000000"], 0x13)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_emit_ethernet(0x76, &(0x7f00000010c0)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x5, 0x0, 0x0, @local, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback, @local, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@rand_addr, 0x4e210000}]}, @timestamp_addr={0x44, 0x2c, 0x7f, 0x1, 0x0, [{@multicast1}, {}, {@dev}, {@private, 0x4}, {@multicast1}]}]}}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$kcm(0x21, 0x2, 0xa)
write$FUSE_NOTIFY_RESEND(r0, &(0x7f0000000080)={0x14}, 0x14)

4.963820786s ago: executing program 4 (id=4071):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r1 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
ftruncate(r1, 0x1000006)
fcntl$addseals(r1, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000000)={r1, 0x0, 0x0, 0x1000000})
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b04, &(0x7f00000000c0)={'wlan1\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x800, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0x36, &(0x7f00000004c0)={@random="e904a200", @link_local, @val={@void, {0x8100, 0x0, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x4}}}}}}}, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$key(0xf, 0x3, 0x2)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r6, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7980, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x1, 0x400, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0xc5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xa4e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x808, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x3, 0x0, 0x0, 0x100003, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x10001, 0x0, 0x0, 0xfffffffe, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0xffffff74, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x934a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xf14, 0x0, 0x0, 0x1b19, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x1000000})
r7 = getpgrp(0x0)
setpriority(0x2, r7, 0x1ff)
socket(0x2000000015, 0x80005, 0x0)

4.287456932s ago: executing program 5 (id=4072):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xfffff000}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000) (fail_nth: 6)

4.16510116s ago: executing program 1 (id=4073):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0x402)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
syz_open_procfs$userns(r1, &(0x7f0000000300))
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000002c0), 0x0, 0x2, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x56}, 0xc0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c00044000000000000000011400000011"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYRESOCT=r4, @ANYRESOCT=r0, @ANYRES64], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0)
setsockopt$CAN_RAW_ERR_FILTER(r7, 0x65, 0x2, &(0x7f0000000000)=0xd, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000100)={'vxcan1\x00', <r8=>0x0})
bind$can_raw(r7, &(0x7f0000000380)={0x1d, r8}, 0x10)
close(r7)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000100001000000e3ff000000000000000a84000000060a0b040000000000000000020000092400048020000180080001006c6f67001400028006000140de23a102dd4fbc680003000008000540000000064c0007409d88380d9faee6e0b552b023e1263b78dc929a7c14bc86d57bad7c199e927a9a1fe7e9681783f3bb5c148e754491d4799eda29102f72d6972e35f9348d8619e60701abe5503932de140000001100010000000000000000000200000a"], 0xac}}, 0x0)

3.46815925s ago: executing program 5 (id=4074):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
chdir(&(0x7f0000000100)='./file0\x00')
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={0x40040, 0xd2, 0xf}, 0x18)
unlink(&(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)='grpquota')
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x9, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8, 0x11, 0x1}, @TCA_CAKE_AUTORATE={0x8}]}}]}, 0x44}}, 0x0)
ioctl$XFS_IOC_SCRUBV_METADATA(r0, 0xc0285840, &(0x7f0000000000)={0xd22, 0x200, 0x5, 0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff})
socket$kcm(0x10, 0x2, 0x4)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8b20, &(0x7f0000000080)={'wlan1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}})
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r7, 0xffffffffffffffff, 0x0)

3.467191634s ago: executing program 4 (id=4075):
openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb0100180000000000000002"], 0x0, 0x1a, 0x0, 0x1}, 0x28)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000680), 0x0, 0x8015) (async)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x1) (async)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_ext={0x1c, 0x5, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff}, [@map_idx_val={0x18, 0x1, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f0000000380)='GPL\x00', 0x2, 0xda, &(0x7f0000000680)=""/218, 0x41100, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0xd, 0x0, 0x7}, 0x10, 0x55e1, 0xffffffffffffffff, 0x0, &(0x7f0000000540)=[0x1, 0x1, 0x1, r0], 0x0, 0x10, 0x8}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000640)=r5, 0x4) (async)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x24, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x87d4b69a72310a97) (async)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) (async)
r7 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) (async)
tkill(r7, 0xb)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}}) (async)
connect$llc(0xffffffffffffffff, 0x0, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031, 0x24000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048054}, 0x1000)

3.431984618s ago: executing program 4 (id=4076):
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x1208, 0x90, 0x11, 0x148, 0x90, 0x0, 0x1174, 0x2a8, 0x2a8, 0x1174, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x10c4, 0x10e4, 0x0, {}, [@common=@ttl={{0x24}, {0x2, 0x40}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0xff, 0x0, './cgroup.net/syz0\x00', 0x1, {0x8}}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x1264)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x6}}, 0x14}}, 0x0)
epoll_create(0x7e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xffffffffffffffff, 0x0, 0x0, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
close(0x3)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x1, 0x40, 0x40, 0x41, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000840), &(0x7f00000003c0), 0x1003, r3}, 0x38)

2.307761239s ago: executing program 4 (id=4077):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000a80)=@security={'security\x00', 0x44, 0x4, 0x4ac, 0xffffffff, 0x0, 0x31c, 0x150, 0xffffffff, 0xffffffff, 0x3e4, 0x3e4, 0x3e4, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x7b}}, [0xffffff00, 0xff, 0x0, 0xffffffff], [0xff000000, 0xff000000, 0xffffff00, 0x7e5debfdf7c2f28d], 'nr0\x00', 'batadv_slave_0\x00', {0xff}, {0xff}, 0x3a, 0xf, 0x0, 0x4}, 0x203, 0x12c, 0x150, 0x8502, {}, [@common=@unspec=@connlimit={{0x40}, {[0xffffffff, 0xff000000, 0xff000000, 0xffffffff], 0x0, 0x0, {0x2}}}, @common=@hbh={{0x48}, {0x5, 0x2, 0x1, [0x8007, 0xfffd, 0x8000, 0x9f, 0x8200, 0xb4f3, 0xffff, 0x6, 0x41, 0x7, 0xfffc, 0x6, 0x8, 0x1, 0x8, 0xd], 0x10}}]}, @common=@unspec=@CONNSECMARK={0x24, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xffffffff, 0xffffffff, 0xff000000, 0xffffff00], [0xff, 0x0, 0xffffffff, 0xffffff00], 'macvtap0\x00', 'team_slave_0\x00', {0xff}, {0xff}, 0x89, 0x5, 0x4, 0x20}, 0x0, 0xa4, 0x1cc}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x200000, 'system_u:object_r:modem_device_t:s0\x00'}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@unspec=@CLASSIFY={0x24, 'CLASSIFY\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x508) (fail_nth: 5)

1.515483348s ago: executing program 1 (id=4078):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000a00)={'syz1\x00', {0x6ec9, 0x7, 0x5, 0x5}, 0x3e, [0x9, 0x5, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x8ef7, 0x10000, 0x0, 0x6, 0xf5, 0x5, 0x39, 0x747d5a16, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x4, 0x3, 0x4, 0xf252, 0x1, 0x800, 0x300000, 0x7, 0xe, 0x5, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0xd, 0x3, 0x6, 0x1000, 0x2, 0x200, 0x2, 0x400008, 0x8, 0x4, 0x2, 0x7, 0x40, 0x1009, 0x1, 0x199f, 0x8, 0x2, 0x9, 0x1, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0x7, 0x5], [0x6, 0x1e, 0x3, 0x1, 0xfffffffe, 0x3, 0x0, 0x5, 0x27, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0x1c32, 0x3, 0x9, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x294, 0x9, 0x0, 0x981, 0x4, 0xfd, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0x0, 0x5, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xf6, 0x6, 0x8001, 0xfffffffd, 0x101, 0x0, 0x2, 0x1, 0xc, 0x3, 0x379, 0x9, 0xe, 0x200, 0xb, 0x6, 0x2, 0x400001, 0x3, 0x8, 0x6, 0x200, 0x7], [0x3fd, 0xc584, 0x34711b8a, 0xcd4, 0xffff, 0x20, 0x4, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x7, 0x80000001, 0x8, 0x3, 0x1000, 0x2, 0xe, 0x7, 0xfffffff9, 0xe55, 0x10, 0x80000001, 0x4, 0x4, 0x1000007, 0x9, 0x2, 0x20000005, 0x7d, 0x9, 0xb, 0x47, 0x2, 0x3, 0x4, 0x7, 0x6d7e, 0x3, 0x8, 0x8001, 0xbf23, 0x6, 0x800008, 0x95a, 0xffffffff, 0x4, 0x3, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xea, 0x9, 0x5, 0x2, 0xd9, 0x0, 0x7ff, 0x401, 0x7], [0x108e, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x1, 0x40, 0x2, 0x763, 0xb, 0x8000402, 0x800, 0x2, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x8e8, 0x5, 0x9, 0x4, 0x6f3, 0x4, 0x100, 0x4, 0x200, 0x1000, 0x3b, 0x2, 0x5, 0x800, 0xa809, 0x65f413f9, 0x4, 0x8, 0x8a8, 0x2, 0x40, 0x7, 0x2, 0x4, 0x4, 0x10, 0x0, 0x0, 0x7fff, 0x1, 0xfffffff8, 0x402, 0x1, 0x200, 0x7, 0x4edf, 0xfefffffd, 0x4, 0xe, 0x2, 0xe, 0x11, 0x133, 0x9]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
readv(r0, &(0x7f0000000500)=[{0x0}, {&(0x7f00000003c0)=""/126, 0x7e}], 0x2) (fail_nth: 6)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

1.514964631s ago: executing program 5 (id=4079):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_create1(0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000600)={{&(0x7f00004d9000/0x3000)=nil, 0x3000}})
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x2, 0x13, 0x0, 0xe, 0x2, 0x0, 0x0, 0x25dfdbf8}, 0x10}}, 0x4000050)
sched_setscheduler(0x0, 0x1, &(0x7f0000000640)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x4000010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40046607, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r6, &(0x7f00000005c0), 0x8)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x15, 0x323b, 0x59}, {@remote, 0x4e27, 0x2000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
mount(0x0, 0x0, &(0x7f0000000340)='f2fs\x00', 0x8000, 0x0)
add_key$user(&(0x7f0000000000), 0x0, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)={0x1c, r7, 0x20, 0x70bd2a, 0x25dfdc01, {{}, {@val={0x8, 0x3, r9}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40080c1}, 0x20000080)

1.138635791s ago: executing program 0 (id=4080):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r1 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
ftruncate(r1, 0x1000006)
fcntl$addseals(r1, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000000)={r1, 0x0, 0x0, 0x1000000})
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b04, &(0x7f00000000c0)={'wlan1\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x800, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0x36, &(0x7f00000004c0)={@random="e904a200", @link_local, @val={@void, {0x8100, 0x0, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x4}}}}}}}, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$key(0xf, 0x3, 0x2)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r6, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7980, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x1, 0x400, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0xc5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xa4e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x808, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x3, 0x0, 0x0, 0x100003, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x10001, 0x0, 0x0, 0xfffffffe, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0xffffff74, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x934a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xf14, 0x0, 0x0, 0x1b19, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
sendmsg$tipc(r2, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x1000000})
setpriority(0x2, 0x0, 0x1ff)
socket(0x2000000015, 0x80005, 0x0)

1.138261802s ago: executing program 4 (id=4081):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(0xffffffffffffffff, 0x8982, 0x0)
r0 = socket$inet(0x2, 0x3, 0x30)
getsockopt$inet_mreqsrc(r0, 0x0, 0x53, 0x0, &(0x7f0000000240))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0xa, 0x17, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf090000000000009409010000000281650000000000000018010000646c6c2500000000002020207b9af8ff000000002e9100000000000037010000f8ffffffb702000008000000b70300000000000014000000060000805f93000000000000b5030000000000008500000076000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x15)
writev(r5, 0x0, 0x0)
r6 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r6, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x2, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000000000000070000"], 0x14}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = socket$igmp6(0xa, 0x3, 0x2)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00', <r10=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r9, 0x8916, &(0x7f0000000440)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xa}}, 0x80, r10})
ioctl$sock_inet6_SIOCDIFADDR(r8, 0x8936, &(0x7f0000000140)={@loopback, 0x80, r10})
ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="013301300108"})
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
socket$nl_route(0x10, 0x3, 0x0)

1.071077362s ago: executing program 5 (id=4082):
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e20, 0xfffffffe, @empty, 0x8}}}, 0x108)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
writev(r2, &(0x7f0000000200)=[{&(0x7f00000003c0)='n', 0xfdef}], 0x1)
dup3(0xffffffffffffffff, r2, 0x6700000000000000)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000001c0)=0x2)
socket$netlink(0x10, 0x3, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d0500050002000000050001"], 0x50}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000000706010800000000000000000a0000040500010007000000925c9885fdb7f9fc5a2b3fd8de7cd7331a984e37747c3d3f6f086e6d0f68387d7739718ecfd79786e5fce277c58a3ff7f699de62b2a50f1a71c380ebb15f99858cc86045f5709929197c5728e865add3793ca27c70b34f1345de90a5cd34b4e7f764a010a001e69797ead703711817b0cf2fb1c6473d1cdf9ef8fc2fd8636ae63073a29c90b5f89ca0d76bc42c1573962787c5cbf3ee2ce8d48a9fe9ae8e4b7dfd7dfa696c320d85114cab1ad7689da1289b73f28e218a7acb5d57b70af3d2b6b95f0633b269b0e6d64a4e16a6b295c96bdf493711c2d6eed50906f92504314b12b4719c24ff9c27e0a71232b51316ae4b9c97f78b0e244d6b63591fccb765a9"], 0x1c}, 0x1, 0x0, 0x0, 0x2004c881}, 0x80)

657.997394ms ago: executing program 0 (id=4083):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r1 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
ftruncate(r1, 0x1000006)
fcntl$addseals(r1, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000000)={r1, 0x0, 0x0, 0x1000000})
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b04, &(0x7f00000000c0)={'wlan1\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x800, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0x36, &(0x7f00000004c0)={@random="e904a200", @link_local, @val={@void, {0x8100, 0x0, 0x1, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x4}}}}}}}, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$key(0xf, 0x3, 0x2)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r6, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7980, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x1, 0x400, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0xc5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xa4e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x808, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x3, 0x0, 0x0, 0x100003, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x10001, 0x0, 0x0, 0xfffffffe, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0xffffff74, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x934a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xf14, 0x0, 0x0, 0x1b19, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x1000000})
r7 = getpgrp(0x0)
setpriority(0x2, r7, 0x1ff)
socket(0x2000000015, 0x80005, 0x0)

575.197384ms ago: executing program 1 (id=4084):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000000)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x428})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x80000)
sendmmsg$unix(r3, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x9802}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0)

385.479181ms ago: executing program 0 (id=4085):
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x1208, 0x90, 0x11, 0x148, 0x90, 0x0, 0x1174, 0x2a8, 0x2a8, 0x1174, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x10c4, 0x10e4, 0x0, {}, [@common=@ttl={{0x24}, {0x2, 0x40}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0xff, 0x0, './cgroup.net/syz0\x00', 0x1, {0x8}}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x1264)
socket$nl_generic(0x10, 0x3, 0x10)
setrlimit(0x0, &(0x7f0000000040)={0x1, 0x7fffffff})
epoll_create(0x7e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xffffffffffffffff, 0x0, 0x0, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
close(0x3)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x1, 0x40, 0x40, 0x41, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000840), &(0x7f00000003c0), 0x1003, r2}, 0x38)

6.365582ms ago: executing program 5 (id=4086):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x5, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x48978, 0x61005}, [@IFLA_IFNAME={0x14, 0x3, 'veth1_to_hsr\x00'}, @IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xb, {0x80000001, 0x8bef}}]}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40801}, 0x4048040)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x74}}, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000180)=0x7, 0x4)
syz_open_dev$loop(&(0x7f0000000080), 0x9, 0x32fa43)
sendmmsg(r1, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000ac0)='<', 0x1}], 0x1}}], 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x8000, 0x103)
mount$cgroup(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x0, &(0x7f0000000040)={[{@name={'name', 0x3d, 'user_.'}}, {@name={'name', 0x3d, 'user_.'}}]})
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0400000000000000410c460003b689be35ab9dcb3fb4be8876262f28be5c73707501d5cab12305693ec16e1756d7705d831847ed54379dc27992178d4e38cc3798e4d2dea685a6a3affb853bbd7172d8f398d50b0c86cc2f38412d9efb61f90ff06010e820ba8b5629330866f6296b605947c663681170666b3d751f5c36723328e3a2ff4315db6f0c1142380d0000000000003602ba775243e8895ff577fabfb2c06b4c7bd1cabb2cead8e67892966e83b4a498", @ANYRES16=r5, @ANYBLOB="01002bbd7000030000000100000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x4048c54}, 0x10)

0s ago: executing program 0 (id=4087):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
chdir(&(0x7f0000000100)='./file0\x00')
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={0x40040, 0xd2, 0xf}, 0x18)
unlink(&(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)='grpquota')
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x9, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8, 0x11, 0x1}, @TCA_CAKE_AUTORATE={0x8}]}}]}, 0x44}}, 0x0)
ioctl$XFS_IOC_SCRUBV_METADATA(r0, 0xc0285840, &(0x7f0000000000)={0xd22, 0x200, 0x5, 0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff})
socket$kcm(0x10, 0x2, 0x4)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8b20, &(0x7f0000000080)={'wlan1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}})
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r7, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

  T34] imon_raw 9-1:0.0: IR endpoint missing
[  761.803154][T17746] 8021q: adding VLAN 0 to HW filter on device bond0
[  761.806418][T17746] 8021q: adding VLAN 0 to HW filter on device team0
[  761.811927][T17746] 8021q: adding VLAN 0 to HW filter on device batadv0
[  761.873502][T17746] batman_adv: batadv0: Interface activated: batadv_slave_0
[  761.877257][T17746] batman_adv: batadv0: Interface activated: batadv_slave_1
[  761.883001][T17746] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  761.887361][T17746] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  761.906436][T17746] veth1_macvtap: left promiscuous mode
[  761.909120][T17746] veth0_macvtap: left promiscuous mode
[  761.911483][T17746] veth0_macvtap: entered promiscuous mode
[  761.914856][T17746] veth1_macvtap: entered promiscuous mode
[  761.921164][T17746] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  761.925223][T17746] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  761.929695][T17746] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  761.932941][T17746] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  761.938622][T17746] A link change request failed with some changes committed already. Interface syzkaller0 may have been left with an inconsistent configuration, please check.
[  761.946789][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[  761.949063][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[  761.956611][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[  761.958894][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[  761.987173][ T1187] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  762.002774][ T1187] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  762.005754][ T1187] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  762.015689][ T1187] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  762.989043][  T666] usb 9-1: USB disconnect, device number 48
[  763.065285][T17765] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3531'.
[  763.190426][T17772] netlink: 'syz.4.3533': attribute type 39 has an invalid length.
[  763.567097][ T1434] ieee802154 phy1 wpan1: encryption failed: -22
[  764.091569][T17787] smc: net device vcan0 applied user defined pnetid SYZ1
[  764.224543][T17789] i2c i2c-1: dtv_property_process_set: SET cmd 0xeb600806 undefined
[  765.209471][ T5616] usb 10-1: new full-speed USB device number 76 using dummy_hcd
[  765.285096][ T5761] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  765.366261][ T5616] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  765.373508][ T5616] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  765.381440][ T5616] usb 10-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e
[  765.385649][ T5616] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  765.388245][ T5616] usb 10-1: Product: syz
[  765.389657][ T5616] usb 10-1: Manufacturer: syz
[  765.391226][ T5616] usb 10-1: SerialNumber: syz
[  765.396338][ T5616] usb 10-1: config 0 descriptor??
[  765.399982][ T5616] hub 10-1:0.0: bad descriptor, ignoring hub
[  765.402083][ T5616] hub 10-1:0.0: probe with driver hub failed with error -5
[  765.406292][ T5616] input: syz syz as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input160
[  765.796213][T17830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3551'.
[  765.835103][    T9] usb 10-1: USB disconnect, device number 76
[  765.849560][T17834] overlayfs: failed to clone upperpath
[  766.712629][T17856] binder: 17853:17856 ioctl c0285840 80000000 returned -22
[  766.844493][    T9] usb 10-1: new high-speed USB device number 77 using dummy_hcd
[  767.006179][    T9] usb 10-1: Using ep0 maxpacket: 8
[  767.010437][    T9] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  767.015509][    T9] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  767.019891][    T9] usb 10-1: config 0 interface 0 has no altsetting 0
[  767.022789][    T9] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  767.027292][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.033024][    T9] usb 10-1: config 0 descriptor??
[  767.734490][    T9] hid_parser_main: 5 callbacks suppressed
[  767.734504][    T9] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  767.741146][    T9] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  767.743512][    T9] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  767.746586][    T9] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  767.749573][    T9] mcp2221 0003:04D8:00DD.0012: unknown main item tag 0x0
[  767.752577][    T9] mcp2221 0003:04D8:00DD.0012: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  767.913553][T17874] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3563'.
[  767.942662][    T9] usb 10-1: USB disconnect, device number 77
[  768.293563][T17889] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3567'.
[  768.430161][T17891] overlayfs: failed to resolve './bus': -2
[  768.874050][T16643] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  768.994107][ T5761] Bluetooth: hci1: unexpected event 0x18 length: 247 > 23
[  769.134376][T16643] usb 6-1: Using ep0 maxpacket: 32
[  769.155677][T16643] usb 6-1: config 0 has an invalid interface number: 119 but max is 0
[  769.159166][T16643] usb 6-1: config 0 has no interface number 0
[  769.162048][T16643] usb 6-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  769.167912][T16643] usb 6-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  769.174804][T16643] usb 6-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  769.180761][T16643] usb 6-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  769.192458][T16643] usb 6-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  769.196913][T16643] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  769.200999][T16643] usb 6-1: Product: syz
[  769.205439][T16643] usb 6-1: Manufacturer: syz
[  769.209163][T16643] usb 6-1: SerialNumber: syz
[  769.221469][T16643] usb 6-1: config 0 descriptor??
[  769.229432][T17897] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  769.242684][T16643] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.119/input/input161
[  769.311506][T17916] netlink: 'syz.0.3577': attribute type 1 has an invalid length.
[  769.372389][T17916] 8021q: adding VLAN 0 to HW filter on device bond2
[  769.506702][T17916] bond2: (slave geneve2): making interface the new active one
[  769.521963][T17916] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  771.474184][ T5616] usb 10-1: new high-speed USB device number 79 using dummy_hcd
[  771.498682][ T5761] Bluetooth: hci1: unexpected event for opcode 0x203d
[  771.624097][ T5616] usb 10-1: Using ep0 maxpacket: 32
[  771.628460][ T5616] usb 10-1: config 0 has an invalid interface number: 119 but max is 0
[  771.632028][ T5616] usb 10-1: config 0 has no interface number 0
[  771.635005][ T5616] usb 10-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  771.640008][ T5616] usb 10-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  771.645351][ T5616] usb 10-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  771.649171][ T5616] usb 10-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  771.650171][T17951] vxcan1: entered allmulticast mode
[  771.657305][ T5616] usb 10-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  771.661298][ T5616] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.667006][ T5616] usb 10-1: Product: syz
[  771.668617][ T5616] usb 10-1: Manufacturer: syz
[  771.672697][ T5616] usb 10-1: SerialNumber: syz
[  771.676615][ T5616] usb 10-1: config 0 descriptor??
[  771.680803][T17940] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  771.686582][ T5616] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.119/input/input162
[  771.896775][ T5761] Bluetooth: hci1: unexpected event 0x18 length: 247 > 23
[  772.175068][  T666] usb 6-1: USB disconnect, device number 54
[  772.175072][    C0] bcm5974 6-1:0.119: trackpad urb failed: -19
[  772.637521][  T666] usb 10-1: USB disconnect, device number 79
[  772.857237][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  772.857248][   T40] audit: type=1326 audit(1778462543.091:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.872962][   T40] audit: type=1326 audit(1778462543.101:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.880459][   T40] audit: type=1326 audit(1778462543.101:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.885871][T17971] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  772.887646][   T40] audit: type=1326 audit(1778462543.101:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.897927][   T40] audit: type=1326 audit(1778462543.101:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf712616b code=0x7ffc0000
[  772.905564][   T40] audit: type=1326 audit(1778462543.101:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.912959][   T40] audit: type=1326 audit(1778462543.101:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.921727][   T40] audit: type=1326 audit(1778462543.101:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.929564][   T40] audit: type=1326 audit(1778462543.101:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.937846][   T40] audit: type=1326 audit(1778462543.101:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17967 comm="syz.4.3591" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  772.950187][T17969] pim6reg: entered allmulticast mode
[  772.996857][T17969] pim6reg: left allmulticast mode
[  773.143996][  T666] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  773.294207][  T666] usb 6-1: Using ep0 maxpacket: 8
[  773.302317][  T666] usb 6-1: config 0 has an invalid descriptor of length 103, skipping remainder of the config
[  773.307890][  T666] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  773.318969][  T666] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 46, changing to 9
[  773.402054][  T666] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8762, setting to 1024
[  773.403700][T17981] overlayfs: failed to clone lowerpath
[  773.413812][  T666] usb 6-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  773.416612][  T666] usb 6-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  773.418906][  T666] usb 6-1: Product: syz
[  773.420099][  T666] usb 6-1: Manufacturer: syz
[  773.421427][  T666] usb 6-1: SerialNumber: syz
[  773.424670][  T666] usb 6-1: config 0 descriptor??
[  773.484009][  T666] rc_core: IR keymap rc-imon-rsc not found
[  773.487418][  T666] Registered IR keymap rc-empty
[  773.490991][  T666] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  773.496892][  T666] input: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input163
[  773.570557][T17990] netlink: 196 bytes leftover after parsing attributes in process `syz.5.3596'.
[  774.255578][T17999] netlink: 'syz.5.3598': attribute type 39 has an invalid length.
[  774.449258][T18004] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3600'.
[  774.474088][T18001] binder: 17998:18001 ioctl c0285840 80000000 returned -22
[  775.262469][T18011] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3604'.
[  775.268285][T18011] fuse: fd is not a fuse device
[  775.270630][ T5761] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  775.327711][T18015] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3603'.
[  775.434039][T18025] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3603'.
[  775.566559][ T5761] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  775.572396][ T5761] Bluetooth: hci1: Injecting HCI hardware error event
[  775.579542][T12488] Bluetooth: hci1: hardware error 0x00
[  776.028861][ T5616] usb 6-1: USB disconnect, device number 55
[  776.679045][T18052] binder: 18049:18052 ioctl c0285840 80000000 returned -22
[  776.840525][ T5761] Bluetooth: hci1: unexpected event for opcode 0x2041
[  777.654258][T12488] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  777.692754][T18067] Set syz1 is full, maxelem 65536 reached
[  777.840679][T18072] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  777.924439][T16643] usb 9-1: new high-speed USB device number 49 using dummy_hcd
[  778.086284][T16643] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  778.090115][T16643] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.093443][T16643] usb 9-1: Product: syz
[  778.096043][T16643] usb 9-1: Manufacturer: syz
[  778.098292][T16643] usb 9-1: SerialNumber: syz
[  778.104180][   T34] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  778.107176][T16643] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  778.150649][    T9] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  778.264030][   T34] usb 6-1: Using ep0 maxpacket: 8
[  778.270109][   T34] usb 6-1: config 0 has an invalid descriptor of length 103, skipping remainder of the config
[  778.283978][   T34] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  778.287718][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 46, changing to 9
[  778.291822][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8762, setting to 1024
[  778.297936][   T34] usb 6-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  778.303167][   T34] usb 6-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  778.308903][   T34] usb 6-1: Product: syz
[  778.310734][   T34] usb 6-1: Manufacturer: syz
[  778.314950][   T34] usb 6-1: SerialNumber: syz
[  778.321247][   T34] usb 6-1: config 0 descriptor??
[  778.384035][   T34] rc_core: IR keymap rc-imon-rsc not found
[  778.386560][   T34] Registered IR keymap rc-empty
[  778.389491][   T34] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  778.395390][   T34] input: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input165
[  778.590308][T16643] usb 9-1: USB disconnect, device number 49
[  779.404343][    T9] usb 9-1: Service connection timeout for: 256
[  779.409485][    T9] ath9k_htc 9-1:1.0: ath9k_htc: Unable to initialize HTC services
[  779.415933][    T9] ath9k_htc: Failed to initialize the device
[  779.425999][T16643] usb 9-1: ath9k_htc: USB layer deinitialized
[  780.693203][T12488] Bluetooth: hci2: unexpected event 0x18 length: 247 > 23
[  780.853389][ T5616] usb 6-1: USB disconnect, device number 56
[  780.890225][T18110] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3630'.
[  781.871147][T18131] netlink: 196 bytes leftover after parsing attributes in process `syz.1.3632'.
[  782.536158][T12488] Bluetooth: hci2: unexpected event 0x18 length: 247 > 23
[  782.546182][T18146] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3638'.
[  782.555168][T18146] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  782.606581][T18146] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3638'.
[  782.765080][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  783.370095][T18164] netlink: 196 bytes leftover after parsing attributes in process `syz.4.3641'.
[  784.101298][   T40] kauditd_printk_skb: 37 callbacks suppressed
[  784.101310][   T40] audit: type=1326 audit(1778462554.331:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.4.3650" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6feefcc code=0x0
[  785.525080][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  785.697877][T18212] netlink: 196 bytes leftover after parsing attributes in process `syz.5.3659'.
[  785.914043][    T9] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[  786.084742][    T9] usb 6-1: Using ep0 maxpacket: 32
[  786.090438][    T9] usb 6-1: config 0 has an invalid interface number: 119 but max is 0
[  786.094988][    T9] usb 6-1: config 0 has no interface number 0
[  786.100393][    T9] usb 6-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  786.106035][    T9] usb 6-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  786.111021][    T9] usb 6-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  786.115434][    T9] usb 6-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  786.123708][    T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  786.130257][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.133732][    T9] usb 6-1: Product: syz
[  786.135869][    T9] usb 6-1: Manufacturer: syz
[  786.137920][    T9] usb 6-1: SerialNumber: syz
[  786.142817][    T9] usb 6-1: config 0 descriptor??
[  786.146471][T18211] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  786.156854][    T9] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.119/input/input167
[  786.593189][T18223] netlink: 'syz.0.3663': attribute type 1 has an invalid length.
[  786.649174][T18225] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3663'.
[  786.976259][T18235] nfs: Unknown parameter 'nointd'
[  786.979641][T18235] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3667'.
[  787.006877][T18235] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3667'.
[  787.198084][T18244] netlink: 196 bytes leftover after parsing attributes in process `syz.5.3669'.
[  787.645236][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  787.858528][  T666] usb 6-1: USB disconnect, device number 57
[  788.350994][T18260] sit1: left allmulticast mode
[  788.574010][  T666] usb 9-1: new high-speed USB device number 50 using dummy_hcd
[  788.608865][T18279] netlink: 196 bytes leftover after parsing attributes in process `syz.1.3680'.
[  788.724443][  T666] usb 9-1: Using ep0 maxpacket: 8
[  788.728330][  T666] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  788.731420][  T666] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  788.735758][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  788.739385][  T666] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  788.743299][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  788.746916][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  788.750561][  T666] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  788.754838][  T666] usb 9-1: config 168 interface 0 has no altsetting 0
[  788.757814][  T666] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  788.760247][  T666] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  788.763771][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  788.767504][  T666] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  788.771251][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  788.774830][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  788.778604][  T666] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  788.782914][  T666] usb 9-1: config 168 interface 0 has no altsetting 0
[  788.786639][  T666] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  788.789188][  T666] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  788.792735][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  788.796519][  T666] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  788.800497][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  788.805151][  T666] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  788.809732][  T666] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  788.814057][  T666] usb 9-1: config 168 interface 0 has no altsetting 0
[  788.818608][  T666] usb 9-1: string descriptor 0 read error: -22
[  788.820721][  T666] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  788.823590][  T666] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  788.832816][  T666] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  789.051653][T18286] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  789.061837][T18286] tipc: Resetting bearer <eth:syzkaller0>
[  789.079894][T18285] tipc: Disabling bearer <eth:syzkaller0>
[  789.185812][T14546] usb 9-1: USB disconnect, device number 50
[  789.482826][T12488] Bluetooth: hci2: unexpected event 0x18 length: 247 > 23
[  790.339885][T18319] FAULT_INJECTION: forcing a failure.
[  790.339885][T18319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  790.346764][T18319] CPU: 3 UID: 0 PID: 18319 Comm: syz.4.3693 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  790.346783][T18319] Tainted: [L]=SOFTLOCKUP
[  790.346788][T18319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  790.346794][T18319] Call Trace:
[  790.346799][T18319]  <TASK>
[  790.346803][T18319]  dump_stack_lvl+0x100/0x190
[  790.346820][T18319]  should_fail_ex.cold+0x5/0xa
[  790.346834][T18319]  _copy_from_user+0x2e/0xd0
[  790.346846][T18319]  get_compat_msghdr+0xb3/0x4b0
[  790.346860][T18319]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  790.346876][T18319]  ? __pfx_get_compat_msghdr+0x10/0x10
[  790.346892][T18319]  ? do_raw_spin_lock+0x128/0x260
[  790.346906][T18319]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  790.346926][T18319]  ___sys_sendmsg+0x1b6/0x1e0
[  790.346944][T18319]  ? __pfx____sys_sendmsg+0x10/0x10
[  790.346961][T18319]  ? hrtimer_start_range_ns+0x860/0x1a50
[  790.346981][T18319]  ? find_held_lock+0x2b/0x80
[  790.347004][T18319]  __sys_sendmsg+0x170/0x220
[  790.347016][T18319]  ? __pfx___sys_sendmsg+0x10/0x10
[  790.347038][T18319]  ? rcu_is_watching+0x12/0xc0
[  790.347053][T18319]  __do_fast_syscall_32+0xe7/0x950
[  790.347070][T18319]  ? lockdep_hardirqs_on+0x78/0x100
[  790.347087][T18319]  do_fast_syscall_32+0x32/0x70
[  790.347105][T18319]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  790.347120][T18319] RIP: 0023:0xf6feefcc
[  790.347130][T18319] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  790.347141][T18319] RSP: 002b:00000000f53bc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  790.347152][T18319] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  790.347159][T18319] RDX: 0000000000040014 RSI: 0000000000000000 RDI: 0000000000000000
[  790.347166][T18319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  790.347172][T18319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  790.347182][T18319] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  790.347196][T18319]  </TASK>
[  790.959916][T18324] 9pnet_virtio: no channels available for device syz
[  790.973466][T18324] netlink: 400 bytes leftover after parsing attributes in process `syz.1.3695'.
[  791.362411][T18328] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3697'.
[  791.372796][T18328] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3697'.
[  791.548555][T18331] netlink: 400 bytes leftover after parsing attributes in process `syz.5.3698'.
[  791.900261][T18340] x_tables: duplicate underflow at hook 1
[  791.934901][T18340] bridge0: port 3(vlan2) entered disabled state
[  791.937107][T18340] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.939715][T18340] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.030780][T18340] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  792.041464][T18340] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  792.140060][   T75] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  792.143143][   T75] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  792.149950][   T75] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  792.155112][   T75] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  792.666332][T18355] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3705'.
[  792.850327][T18363] FAULT_INJECTION: forcing a failure.
[  792.850327][T18363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  792.857415][T18363] CPU: 3 UID: 0 PID: 18363 Comm: syz.4.3709 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  792.857444][T18363] Tainted: [L]=SOFTLOCKUP
[  792.857452][T18363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  792.857463][T18363] Call Trace:
[  792.857469][T18363]  <TASK>
[  792.857478][T18363]  dump_stack_lvl+0x100/0x190
[  792.857506][T18363]  should_fail_ex.cold+0x5/0xa
[  792.857531][T18363]  _copy_to_user+0x32/0xd0
[  792.857553][T18363]  simple_read_from_buffer+0xcb/0x170
[  792.857578][T18363]  proc_fail_nth_read+0x1af/0x230
[  792.857630][T18363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  792.857661][T18363]  ? rw_verify_area+0xce/0x6d0
[  792.857682][T18363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  792.857710][T18363]  vfs_read+0x1e4/0xb30
[  792.857735][T18363]  ? __pfx_vfs_read+0x10/0x10
[  792.857756][T18363]  ? find_held_lock+0x2b/0x80
[  792.857781][T18363]  ? __fget_files+0x215/0x3d0
[  792.857808][T18363]  ? __fget_files+0x21f/0x3d0
[  792.857834][T18363]  ksys_read+0x12a/0x250
[  792.857852][T18363]  ? __pfx_ksys_read+0x10/0x10
[  792.857871][T18363]  ? rcu_is_watching+0x12/0xc0
[  792.857890][T18363]  ? rcu_is_watching+0x12/0xc0
[  792.857913][T18363]  do_int80_emulation+0x141/0x700
[  792.857946][T18363]  asm_int80_emulation+0x1a/0x20
[  792.857965][T18363] RIP: 0023:0xf712616b
[  792.857981][T18363] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  792.857999][T18363] RSP: 002b:00000000f53dd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  792.858018][T18363] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53dd5d0
[  792.858030][T18363] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  792.858041][T18363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  792.858051][T18363] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  792.858063][T18363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  792.858087][T18363]  </TASK>
[  792.979482][T18369] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3711'.
[  793.112398][T18376] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3714'.
[  793.352941][T18389] x_tables: duplicate underflow at hook 2
[  793.372365][T18389] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  793.564791][   T24] usb 10-1: new high-speed USB device number 80 using dummy_hcd
[  793.714153][   T24] usb 10-1: Using ep0 maxpacket: 8
[  793.717665][   T24] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  793.721816][   T24] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  793.725777][   T24] usb 10-1: config 0 interface 0 has no altsetting 0
[  793.728171][   T24] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  793.731584][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.739284][   T24] usb 10-1: config 0 descriptor??
[  795.029376][   T24] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0
[  795.035553][   T24] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0
[  795.039497][   T24] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0
[  795.042559][   T24] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0
[  795.046058][   T24] mcp2221 0003:04D8:00DD.0013: unknown main item tag 0x0
[  795.049125][   T24] mcp2221 0003:04D8:00DD.0013: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  795.234757][   T34] usb 10-1: USB disconnect, device number 80
[  795.342638][T18408] FAULT_INJECTION: forcing a failure.
[  795.342638][T18408] name failslab, interval 1, probability 0, space 0, times 0
[  795.348049][T18408] CPU: 2 UID: 0 PID: 18408 Comm: syz.4.3725 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  795.348077][T18408] Tainted: [L]=SOFTLOCKUP
[  795.348083][T18408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  795.348094][T18408] Call Trace:
[  795.348101][T18408]  <TASK>
[  795.348109][T18408]  dump_stack_lvl+0x100/0x190
[  795.348133][T18408]  should_fail_ex.cold+0x5/0xa
[  795.348155][T18408]  ? tomoyo_realpath_from_path+0xb6/0x690
[  795.348176][T18408]  should_failslab+0xc2/0x120
[  795.348198][T18408]  __kmalloc_noprof+0xe0/0x850
[  795.348214][T18408]  ? kfree+0x1dd/0x6c0
[  795.348241][T18408]  tomoyo_realpath_from_path+0xb6/0x690
[  795.348269][T18408]  tomoyo_path_perm+0x276/0x460
[  795.348284][T18408]  ? tomoyo_path_perm+0x262/0x460
[  795.348303][T18408]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  795.348333][T18408]  ? __pfx___schedule+0x10/0x10
[  795.348377][T18408]  tomoyo_sb_umount+0x8c/0xd0
[  795.348399][T18408]  ? __pfx_tomoyo_sb_umount+0x10/0x10
[  795.348428][T18408]  security_sb_umount+0xc4/0x210
[  795.348454][T18408]  path_umount+0x328/0x1260
[  795.348479][T18408]  ? putname+0xb1/0x110
[  795.348503][T18408]  ? __pfx_path_umount+0x10/0x10
[  795.348524][T18408]  ? putname+0xb6/0x110
[  795.348564][T18408]  __ia32_sys_umount+0x169/0x190
[  795.348587][T18408]  ? __pfx___ia32_sys_umount+0x10/0x10
[  795.348611][T18408]  ? rcu_is_watching+0x12/0xc0
[  795.348634][T18408]  __do_fast_syscall_32+0xe7/0x950
[  795.348659][T18408]  ? lockdep_hardirqs_on+0x78/0x100
[  795.348685][T18408]  do_fast_syscall_32+0x32/0x70
[  795.348711][T18408]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  795.348733][T18408] RIP: 0023:0xf6feefcc
[  795.348747][T18408] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  795.348762][T18408] RSP: 002b:00000000f53bc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000034
[  795.348779][T18408] RAX: ffffffffffffffda RBX: 00000000800002c0 RCX: 0000000000000009
[  795.348790][T18408] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  795.348800][T18408] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  795.348815][T18408] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  795.348825][T18408] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  795.348849][T18408]  </TASK>
[  795.348909][T18408] ERROR: Out of memory at tomoyo_realpath_from_path.
[  795.909113][T18421] overlayfs: failed lookup in lower (newroot/123, name='file0', err=-40): overlapping layers
[  797.268991][T18449] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3738'.
[  797.283432][T18449] fuse: Unknown parameter ''
[  797.418303][T18460] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3742'.
[  797.714035][   T24] usb 10-1: new high-speed USB device number 81 using dummy_hcd
[  797.864196][   T24] usb 10-1: Using ep0 maxpacket: 32
[  797.870529][   T24] usb 10-1: config 0 has an invalid interface number: 119 but max is 0
[  797.873603][   T24] usb 10-1: config 0 has no interface number 0
[  797.876022][   T24] usb 10-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  797.882502][   T24] usb 10-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  797.888003][   T24] usb 10-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  797.896526][   T24] usb 10-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  797.905419][   T24] usb 10-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  797.909321][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.916937][   T24] usb 10-1: Product: syz
[  797.918528][   T24] usb 10-1: Manufacturer: syz
[  797.922465][   T24] usb 10-1: SerialNumber: syz
[  797.930815][   T24] usb 10-1: config 0 descriptor??
[  797.933344][T18464] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  797.939566][   T24] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.119/input/input171
[  798.137874][T18471] Set syz1 is full, maxelem 65536 reached
[  798.285146][T18478] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  798.544133][T17752] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[  798.704535][   T34] usb 9-1: new high-speed USB device number 51 using dummy_hcd
[  798.714325][T17752] usb 6-1: Using ep0 maxpacket: 8
[  798.717998][T17752] usb 6-1: config 0 has an invalid descriptor of length 103, skipping remainder of the config
[  798.722291][T17752] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  798.727092][T17752] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 46, changing to 9
[  798.731465][T17752] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8894, setting to 1024
[  798.738242][T17752] usb 6-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  798.741974][T17752] usb 6-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  798.745368][T17752] usb 6-1: Product: syz
[  798.747107][T17752] usb 6-1: Manufacturer: syz
[  798.749052][T17752] usb 6-1: SerialNumber: syz
[  798.753376][T17752] usb 6-1: config 0 descriptor??
[  798.824072][T17752] rc_core: IR keymap rc-imon-rsc not found
[  798.826648][T17752] Registered IR keymap rc-empty
[  798.829674][T17752] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  798.835536][T17752] input: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input172
[  798.864202][   T34] usb 9-1: Using ep0 maxpacket: 16
[  798.869063][   T34] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  798.873838][   T34] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[  798.877978][   T34] usb 9-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  798.882359][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.891514][   T34] usb 9-1: config 0 descriptor??
[  798.909788][   T34] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  798.912401][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  798.920722][   T34] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  798.927585][   T34] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  798.929955][   T34] usb 9-1: media controller created
[  798.939626][   T34] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  798.951912][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  798.953978][   T34] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  798.958234][   T34] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input173
[  798.965280][   T34] dvb-usb: schedule remote query interval to 150 msecs.
[  798.968398][   T34] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  799.124044][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  799.126025][   T34] dvb-usb: error while querying for an remote control event.
[  799.283990][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  799.285915][   T34] dvb-usb: error while querying for an remote control event.
[  799.454021][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  799.455933][   T34] dvb-usb: error while querying for an remote control event.
[  799.615751][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  799.617652][   T34] dvb-usb: error while querying for an remote control event.
[  799.774409][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  799.776976][   T34] dvb-usb: error while querying for an remote control event.
[  799.934049][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  799.936659][   T34] dvb-usb: error while querying for an remote control event.
[  800.096216][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  800.098207][   T34] dvb-usb: error while querying for an remote control event.
[  800.264143][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  800.266555][   T34] dvb-usb: error while querying for an remote control event.
[  800.407205][  T666] usb 10-1: USB disconnect, device number 81
[  800.407345][    C2] bcm5974 10-1:0.119: trackpad urb failed: -19
[  800.434318][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  800.436789][   T34] dvb-usb: error while querying for an remote control event.
[  800.603997][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  800.605919][   T34] dvb-usb: error while querying for an remote control event.
[  800.774433][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  800.776648][   T34] dvb-usb: error while querying for an remote control event.
[  800.944021][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  800.946025][   T34] dvb-usb: error while querying for an remote control event.
[  801.026833][   T40] audit: type=1326 audit(1778462571.261:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.034600][   T40] audit: type=1326 audit(1778462571.261:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.041457][   T40] audit: type=1326 audit(1778462571.261:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.048923][   T40] audit: type=1326 audit(1778462571.271:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.056487][   T40] audit: type=1326 audit(1778462571.271:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.062382][T18507] syzkaller1: entered promiscuous mode
[  801.067360][T18507] syzkaller1: entered allmulticast mode
[  801.071404][   T40] audit: type=1326 audit(1778462571.301:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.078352][   T40] audit: type=1326 audit(1778462571.301:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.087281][   T40] audit: type=1326 audit(1778462571.301:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.097452][   T40] audit: type=1326 audit(1778462571.301:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.104226][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  801.106525][   T40] audit: type=1326 audit(1778462571.301:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.5.3756" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94fcc code=0x7ffc0000
[  801.122283][   T34] dvb-usb: error while querying for an remote control event.
[  801.221064][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  801.250723][T18516] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3759'.
[  801.274109][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  801.276870][   T34] dvb-usb: error while querying for an remote control event.
[  801.294968][   T24] usb 6-1: USB disconnect, device number 58
[  801.309847][T18517] xt_cgroup: xt_cgroup: no path or classid specified
[  801.418326][T18516] raw_sendmsg: syz.5.3759 forgot to set AF_INET. Fix it!
[  801.444329][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  801.452661][   T34] dvb-usb: error while querying for an remote control event.
[  801.457222][T18528] netlink: 'syz.1.3761': attribute type 39 has an invalid length.
[  801.471785][  T666] usb 9-1: USB disconnect, device number 51
[  801.551281][  T666] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  801.747918][T18536] binder: 18527:18536 ioctl c0285840 80000000 returned -22
[  802.054107][   T34] usb 10-1: new high-speed USB device number 82 using dummy_hcd
[  802.215074][   T34] usb 10-1: Using ep0 maxpacket: 32
[  802.220243][   T34] usb 10-1: config 0 has an invalid interface number: 119 but max is 0
[  802.224688][   T34] usb 10-1: config 0 has no interface number 0
[  802.227360][   T34] usb 10-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  802.231089][   T34] usb 10-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  802.236432][   T34] usb 10-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  802.240437][   T34] usb 10-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  802.247609][   T34] usb 10-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  802.251316][   T34] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  802.254598][   T34] usb 10-1: Product: syz
[  802.256453][   T34] usb 10-1: Manufacturer: syz
[  802.258468][   T34] usb 10-1: SerialNumber: syz
[  802.261728][   T34] usb 10-1: config 0 descriptor??
[  802.267040][T18540] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  802.272820][   T34] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.119/input/input175
[  803.015737][T18561] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  803.345772][T18572] tipc: Started in network mode
[  803.347674][T18572] tipc: Node identity da17ed61803b, cluster identity 4711
[  803.350232][T18572] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  803.362831][T18572] syzkaller0: entered promiscuous mode
[  803.365093][T18572] syzkaller0: entered allmulticast mode
[  803.374974][T18572] tipc: Resetting bearer <eth:syzkaller0>
[  803.379121][T18571] tipc: Resetting bearer <eth:syzkaller0>
[  803.393848][T18571] tipc: Disabling bearer <eth:syzkaller0>
[  804.051245][T17752] libceph: connect (1)[c::]:6789 error -101
[  804.054149][T17752] libceph: mon0 (1)[c::]:6789 connect error
[  804.154149][   T34] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  804.186481][    C3] bcm5974 10-1:0.119: trackpad urb failed: -1
[  804.190534][  T666] usb 10-1: USB disconnect, device number 82
[  804.325738][T17752] libceph: connect (1)[c::]:6789 error -101
[  804.328057][T17752] libceph: mon0 (1)[c::]:6789 connect error
[  804.330666][   T34] usb 6-1: Using ep0 maxpacket: 32
[  804.333671][   T34] usb 6-1: config 0 has an invalid descriptor of length 131, skipping remainder of the config
[  804.337273][   T34] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  804.341800][   T34] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid maxpacket 26472, setting to 1024
[  804.346493][   T34] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  804.351642][   T34] usb 6-1: config 0 interface 0 has no altsetting 0
[  804.354605][   T34] usb 6-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  804.358091][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  804.365314][   T34] usb 6-1: config 0 descriptor??
[  804.370896][T18583] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  804.579415][   T34] usbhid 6-1:0.0: can't add hid device: -71
[  804.585755][   T34] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  804.591259][   T34] usb 6-1: USB disconnect, device number 59
[  804.635221][T18601] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  804.766361][T18588] ceph: No mds server is up or the cluster is laggy
[  804.834214][   T34] libceph: connect (1)[c::]:6789 error -101
[  804.839117][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  804.920424][T18608] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3789'.
[  804.964000][T18612] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  805.009939][T18616] netlink: 'syz.5.3791': attribute type 39 has an invalid length.
[  805.093677][T18618] binder: 18615:18618 ioctl c0285840 80000000 returned -22
[  805.305937][T18623] netlink: 'syz.0.3793': attribute type 39 has an invalid length.
[  805.401298][T18625] FAULT_INJECTION: forcing a failure.
[  805.401298][T18625] name failslab, interval 1, probability 0, space 0, times 0
[  805.408859][T18625] CPU: 3 UID: 0 PID: 18625 Comm: syz.1.3794 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  805.408890][T18625] Tainted: [L]=SOFTLOCKUP
[  805.408897][T18625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  805.408907][T18625] Call Trace:
[  805.408914][T18625]  <TASK>
[  805.408921][T18625]  dump_stack_lvl+0x100/0x190
[  805.408953][T18625]  should_fail_ex.cold+0x5/0xa
[  805.408978][T18625]  ? drm_atomic_state_init+0x190/0x490
[  805.409004][T18625]  should_failslab+0xc2/0x120
[  805.409027][T18625]  __kmalloc_noprof+0xe0/0x850
[  805.409051][T18625]  drm_atomic_state_init+0x190/0x490
[  805.409076][T18625]  ? kasan_save_track+0x14/0x30
[  805.409097][T18625]  drm_atomic_state_alloc+0xd3/0x120
[  805.409123][T18625]  drm_mode_atomic_ioctl+0x395/0x2680
[  805.409149][T18625]  ? __ia32_compat_sys_ioctl+0xc2/0x360
[  805.409168][T18625]  ? do_fast_syscall_32+0x32/0x70
[  805.409195][T18625]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  805.409231][T18625]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  805.409258][T18625]  ? __lock_acquire+0x4a5/0x2630
[  805.409291][T18625]  ? drm_is_current_master+0x2c/0x40
[  805.409317][T18625]  ? drm_is_current_master+0x2c/0x40
[  805.409346][T18625]  ? do_raw_spin_unlock+0x145/0x1e0
[  805.409370][T18625]  drm_ioctl_kernel+0x1f3/0x3e0
[  805.409394][T18625]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  805.409445][T18625]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  805.409477][T18625]  drm_ioctl+0x5e6/0xc60
[  805.409506][T18625]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  805.409534][T18625]  ? __pfx_drm_ioctl+0x10/0x10
[  805.409577][T18625]  drm_compat_ioctl+0x386/0x4c0
[  805.409599][T18625]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  805.409619][T18625]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  805.409641][T18625]  __do_fast_syscall_32+0xe7/0x950
[  805.409668][T18625]  ? lockdep_hardirqs_on+0x78/0x100
[  805.409694][T18625]  do_fast_syscall_32+0x32/0x70
[  805.409721][T18625]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  805.409742][T18625] RIP: 0023:0xf701efcc
[  805.409758][T18625] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  805.409775][T18625] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  805.409794][T18625] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c03864bc
[  805.409805][T18625] RDX: 0000000080000580 RSI: 0000000000000000 RDI: 0000000000000000
[  805.409816][T18625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  805.409826][T18625] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  805.409836][T18625] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  805.409860][T18625]  </TASK>
[  805.552605][T18629] netlink: 'syz.1.3795': attribute type 39 has an invalid length.
[  805.654573][T18631] binder: 18628:18631 ioctl c0285840 80000000 returned -22
[  806.630086][T18651] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  806.973217][T18662] netlink: 'syz.4.3804': attribute type 11 has an invalid length.
[  806.983822][T18662] binder: 18659:18662 ioctl c0285840 80000000 returned -22
[  807.027044][T12488] Bluetooth: hci2: unexpected event 0x18 length: 247 > 23
[  808.307336][T18679] netlink: 196 bytes leftover after parsing attributes in process `syz.5.3809'.
[  808.417995][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  808.694035][T16643] usb 9-1: new high-speed USB device number 52 using dummy_hcd
[  808.884264][T16643] usb 9-1: Using ep0 maxpacket: 8
[  808.890932][T16643] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  808.902947][T16643] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  808.910154][T16643] usb 9-1: config 0 interface 0 has no altsetting 0
[  808.916084][T16643] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  808.923417][T16643] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.940883][T16643] usb 9-1: config 0 descriptor??
[  809.573336][T16643] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  809.577391][T16643] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  809.582499][T16643] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  809.584840][T16643] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  809.590167][T16643] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x0
[  809.592763][T16643] mcp2221 0003:04D8:00DD.0014: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  809.844797][T16643] usb 9-1: USB disconnect, device number 52
[  811.677339][T18732] netlink: 196 bytes leftover after parsing attributes in process `syz.5.3821'.
[  812.304037][T16643] usb 9-1: new high-speed USB device number 53 using dummy_hcd
[  812.353656][T18747] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3826'.
[  812.474263][T16643] usb 9-1: Using ep0 maxpacket: 8
[  812.477115][T16643] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  812.480917][T16643] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  812.484498][T16643] usb 9-1: config 0 interface 0 has no altsetting 0
[  812.486951][T16643] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  812.489833][T16643] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  812.493835][T16643] usb 9-1: config 0 descriptor??
[  812.560549][T18754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3830'.
[  812.571567][  T184] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  812.575103][  T184] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  812.578688][  T184] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  812.581801][  T184] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  812.611779][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  812.611792][   T40] audit: type=1326 audit(1778462582.841:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18755 comm="syz.0.3831" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6fdefcc code=0x0
[  813.027875][T16643] mcp2221 0003:04D8:00DD.0015: unknown main item tag 0x0
[  813.032147][T16643] mcp2221 0003:04D8:00DD.0015: unknown main item tag 0x0
[  813.034711][T16643] mcp2221 0003:04D8:00DD.0015: unknown main item tag 0x0
[  813.037491][T16643] mcp2221 0003:04D8:00DD.0015: unknown main item tag 0x0
[  813.039730][T16643] mcp2221 0003:04D8:00DD.0015: unknown main item tag 0x0
[  813.042445][T16643] mcp2221 0003:04D8:00DD.0015: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  813.241106][  T666] usb 9-1: USB disconnect, device number 53
[  813.535127][T18765] netlink: 'syz.5.3834': attribute type 39 has an invalid length.
[  813.629575][T18767] binder: 18764:18767 ioctl c0285840 80000000 returned -22
[  813.771325][   T40] audit: type=1326 audit(1778462584.001:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  813.794540][   T40] audit: type=1326 audit(1778462584.011:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  813.816108][   T40] audit: type=1326 audit(1778462584.021:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf701efcc code=0x7ffc0000
[  813.861670][   T40] audit: type=1326 audit(1778462584.021:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  813.924355][   T40] audit: type=1326 audit(1778462584.021:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  813.933572][   T40] audit: type=1326 audit(1778462584.041:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf701efcc code=0x7ffc0000
[  813.943063][   T40] audit: type=1326 audit(1778462584.051:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  813.956628][   T40] audit: type=1326 audit(1778462584.051:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  813.967658][   T40] audit: type=1326 audit(1778462584.051:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18770 comm="syz.1.3835" exe="/syz-executor" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf701efcc code=0x7ffc0000
[  814.704096][   T34] usb 10-1: new high-speed USB device number 83 using dummy_hcd
[  814.880550][   T34] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  814.889958][   T34] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  814.899120][   T34] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  814.907682][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.946557][T18782] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  815.030523][   T34] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  815.467295][   T34] usb 10-1: USB disconnect, device number 83
[  815.844015][T17752] usb 9-1: new high-speed USB device number 54 using dummy_hcd
[  815.871146][T18810] bridge0: port 2(bridge_slave_1) entered disabled state
[  815.876125][T18810] bridge0: port 1(bridge_slave_0) entered disabled state
[  816.014047][T17752] usb 9-1: Using ep0 maxpacket: 8
[  816.022460][T17752] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  816.036140][T17752] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  816.040120][T17752] usb 9-1: config 0 interface 0 has no altsetting 0
[  816.047267][T17752] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  816.053313][T17752] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  816.079547][T17752] usb 9-1: config 0 descriptor??
[  816.356694][T12488] Bluetooth: hci2: unexpected event 0x18 length: 247 > 23
[  816.696617][T17752] mcp2221 0003:04D8:00DD.0016: unknown main item tag 0x0
[  816.713502][T17752] mcp2221 0003:04D8:00DD.0016: unknown main item tag 0x0
[  816.716815][T17752] mcp2221 0003:04D8:00DD.0016: unknown main item tag 0x0
[  816.722425][T17752] mcp2221 0003:04D8:00DD.0016: unknown main item tag 0x0
[  816.732301][T17752] mcp2221 0003:04D8:00DD.0016: unknown main item tag 0x0
[  816.738878][T17752] mcp2221 0003:04D8:00DD.0016: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  816.898960][  T666] usb 9-1: USB disconnect, device number 54
[  816.985184][T18835] fuse: fd is not a fuse device
[  817.087042][T18838] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  817.334131][T14546] usb 10-1: new high-speed USB device number 84 using dummy_hcd
[  817.494092][T14546] usb 10-1: Using ep0 maxpacket: 8
[  817.499041][T14546] usb 10-1: config 0 has an invalid descriptor of length 103, skipping remainder of the config
[  817.504831][T14546] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  817.510606][T14546] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 46, changing to 9
[  817.515783][T14546] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8894, setting to 1024
[  817.653583][T14546] usb 10-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  817.657076][T14546] usb 10-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  817.660560][T14546] usb 10-1: Product: syz
[  817.662586][T14546] usb 10-1: Manufacturer: syz
[  817.664708][T14546] usb 10-1: SerialNumber: syz
[  817.672419][T14546] usb 10-1: config 0 descriptor??
[  817.748380][T14546] rc_core: IR keymap rc-imon-rsc not found
[  817.760836][T14546] Registered IR keymap rc-empty
[  817.767316][T14546] rc rc0: iMON Station as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  817.781079][T14546] input: iMON Station as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input176
[  818.160518][T18869] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3860'.
[  818.847590][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  819.824057][   T24] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[  819.964035][T16643] usb 9-1: new high-speed USB device number 55 using dummy_hcd
[  819.984154][   T24] usb 6-1: Using ep0 maxpacket: 8
[  819.989482][   T24] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  819.995754][   T24] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  820.003997][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  820.006636][   T24] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  820.009878][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.014407][   T24] usb 6-1: config 0 descriptor??
[  820.088068][    T9] usb 10-1: USB disconnect, device number 84
[  820.117066][T16643] usb 9-1: Using ep0 maxpacket: 32
[  820.129896][T16643] usb 9-1: config 0 has an invalid interface number: 119 but max is 0
[  820.143551][T16643] usb 9-1: config 0 has no interface number 0
[  820.152384][T16643] usb 9-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  820.161387][T16643] usb 9-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  820.165990][T16643] usb 9-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  820.169171][T16643] usb 9-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  820.175994][T16643] usb 9-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  820.180229][T16643] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  820.182946][T16643] usb 9-1: Product: syz
[  820.187380][T16643] usb 9-1: Manufacturer: syz
[  820.189317][T16643] usb 9-1: SerialNumber: syz
[  820.196238][T16643] usb 9-1: config 0 descriptor??
[  820.200262][T18901] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  820.209550][T16643] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.119/input/input178
[  820.532524][T18921] netlink: 7060 bytes leftover after parsing attributes in process `syz.5.3875'.
[  820.546755][   T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  820.549712][   T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  820.561060][T18921] dummy0: entered allmulticast mode
[  820.562261][   T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  820.571435][   T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  820.576318][T18921] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3875'.
[  820.620549][   T24] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0
[  820.651551][   T24] mcp2221 0003:04D8:00DD.0017: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  820.736487][T18920] dummy0: left allmulticast mode
[  820.867236][T14546] usb 6-1: USB disconnect, device number 60
[  822.791662][T18933] dummy0: entered allmulticast mode
[  822.815908][T18933] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3878'.
[  822.843569][T18932] dummy0: left allmulticast mode
[  823.710386][T18937] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  824.001377][   T34] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[  824.080847][T14546] usb 9-1: USB disconnect, device number 55
[  824.165505][   T34] usb 6-1: Using ep0 maxpacket: 8
[  824.188026][   T34] usb 6-1: config 0 has an invalid descriptor of length 103, skipping remainder of the config
[  824.205224][   T34] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  824.226485][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 46, changing to 9
[  824.247206][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8894, setting to 1024
[  824.282503][   T34] usb 6-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  824.288340][   T34] usb 6-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  824.301809][   T34] usb 6-1: Product: syz
[  824.333019][   T34] usb 6-1: Manufacturer: syz
[  824.336248][   T34] usb 6-1: SerialNumber: syz
[  824.341452][   T34] usb 6-1: config 0 descriptor??
[  824.371095][T12488] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  824.376126][T18944] netlink: 'syz.0.3883': attribute type 1 has an invalid length.
[  824.454919][T18944] bond3: entered promiscuous mode
[  824.458873][T18944] bond3: entered allmulticast mode
[  824.461891][T18944] 8021q: adding VLAN 0 to HW filter on device bond3
[  824.481565][   T34] rc_core: IR keymap rc-imon-rsc not found
[  824.484431][   T34] Registered IR keymap rc-empty
[  824.490183][T18950] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3883'.
[  824.490493][   T34] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  824.512961][T18949] erspan1: entered allmulticast mode
[  824.520604][   T34] input: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input179
[  824.627308][T14546] usb 9-1: new high-speed USB device number 56 using dummy_hcd
[  824.644076][   T24] usb 10-1: new full-speed USB device number 85 using dummy_hcd
[  824.684222][T18949] bond3: (slave erspan1): making interface the new active one
[  824.693199][T18949] erspan1: entered promiscuous mode
[  824.776695][T18949] bond3: (slave erspan1): Enslaving as an active interface with an up link
[  824.785334][T14546] usb 9-1: Using ep0 maxpacket: 32
[  824.792276][T14546] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  824.810087][T18950] bond3 (unregistering): (slave erspan1): Releasing active interface
[  824.815535][T18950] erspan1: left promiscuous mode
[  824.821778][T14546] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  824.831526][T14546] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  824.865326][T14546] usb 9-1: Product: syz
[  824.867136][T14546] usb 9-1: Manufacturer: syz
[  824.869178][T14546] usb 9-1: SerialNumber: syz
[  824.894572][T14546] usb 9-1: config 0 descriptor??
[  824.920911][T18950] bond3 (unregistering): Released all slaves
[  824.934686][T18942] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  825.024402][ T1434] ieee802154 phy1 wpan1: encryption failed: -22
[  825.046731][T18947] trusted_key: encrypted_key: master key parameter 'ecryptfs
VÀ' is invalid
[  825.256442][   T24] usb 10-1: unable to get BOS descriptor or descriptor too short
[  825.291481][   T24] usb 10-1: unable to read config index 0 descriptor/start: -71
[  825.296940][   T24] usb 10-1: can't read configurations, error -71
[  826.714439][    T9] usb 6-1: USB disconnect, device number 61
[  826.748714][T18969] fuse: fd is not a fuse device
[  826.880689][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  827.312199][   T34] usb 9-1: USB disconnect, device number 56
[  828.007319][T18983] netlink: 'syz.4.3894': attribute type 39 has an invalid length.
[  828.604314][T18989] binder: 18982:18989 ioctl c0285840 80000000 returned -22
[  830.327950][T19005] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3899'.
[  831.190884][T19017] netlink: 'syz.5.3904': attribute type 39 has an invalid length.
[  831.861570][T19023] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  831.872334][T19020] binder: 19016:19020 ioctl c0285840 80000000 returned -22
[  831.941256][T19024] FAULT_INJECTION: forcing a failure.
[  831.941256][T19024] name failslab, interval 1, probability 0, space 0, times 0
[  831.950490][T19024] CPU: 2 UID: 0 PID: 19024 Comm: syz.4.3906 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  831.950520][T19024] Tainted: [L]=SOFTLOCKUP
[  831.950526][T19024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  831.950536][T19024] Call Trace:
[  831.950543][T19024]  <TASK>
[  831.950550][T19024]  dump_stack_lvl+0x100/0x190
[  831.950583][T19024]  should_fail_ex.cold+0x5/0xa
[  831.950605][T19024]  ? usb_alloc_urb+0x66/0xa0
[  831.950626][T19024]  should_failslab+0xc2/0x120
[  831.950646][T19024]  __kmalloc_noprof+0xe0/0x850
[  831.950667][T19024]  usb_alloc_urb+0x66/0xa0
[  831.950687][T19024]  do_proc_bulk+0x349/0xc40
[  831.950712][T19024]  ? __pfx_do_proc_bulk+0x10/0x10
[  831.950741][T19024]  usbdev_ioctl+0x1717/0x3aa0
[  831.950767][T19024]  ? __pfx_usbdev_ioctl+0x10/0x10
[  831.950789][T19024]  ? get_pid_task+0x106/0x250
[  831.950816][T19024]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  831.950843][T19024]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  831.950865][T19024]  ? find_held_lock+0x2b/0x80
[  831.950884][T19024]  ? __fget_files+0x215/0x3d0
[  831.950901][T19024]  ? hook_file_ioctl_common+0x149/0x410
[  831.950928][T19024]  ? __fget_files+0x21f/0x3d0
[  831.950948][T19024]  ? __pfx_usbdev_ioctl+0x10/0x10
[  831.950971][T19024]  compat_ptr_ioctl+0x6e/0xa0
[  831.950987][T19024]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  831.951001][T19024]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  831.951022][T19024]  __do_fast_syscall_32+0xe7/0x950
[  831.951046][T19024]  ? lockdep_hardirqs_on+0x78/0x100
[  831.951072][T19024]  do_fast_syscall_32+0x32/0x70
[  831.951097][T19024]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  831.951119][T19024] RIP: 0023:0xf6feefcc
[  831.951133][T19024] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  831.951150][T19024] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  831.951168][T19024] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0105502
[  831.951179][T19024] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  831.951189][T19024] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  831.951199][T19024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  831.951208][T19024] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  831.951232][T19024]  </TASK>
[  832.344074][ T5942] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[  832.594022][ T5942] usb 6-1: Using ep0 maxpacket: 8
[  832.602633][ T5942] usb 6-1: config 0 has an invalid descriptor of length 103, skipping remainder of the config
[  832.802464][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  833.026324][ T5942] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  833.070519][ T5942] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 46, changing to 9
[  833.085507][ T5942] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8894, setting to 1024
[  833.094480][ T5942] usb 6-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  833.098313][ T5942] usb 6-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  833.101720][ T5942] usb 6-1: Product: syz
[  833.106980][ T5942] usb 6-1: Manufacturer: syz
[  833.109435][ T5942] usb 6-1: SerialNumber: syz
[  833.132497][ T5942] usb 6-1: config 0 descriptor??
[  833.336400][ T5942] rc_core: IR keymap rc-imon-rsc not found
[  833.339745][ T5942] Registered IR keymap rc-empty
[  833.343546][ T5942] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  833.382755][ T5942] input: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input181
[  833.872129][T19044] FAULT_INJECTION: forcing a failure.
[  833.872129][T19044] name failslab, interval 1, probability 0, space 0, times 0
[  833.877522][T19044] CPU: 2 UID: 0 PID: 19044 Comm: syz.4.3911 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  833.877551][T19044] Tainted: [L]=SOFTLOCKUP
[  833.877558][T19044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  833.877569][T19044] Call Trace:
[  833.877576][T19044]  <TASK>
[  833.877598][T19044]  dump_stack_lvl+0x100/0x190
[  833.877625][T19044]  should_fail_ex.cold+0x5/0xa
[  833.877648][T19044]  should_failslab+0xc2/0x120
[  833.877671][T19044]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  833.877697][T19044]  ? radix_tree_node_alloc.constprop.0+0x66/0x340
[  833.877725][T19044]  radix_tree_node_alloc.constprop.0+0x66/0x340
[  833.877750][T19044]  idr_get_free+0x52e/0xa00
[  833.877778][T19044]  idr_alloc_u32+0x1ac/0x320
[  833.877804][T19044]  ? __pfx_idr_alloc_u32+0x10/0x10
[  833.877836][T19044]  idr_alloc_cyclic+0x10b/0x230
[  833.877862][T19044]  ? __pfx_idr_alloc_cyclic+0x10/0x10
[  833.877893][T19044]  u32_init+0x801/0xbd0
[  833.877913][T19044]  ? __pfx_u32_classify+0x10/0x10
[  833.877931][T19044]  tc_new_tfilter+0x105c/0x24a0
[  833.877963][T19044]  ? core_kernel_text+0x90/0xb0
[  833.877979][T19044]  ? __kernel_text_address+0xd/0x30
[  833.877994][T19044]  ? unwind_get_return_address+0x59/0xa0
[  833.878015][T19044]  ? __pfx_tc_new_tfilter+0x10/0x10
[  833.878045][T19044]  ? __lock_acquire+0x4a5/0x2630
[  833.878075][T19044]  ? find_held_lock+0x2b/0x80
[  833.878096][T19044]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  833.878121][T19044]  ? __pfx_tc_new_tfilter+0x10/0x10
[  833.878147][T19044]  rtnetlink_rcv_msg+0x95e/0xe90
[  833.878171][T19044]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  833.878195][T19044]  ? __lock_acquire+0x4a5/0x2630
[  833.878214][T19044]  netlink_rcv_skb+0x159/0x420
[  833.878242][T19044]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  833.878267][T19044]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  833.878304][T19044]  ? netlink_deliver_tap+0x1ae/0xcc0
[  833.878336][T19044]  netlink_unicast+0x585/0x850
[  833.878366][T19044]  ? __pfx_netlink_unicast+0x10/0x10
[  833.878399][T19044]  netlink_sendmsg+0x8b0/0xda0
[  833.878428][T19044]  ? __pfx_netlink_sendmsg+0x10/0x10
[  833.878456][T19044]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  833.878488][T19044]  ____sys_sendmsg+0x9e1/0xb70
[  833.878519][T19044]  ? __pfx_netlink_sendmsg+0x10/0x10
[  833.878545][T19044]  ? __pfx_____sys_sendmsg+0x10/0x10
[  833.878575][T19044]  ? _kstrtoull+0x13c/0x1f0
[  833.878597][T19044]  ? __pfx__kstrtoull+0x10/0x10
[  833.878622][T19044]  ___sys_sendmsg+0x190/0x1e0
[  833.878650][T19044]  ? __pfx____sys_sendmsg+0x10/0x10
[  833.878677][T19044]  ? __lock_acquire+0x4a5/0x2630
[  833.878723][T19044]  __sys_sendmmsg+0x2ff/0x430
[  833.878747][T19044]  ? __pfx___sys_sendmmsg+0x10/0x10
[  833.878777][T19044]  ? __fget_files+0x215/0x3d0
[  833.878812][T19044]  ? fput+0x79/0x100
[  833.878839][T19044]  ? ksys_write+0x1ac/0x250
[  833.878864][T19044]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  833.878888][T19044]  ? lockdep_hardirqs_on+0x78/0x100
[  833.878914][T19044]  __do_fast_syscall_32+0xe7/0x950
[  833.878942][T19044]  ? lockdep_hardirqs_on+0x78/0x100
[  833.878969][T19044]  do_fast_syscall_32+0x32/0x70
[  833.878997][T19044]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  833.879019][T19044] RIP: 0023:0xf6feefcc
[  833.879036][T19044] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  833.879053][T19044] RSP: 002b:00000000f53bc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  833.879071][T19044] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  833.879082][T19044] RDX: 00000000000001f2 RSI: 0000000000000000 RDI: 0000000000000000
[  833.879092][T19044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  833.879103][T19044] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  833.879113][T19044] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  833.879137][T19044]  </TASK>
[  834.834268][   T34] usb 9-1: new high-speed USB device number 57 using dummy_hcd
[  834.875644][T19060] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3917'.
[  834.994010][   T34] usb 9-1: Using ep0 maxpacket: 32
[  834.997989][   T34] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  835.019660][   T34] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  835.039774][   T34] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  835.047786][   T34] usb 9-1: Product: syz
[  835.052378][   T34] usb 9-1: Manufacturer: syz
[  835.069066][   T34] usb 9-1: SerialNumber: syz
[  835.082832][   T34] usb 9-1: config 0 descriptor??
[  835.110240][T19056] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  835.117766][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  835.377647][T14546] usb 6-1: USB disconnect, device number 62
[  837.058021][    T9] usb 10-1: new high-speed USB device number 87 using dummy_hcd
[  837.087059][T19084] netlink: 'syz.0.3925': attribute type 39 has an invalid length.
[  837.259308][    T9] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  837.266102][    T9] usb 10-1: config 0 has no interfaces?
[  837.289051][    T9] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  837.313260][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  837.356989][    T9] usb 10-1: config 0 descriptor??
[  837.613365][T19075] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  837.623116][T19075] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  837.662675][    T9] usb 10-1: USB disconnect, device number 87
[  837.741273][T16643] usb 9-1: USB disconnect, device number 57
[  838.328783][T14546] IPVS: starting estimator thread 0...
[  838.349284][T16643] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[  838.425077][T19102] IPVS: using max 25 ests per chain, 60000 per kthread
[  838.581191][T16643] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  838.597722][T16643] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  838.717900][T16643] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  838.766086][T16643] usb 6-1: config 0 interface 0 has no altsetting 0
[  838.814883][T16643] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  838.839106][T16643] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  838.860404][T16643] usb 6-1: config 0 interface 0 has no altsetting 0
[  838.867770][T16643] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  838.875630][T16643] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  838.888480][T16643] usb 6-1: config 0 interface 0 has no altsetting 0
[  838.928262][T16643] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  838.933891][T16643] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  838.962979][T16643] usb 6-1: config 0 interface 0 has no altsetting 0
[  838.990508][T16643] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  838.998815][T16643] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  839.015997][T16643] usb 6-1: config 0 interface 0 has no altsetting 0
[  839.022264][T16643] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  839.029107][T16643] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  839.043537][T16643] usb 6-1: config 0 interface 0 has no altsetting 0
[  839.070312][T16643] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  839.073989][T16643] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  839.078916][T16643] usb 6-1: config 0 interface 0 has no altsetting 0
[  839.090903][T16643] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  839.095914][T16643] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  839.100900][T16643] usb 6-1: config 0 interface 0 has no altsetting 0
[  839.107030][T19110] netlink: 196 bytes leftover after parsing attributes in process `syz.5.3930'.
[  839.147820][T16643] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  839.153097][T16643] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  839.159027][T16643] usb 6-1: Product: syz
[  839.161158][T16643] usb 6-1: Manufacturer: syz
[  839.192410][T16643] usb 6-1: SerialNumber: syz
[  839.244056][T16643] usb 6-1: config 0 descriptor??
[  839.262604][T16643] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  839.593860][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  839.600694][    C0] usb 6-1: yurex_control_callback - control failed: -71
[  839.601202][ T5942] usb 6-1: USB disconnect, device number 63
[  839.611057][T19090] yurex 6-1:0.0: yurex_write - failed to send bulk msg, error -19
[  839.618551][ T5942] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  841.496311][T19128] autofs: Unknown parameter '@
'
[  841.674557][T19131] fuse: fd is not a fuse device
[  841.798594][T19133] FAULT_INJECTION: forcing a failure.
[  841.798594][T19133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  841.869190][T19133] CPU: 3 UID: 0 PID: 19133 Comm: syz.4.3939 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  841.869222][T19133] Tainted: [L]=SOFTLOCKUP
[  841.869228][T19133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  841.869239][T19133] Call Trace:
[  841.869246][T19133]  <TASK>
[  841.869254][T19133]  dump_stack_lvl+0x100/0x190
[  841.869279][T19133]  should_fail_ex.cold+0x5/0xa
[  841.869302][T19133]  strncpy_from_user+0x3b/0x2d0
[  841.869325][T19133]  do_getname+0x78/0x390
[  841.869354][T19133]  user_path_at+0x26/0x60
[  841.869377][T19133]  __ia32_sys_mount+0x1fb/0x310
[  841.869405][T19133]  ? __pfx___ia32_sys_mount+0x10/0x10
[  841.869429][T19133]  ? ksys_write+0x1ac/0x250
[  841.869456][T19133]  ? rcu_is_watching+0x12/0xc0
[  841.869482][T19133]  __do_fast_syscall_32+0xe7/0x950
[  841.869509][T19133]  ? lockdep_hardirqs_on+0x78/0x100
[  841.869537][T19133]  do_fast_syscall_32+0x32/0x70
[  841.869564][T19133]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  841.869586][T19133] RIP: 0023:0xf6feefcc
[  841.869601][T19133] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  841.869618][T19133] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  841.869636][T19133] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000040
[  841.869647][T19133] RDX: 0000000080000f80 RSI: 0000000000000400 RDI: 0000000080000380
[  841.869658][T19133] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  841.869668][T19133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  841.869678][T19133] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  841.869702][T19133]  </TASK>
[  842.251736][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  842.294135][   T24] usb 10-1: new full-speed USB device number 88 using dummy_hcd
[  842.394673][T19143] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  842.473682][   T24] usb 10-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e
[  842.480798][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.494455][   T24] usb 10-1: Product: syz
[  842.497202][   T24] usb 10-1: Manufacturer: syz
[  842.501446][   T24] usb 10-1: SerialNumber: syz
[  842.516804][   T24] usb 10-1: config 0 descriptor??
[  842.523109][T19137] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  842.532591][   T24] hub 10-1:0.0: bad descriptor, ignoring hub
[  842.539511][   T24] hub 10-1:0.0: probe with driver hub failed with error -5
[  842.549503][   T24] input: syz syz as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input183
[  842.652310][ T5942] usb 6-1: new high-speed USB device number 64 using dummy_hcd
[  842.771257][T19146] FAULT_INJECTION: forcing a failure.
[  842.771257][T19146] name failslab, interval 1, probability 0, space 0, times 0
[  842.793069][T19146] CPU: 3 UID: 0 PID: 19146 Comm: syz.4.3944 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  842.793098][T19146] Tainted: [L]=SOFTLOCKUP
[  842.793105][T19146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  842.793114][T19146] Call Trace:
[  842.793120][T19146]  <TASK>
[  842.793126][T19146]  dump_stack_lvl+0x100/0x190
[  842.793150][T19146]  should_fail_ex.cold+0x5/0xa
[  842.793186][T19146]  ? tomoyo_encode2+0xfb/0x3c0
[  842.793205][T19146]  should_failslab+0xc2/0x120
[  842.793225][T19146]  __kmalloc_noprof+0xe0/0x850
[  842.793240][T19146]  ? rcu_is_watching+0x12/0xc0
[  842.793262][T19146]  tomoyo_encode2+0xfb/0x3c0
[  842.793285][T19146]  tomoyo_encode+0x29/0x50
[  842.793304][T19146]  tomoyo_realpath_from_path+0x18c/0x690
[  842.793330][T19146]  tomoyo_path_number_perm+0x23c/0x580
[  842.793346][T19146]  ? tomoyo_path_number_perm+0x22e/0x580
[  842.793365][T19146]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  842.793383][T19146]  ? get_pid_task+0x106/0x250
[  842.793432][T19146]  ? find_held_lock+0x2b/0x80
[  842.793452][T19146]  ? __fget_files+0x215/0x3d0
[  842.793470][T19146]  ? hook_file_ioctl_common+0x149/0x410
[  842.793487][T19146]  ? __fget_files+0x215/0x3d0
[  842.793509][T19146]  ? __fget_files+0x21f/0x3d0
[  842.793531][T19146]  security_file_ioctl_compat+0xd3/0x230
[  842.793551][T19146]  __ia32_compat_sys_ioctl+0xc2/0x360
[  842.793571][T19146]  __do_fast_syscall_32+0xe7/0x950
[  842.793596][T19146]  ? lockdep_hardirqs_on+0x78/0x100
[  842.793621][T19146]  do_fast_syscall_32+0x32/0x70
[  842.793645][T19146]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  842.793665][T19146] RIP: 0023:0xf6feefcc
[  842.793680][T19146] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  842.793696][T19146] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  842.793713][T19146] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0189375
[  842.793723][T19146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  842.793733][T19146] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  842.793743][T19146] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  842.793753][T19146] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  842.793774][T19146]  </TASK>
[  842.793873][T19146] ERROR: Out of memory at tomoyo_realpath_from_path.
[  842.814053][ T5942] usb 6-1: Using ep0 maxpacket: 8
[  842.879476][T19149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3940'.
[  842.915976][ T5942] usb 6-1: config 0 has an invalid descriptor of length 103, skipping remainder of the config
[  842.923297][T19149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3940'.
[  843.070003][ T5942] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  843.078002][ T5942] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 46, changing to 9
[  843.085005][ T5942] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8894, setting to 1024
[  843.094783][ T5942] usb 6-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  843.100417][ T5942] usb 6-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  843.107946][ T5942] usb 6-1: Product: syz
[  843.112933][ T5942] usb 6-1: Manufacturer: syz
[  843.116490][ T5942] usb 6-1: SerialNumber: syz
[  843.165289][ T5942] usb 6-1: config 0 descriptor??
[  843.287334][T14546] usb 10-1: USB disconnect, device number 88
[  843.304332][ T5942] rc_core: IR keymap rc-imon-rsc not found
[  843.306562][ T5942] Registered IR keymap rc-empty
[  843.315428][ T5942] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  843.349338][ T5942] input: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input184
[  844.032473][T19165] binder: 19164:19165 ioctl c0285840 80000000 returned -22
[  845.892811][T14546] usb 6-1: USB disconnect, device number 64
[  846.796868][T19195] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3958'.
[  846.861122][   T40] kauditd_printk_skb: 40 callbacks suppressed
[  846.861143][   T40] audit: type=1326 audit(1778462617.091:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  846.901105][   T40] audit: type=1326 audit(1778462617.091:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  846.962231][   T40] audit: type=1326 audit(1778462617.181:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  846.993812][   T40] audit: type=1326 audit(1778462617.181:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  847.110026][   T40] audit: type=1326 audit(1778462617.181:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  847.127066][   T40] audit: type=1326 audit(1778462617.181:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  847.203016][   T40] audit: type=1326 audit(1778462617.181:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  847.264054][   T40] audit: type=1326 audit(1778462617.181:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  847.417024][   T40] audit: type=1326 audit(1778462617.181:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  847.433794][   T40] audit: type=1326 audit(1778462617.181:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.4.3958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feefcc code=0x7ffc0000
[  847.624440][T19195] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3958'.
[  848.898145][T14546] usb 10-1: new high-speed USB device number 89 using dummy_hcd
[  849.212875][T14546] usb 10-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  849.254153][T14546] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  849.258066][T14546] usb 10-1: Product: syz
[  849.260025][T14546] usb 10-1: Manufacturer: syz
[  849.274271][T14546] usb 10-1: SerialNumber: syz
[  849.689648][T14546] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  849.697455][T14546] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  850.749626][T19202] FAULT_INJECTION: forcing a failure.
[  850.749626][T19202] name failslab, interval 1, probability 0, space 0, times 0
[  850.755814][T19202] CPU: 1 UID: 0 PID: 19202 Comm: syz.5.3959 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  850.755842][T19202] Tainted: [L]=SOFTLOCKUP
[  850.755848][T19202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  850.755857][T19202] Call Trace:
[  850.755864][T19202]  <TASK>
[  850.755871][T19202]  dump_stack_lvl+0x100/0x190
[  850.755896][T19202]  should_fail_ex.cold+0x5/0xa
[  850.755916][T19202]  should_failslab+0xc2/0x120
[  850.755936][T19202]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  850.755960][T19202]  ? alloc_vfsmnt+0x23/0x6a0
[  850.755983][T19202]  ? find_held_lock+0x2b/0x80
[  850.756011][T19202]  ? clone_mnt+0x19a/0x930
[  850.756029][T19202]  alloc_vfsmnt+0x23/0x6a0
[  850.756054][T19202]  clone_mnt+0x4b/0x930
[  850.756069][T19202]  ? is_subdir+0x1a8/0x3e0
[  850.756096][T19202]  copy_tree+0x329/0xbf0
[  850.756124][T19202]  copy_mnt_ns+0x3fa/0x1180
[  850.756153][T19202]  ? __pfx_copy_mnt_ns+0x10/0x10
[  850.756180][T19202]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  850.756205][T19202]  ? create_new_namespaces+0x30/0xac0
[  850.756227][T19202]  ? rcu_is_watching+0x12/0xc0
[  850.756250][T19202]  create_new_namespaces+0xd3/0xac0
[  850.756272][T19202]  ? bpf_lsm_capable+0x9/0x10
[  850.756292][T19202]  ? security_capable+0x80/0x260
[  850.756321][T19202]  unshare_nsproxy_namespaces+0xf2/0x220
[  850.756345][T19202]  ksys_unshare+0x438/0xab0
[  850.756371][T19202]  ? __pfx_ksys_unshare+0x10/0x10
[  850.756398][T19202]  ? ksys_write+0x1ac/0x250
[  850.756421][T19202]  __ia32_sys_unshare+0x30/0x40
[  850.756446][T19202]  __do_fast_syscall_32+0xe7/0x950
[  850.756472][T19202]  ? lockdep_hardirqs_on+0x78/0x100
[  850.756501][T19202]  do_fast_syscall_32+0x32/0x70
[  850.756526][T19202]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  850.756547][T19202] RIP: 0023:0xf7f94fcc
[  850.756561][T19202] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  850.756578][T19202] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000136
[  850.756595][T19202] RAX: ffffffffffffffda RBX: 000000002a020480 RCX: 0000000000000000
[  850.756606][T19202] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  850.756616][T19202] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  850.756625][T19202] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  850.756635][T19202] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  850.756657][T19202]  </TASK>
[  851.489954][T14546] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x0000011c. ret = -EPROTO
[  851.516944][T14546] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  851.784436][T14546] lan78xx 10-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  851.837987][T14546] lan78xx 10-1:1.0: probe with driver lan78xx failed with error -71
[  851.852460][T14546] usb 10-1: USB disconnect, device number 89
[  851.992035][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  852.903005][T19251] fuse: Unknown parameter '0x0000000000000005'
[  853.122578][T19256] overlay: ./file0 is not a directory
[  853.144734][T19258] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3977'.
[  853.158793][T19258] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3977'.
[  854.149517][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  854.190166][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  854.322450][T19273] syzkaller0: entered promiscuous mode
[  854.334164][T19273] syzkaller0: entered allmulticast mode
[  854.473789][T19273] FAULT_INJECTION: forcing a failure.
[  854.473789][T19273] name failslab, interval 1, probability 0, space 0, times 0
[  854.483096][T19273] CPU: 3 UID: 0 PID: 19273 Comm: syz.1.3980 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  854.483137][T19273] Tainted: [L]=SOFTLOCKUP
[  854.483145][T19273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  854.483154][T19273] Call Trace:
[  854.483160][T19273]  <TASK>
[  854.483166][T19273]  dump_stack_lvl+0x100/0x190
[  854.483189][T19273]  should_fail_ex.cold+0x5/0xa
[  854.483211][T19273]  should_failslab+0xc2/0x120
[  854.483230][T19273]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  854.483255][T19273]  ? skb_clone+0x190/0x400
[  854.483281][T19273]  skb_clone+0x190/0x400
[  854.483301][T19273]  dev_queue_xmit_nit+0x255/0xa60
[  854.483329][T19273]  dev_hard_start_xmit+0x2fc/0x7a0
[  854.483357][T19273]  ? validate_xmit_skb_list+0xe7/0x130
[  854.483385][T19273]  sch_direct_xmit+0x1b2/0xc60
[  854.483411][T19273]  ? __pfx_sch_direct_xmit+0x10/0x10
[  854.483428][T19273]  ? get_slot_next+0x390/0x420
[  854.483448][T19273]  ? mark_held_locks+0x40/0x70
[  854.483466][T19273]  ? ktime_get+0x22c/0x320
[  854.483492][T19273]  ? lockdep_hardirqs_on+0x78/0x100
[  854.483519][T19273]  __qdisc_run+0x52d/0x1af0
[  854.483547][T19273]  __dev_queue_xmit+0x30ed/0x4950
[  854.483578][T19273]  ? __might_fault+0xc5/0x140
[  854.483607][T19273]  ? __pfx___dev_queue_xmit+0x10/0x10
[  854.483631][T19273]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  854.483654][T19273]  ? __vlan_get_protocol_offset+0x256/0x350
[  854.483672][T19273]  ? __pfx___vlan_get_protocol_offset+0x10/0x10
[  854.483691][T19273]  ? packet_parse_headers+0x5ae/0x800
[  854.483712][T19273]  ? __asan_memset+0x23/0x50
[  854.483732][T19273]  ? packet_parse_headers+0x5ba/0x800
[  854.483753][T19273]  ? packet_parse_headers+0x205/0x800
[  854.483775][T19273]  ? __pfx_packet_parse_headers+0x10/0x10
[  854.483801][T19273]  packet_xmit+0x243/0x310
[  854.483825][T19273]  packet_sendmsg+0x319a/0x5100
[  854.483860][T19273]  ? __pfx___might_resched+0x10/0x10
[  854.483885][T19273]  ? aa_sk_perm+0x309/0xaa0
[  854.483905][T19273]  ? __pfx_packet_sendmsg+0x10/0x10
[  854.483935][T19273]  ? __pfx_aa_sk_perm+0x10/0x10
[  854.483951][T19273]  ? __might_fault+0xc5/0x140
[  854.483980][T19273]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  854.484008][T19273]  __sys_sendto+0x468/0x4b0
[  854.484024][T19273]  ? __pfx_packet_sendmsg+0x10/0x10
[  854.484049][T19273]  ? __pfx___sys_sendto+0x10/0x10
[  854.484073][T19273]  ? __fget_files+0x215/0x3d0
[  854.484093][T19273]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  854.484182][T19273]  ? fput+0x79/0x100
[  854.491784][T19273]  ? ksys_write+0x1ac/0x250
[  854.491810][T19273]  __ia32_sys_sendto+0xdd/0x1b0
[  854.491830][T19273]  ? __do_fast_syscall_32+0x98/0x950
[  854.491855][T19273]  ? lockdep_hardirqs_on+0x78/0x100
[  854.491877][T19273]  __do_fast_syscall_32+0xe7/0x950
[  854.491901][T19273]  ? lockdep_hardirqs_on+0x78/0x100
[  854.491925][T19273]  do_fast_syscall_32+0x32/0x70
[  854.491959][T19273]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  854.491981][T19273] RIP: 0023:0xf701efcc
[  854.491996][T19273] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  854.492013][T19273] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[  854.492030][T19273] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000600
[  854.492041][T19273] RDX: 000000000000003b RSI: 0000000000001840 RDI: 00000000800000c0
[  854.492051][T19273] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  854.492061][T19273] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  854.492071][T19273] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  854.492093][T19273]  </TASK>
[  856.379753][T19309] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3990'.
[  858.798218][T19348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4000'.
[  858.843970][T19348] team0 (unregistering): Port device team_slave_0 removed
[  858.850667][T19348] team0 (unregistering): Port device team_slave_1 removed
[  859.624961][T19354] x_tables: duplicate underflow at hook 1
[  860.044279][T19360] FAULT_INJECTION: forcing a failure.
[  860.044279][T19360] name failslab, interval 1, probability 0, space 0, times 0
[  860.098158][T19360] CPU: 0 UID: 0 PID: 19360 Comm: syz.1.4006 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  860.098185][T19360] Tainted: [L]=SOFTLOCKUP
[  860.098191][T19360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  860.098200][T19360] Call Trace:
[  860.098206][T19360]  <TASK>
[  860.098213][T19360]  dump_stack_lvl+0x100/0x190
[  860.098236][T19360]  should_fail_ex.cold+0x5/0xa
[  860.098256][T19360]  should_failslab+0xc2/0x120
[  860.098274][T19360]  __kmalloc_cache_noprof+0x7a/0x6f0
[  860.098296][T19360]  ? nf_tables_newtable+0xcff/0x19f0
[  860.098323][T19360]  nf_tables_newtable+0xcff/0x19f0
[  860.098351][T19360]  ? __pfx_nf_tables_newtable+0x10/0x10
[  860.098378][T19360]  ? __nla_parse+0x40/0x60
[  860.098401][T19360]  nfnetlink_rcv_batch+0x1410/0x2880
[  860.098431][T19360]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  860.098452][T19360]  ? kasan_save_stack+0x3f/0x50
[  860.098467][T19360]  ? kasan_save_stack+0x30/0x50
[  860.098481][T19360]  ? kasan_save_track+0x14/0x30
[  860.098526][T19360]  ? __nla_parse+0x40/0x60
[  860.098550][T19360]  nfnetlink_rcv+0x3bd/0x440
[  860.098567][T19360]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  860.098592][T19360]  netlink_unicast+0x585/0x850
[  860.098619][T19360]  ? __pfx_netlink_unicast+0x10/0x10
[  860.098647][T19360]  netlink_sendmsg+0x8b0/0xda0
[  860.098707][T19360]  ? __pfx_netlink_sendmsg+0x10/0x10
[  860.098734][T19360]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  860.098763][T19360]  ____sys_sendmsg+0x9e1/0xb70
[  860.098785][T19360]  ? __pfx_netlink_sendmsg+0x10/0x10
[  860.098809][T19360]  ? __pfx_____sys_sendmsg+0x10/0x10
[  860.098839][T19360]  ___sys_sendmsg+0x190/0x1e0
[  860.098862][T19360]  ? __pfx____sys_sendmsg+0x10/0x10
[  860.098895][T19360]  ? find_held_lock+0x2b/0x80
[  860.098933][T19360]  __sys_sendmsg+0x170/0x220
[  860.098952][T19360]  ? __pfx___sys_sendmsg+0x10/0x10
[  860.098968][T19360]  ? __fget_files+0x21f/0x3d0
[  860.098992][T19360]  ? ksys_write+0x1ac/0x250
[  860.099012][T19360]  ? rcu_is_watching+0x12/0xc0
[  860.099033][T19360]  __do_fast_syscall_32+0xe7/0x950
[  860.099057][T19360]  ? lockdep_hardirqs_on+0x78/0x100
[  860.099081][T19360]  do_fast_syscall_32+0x32/0x70
[  860.099104][T19360]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  860.099123][T19360] RIP: 0023:0xf701efcc
[  860.099137][T19360] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  860.099152][T19360] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  860.099168][T19360] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  860.099199][T19360] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  860.099208][T19360] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  860.099218][T19360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  860.099227][T19360] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  860.099250][T19360]  </TASK>
[  861.908275][T19385] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  862.255603][T19379] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  864.214202][  T666] usb 9-1: new high-speed USB device number 58 using dummy_hcd
[  864.364103][  T666] usb 9-1: Using ep0 maxpacket: 32
[  864.370431][  T666] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  864.405495][  T666] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  864.409548][  T666] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  864.415973][  T666] usb 9-1: Product: syz
[  864.418569][  T666] usb 9-1: Manufacturer: syz
[  864.432183][  T666] usb 9-1: SerialNumber: syz
[  864.440150][  T666] usb 9-1: config 0 descriptor??
[  864.462260][T19413] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  864.976920][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  867.045536][    T9] usb 9-1: USB disconnect, device number 58
[  867.449215][T19461] netlink: 'syz.4.4032': attribute type 1 has an invalid length.
[  868.592540][T19476] netlink: 'syz.1.4037': attribute type 39 has an invalid length.
[  868.706554][T12488] Bluetooth: hci2: unexpected event 0x18 length: 247 > 23
[  868.775894][T19484] binder: 19475:19484 ioctl c0285840 80000000 returned -22
[  868.930669][T19487] netlink: 'syz.0.4040': attribute type 39 has an invalid length.
[  868.998547][T19487] 9pnet_virtio: no channels available for device syz
[  869.692717][T19498] netlink: 'syz.4.4042': attribute type 39 has an invalid length.
[  870.072961][T19503] binder: 19497:19503 ioctl c0285840 80000000 returned -22
[  870.224518][T19504] 8021q: adding VLAN 0 to HW filter on device bond3
[  871.033115][T19518] 9p: Bad value for 'rfdno'
[  871.044433][T19518] 9p: Bad value for 'rfdno'
[  871.581210][T19525] tmpfs: Bad value for 'mpol'
[  872.635038][T19540] netlink: 'syz.4.4051': attribute type 39 has an invalid length.
[  872.954785][T19540] binder: 19539:19540 ioctl c0285840 80000000 returned -22
[  874.148394][T19558] binder: 19557:19558 ioctl c0306201 800001c0 returned -14
[  874.734454][T19566] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  874.974156][ T6463] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[  875.144058][ T6463] usb 6-1: Using ep0 maxpacket: 8
[  875.148966][ T6463] usb 6-1: config 0 has an invalid descriptor of length 103, skipping remainder of the config
[  875.211142][ T6463] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  875.239969][ T6463] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 46, changing to 9
[  875.253383][ T6463] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8894, setting to 1024
[  875.268451][ T6463] usb 6-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  875.293532][ T6463] usb 6-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  875.299242][ T6463] usb 6-1: Product: syz
[  875.302120][ T6463] usb 6-1: Manufacturer: syz
[  875.305694][ T6463] usb 6-1: SerialNumber: syz
[  875.318374][ T6463] usb 6-1: config 0 descriptor??
[  875.454476][ T6463] rc_core: IR keymap rc-imon-rsc not found
[  875.460792][ T6463] Registered IR keymap rc-empty
[  875.466625][ T6463] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  875.473390][ T6463] input: iMON Station as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input251
[  875.870371][T19587] netlink: 'syz.5.4064': attribute type 39 has an invalid length.
[  876.173083][T19591] binder: 19586:19591 ioctl c0285840 80000000 returned -22
[  877.357415][T12488] Bluetooth: hci4: unexpected event 0x18 length: 247 > 23
[  878.010966][T16643] usb 6-1: USB disconnect, device number 65
[  878.125645][T19622] FAULT_INJECTION: forcing a failure.
[  878.125645][T19622] name failslab, interval 1, probability 0, space 0, times 0
[  878.152906][T19622] CPU: 0 UID: 0 PID: 19622 Comm: syz.5.4072 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  878.152938][T19622] Tainted: [L]=SOFTLOCKUP
[  878.152944][T19622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  878.152955][T19622] Call Trace:
[  878.152961][T19622]  <TASK>
[  878.152969][T19622]  dump_stack_lvl+0x100/0x190
[  878.152994][T19622]  should_fail_ex.cold+0x5/0xa
[  878.153018][T19622]  should_failslab+0xc2/0x120
[  878.153039][T19622]  __kmalloc_cache_noprof+0x7a/0x6f0
[  878.153063][T19622]  ? hash_ipport_create+0x816/0x19d0
[  878.153087][T19622]  ? __nla_validate_parse+0x1e7/0x28b0
[  878.153116][T19622]  hash_ipport_create+0x816/0x19d0
[  878.153147][T19622]  ? __pfx_hash_ipport_create+0x10/0x10
[  878.153175][T19622]  ? __pfx_hash_ipport_create+0x10/0x10
[  878.153202][T19622]  ? ip_set_create+0x6b8/0x14f0
[  878.153220][T19622]  ? ip_set_create+0x591/0x14f0
[  878.153237][T19622]  ip_set_create+0x6b8/0x14f0
[  878.153262][T19622]  ? __pfx_ip_set_create+0x10/0x10
[  878.153298][T19622]  ? find_held_lock+0x2b/0x80
[  878.153327][T19622]  nfnetlink_rcv_msg+0x9d5/0x11e0
[  878.153356][T19622]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  878.153403][T19622]  ? __lock_acquire+0x4a5/0x2630
[  878.153424][T19622]  netlink_rcv_skb+0x159/0x420
[  878.153449][T19622]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  878.153470][T19622]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  878.153505][T19622]  ? ns_capable+0xd2/0xf0
[  878.153529][T19622]  nfnetlink_rcv+0x1b3/0x440
[  878.153549][T19622]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  878.153568][T19622]  ? netlink_deliver_tap+0x1ae/0xcc0
[  878.153594][T19622]  netlink_unicast+0x585/0x850
[  878.153622][T19622]  ? __pfx_netlink_unicast+0x10/0x10
[  878.153652][T19622]  netlink_sendmsg+0x8b0/0xda0
[  878.153680][T19622]  ? __pfx_netlink_sendmsg+0x10/0x10
[  878.153708][T19622]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  878.153738][T19622]  ____sys_sendmsg+0x9e1/0xb70
[  878.153761][T19622]  ? __pfx_netlink_sendmsg+0x10/0x10
[  878.153786][T19622]  ? __pfx_____sys_sendmsg+0x10/0x10
[  878.153820][T19622]  ___sys_sendmsg+0x190/0x1e0
[  878.153853][T19622]  ? __pfx____sys_sendmsg+0x10/0x10
[  878.153889][T19622]  ? find_held_lock+0x2b/0x80
[  878.153946][T19622]  __sys_sendmsg+0x170/0x220
[  878.153967][T19622]  ? __pfx___sys_sendmsg+0x10/0x10
[  878.153985][T19622]  ? __fget_files+0x21f/0x3d0
[  878.154013][T19622]  ? ksys_write+0x1ac/0x250
[  878.154035][T19622]  ? rcu_is_watching+0x12/0xc0
[  878.154059][T19622]  __do_fast_syscall_32+0xe7/0x950
[  878.154085][T19622]  ? lockdep_hardirqs_on+0x78/0x100
[  878.154112][T19622]  do_fast_syscall_32+0x32/0x70
[  878.154137][T19622]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  878.154159][T19622] RIP: 0023:0xf7f94fcc
[  878.154174][T19622] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  878.154190][T19622] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  878.154211][T19622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  878.154222][T19622] RDX: 0000000020004000 RSI: 0000000000000000 RDI: 0000000000000000
[  878.154233][T19622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  878.154242][T19622] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  878.154252][T19622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  878.154273][T19622]  </TASK>
[  879.098432][T19634] netlink: 'syz.5.4074': attribute type 39 has an invalid length.
[  879.296405][T19639] binder: 19628:19639 ioctl c0285840 80000000 returned -22
[  879.640100][T19625] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4073'.
[  880.014739][T19646] FAULT_INJECTION: forcing a failure.
[  880.014739][T19646] name failslab, interval 1, probability 0, space 0, times 0
[  880.044564][T19646] CPU: 1 UID: 0 PID: 19646 Comm: syz.4.4077 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  880.044596][T19646] Tainted: [L]=SOFTLOCKUP
[  880.044603][T19646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  880.044614][T19646] Call Trace:
[  880.044621][T19646]  <TASK>
[  880.044629][T19646]  dump_stack_lvl+0x100/0x190
[  880.044656][T19646]  should_fail_ex.cold+0x5/0xa
[  880.044682][T19646]  should_failslab+0xc2/0x120
[  880.044705][T19646]  __kmalloc_cache_node_noprof+0x7d/0x770
[  880.044726][T19646]  ? __get_vm_area_node+0x101/0x330
[  880.044753][T19646]  __get_vm_area_node+0x101/0x330
[  880.044775][T19646]  ? kernel_text_address+0x8d/0x100
[  880.044799][T19646]  __vmalloc_node_range_noprof+0x228/0x1630
[  880.044832][T19646]  ? xt_compat_init_offsets+0xe2/0x1f0
[  880.044860][T19646]  ? lock_acquire+0x1b1/0x370
[  880.044886][T19646]  ? xt_compat_init_offsets+0xe2/0x1f0
[  880.044915][T19646]  ? __mutex_lock+0x26d/0x1b10
[  880.044946][T19646]  ? css_rstat_updated+0x1ce/0x5a0
[  880.044976][T19646]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  880.045003][T19646]  ? __pfx___mutex_lock+0x10/0x10
[  880.045029][T19646]  ? __kasan_kmalloc+0xaa/0xb0
[  880.045046][T19646]  ? __kvmalloc_node_noprof+0x360/0xa00
[  880.045063][T19646]  ? xt_alloc_table_info+0x44/0xa0
[  880.045090][T19646]  ? nf_setsockopt+0x8d/0xf0
[  880.045117][T19646]  ? ipv6_setsockopt+0x135/0x170
[  880.045146][T19646]  ? __sys_setsockopt+0x119/0x190
[  880.045165][T19646]  ? __ia32_sys_setsockopt+0xbc/0x160
[  880.045188][T19646]  ? xt_compat_init_offsets+0xe2/0x1f0
[  880.045215][T19646]  __vmalloc_node_noprof+0xad/0xf0
[  880.045240][T19646]  ? xt_compat_init_offsets+0xe2/0x1f0
[  880.045269][T19646]  xt_compat_init_offsets+0xe2/0x1f0
[  880.045298][T19646]  translate_compat_table+0x20b/0x17e0
[  880.045329][T19646]  ? __lock_acquire+0x4a5/0x2630
[  880.045354][T19646]  ? __pfx_translate_compat_table+0x10/0x10
[  880.045402][T19646]  compat_do_replace+0x279/0x500
[  880.045433][T19646]  ? __pfx_compat_do_replace+0x10/0x10
[  880.045461][T19646]  ? lockdep_hardirqs_on+0x78/0x100
[  880.045501][T19646]  ? bpf_lsm_capable+0x9/0x10
[  880.045522][T19646]  ? security_capable+0x80/0x260
[  880.045554][T19646]  do_ip6t_set_ctl+0x562/0xb00
[  880.045586][T19646]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  880.045616][T19646]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  880.045652][T19646]  ? find_held_lock+0x2b/0x80
[  880.045680][T19646]  ? nf_sockopt_find.isra.0+0x222/0x290
[  880.045712][T19646]  nf_setsockopt+0x8d/0xf0
[  880.045744][T19646]  ipv6_setsockopt+0x135/0x170
[  880.045775][T19646]  sctp_setsockopt+0x161/0xb370
[  880.045803][T19646]  ? __pfx_aa_sk_perm+0x10/0x10
[  880.045833][T19646]  ? __pfx_sctp_setsockopt+0x10/0x10
[  880.045862][T19646]  ? aa_sock_opt_perm+0xfe/0x1b0
[  880.045889][T19646]  ? sock_common_setsockopt+0x2e/0xf0
[  880.045913][T19646]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  880.045940][T19646]  do_sock_setsockopt+0xf3/0x1d0
[  880.045969][T19646]  __sys_setsockopt+0x119/0x190
[  880.045994][T19646]  __ia32_sys_setsockopt+0xbc/0x160
[  880.046014][T19646]  ? __do_fast_syscall_32+0x98/0x950
[  880.046042][T19646]  ? lockdep_hardirqs_on+0x78/0x100
[  880.046069][T19646]  __do_fast_syscall_32+0xe7/0x950
[  880.046097][T19646]  ? lockdep_hardirqs_on+0x78/0x100
[  880.046125][T19646]  do_fast_syscall_32+0x32/0x70
[  880.046154][T19646]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  880.046178][T19646] RIP: 0023:0xf6feefcc
[  880.046194][T19646] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  880.046211][T19646] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  880.046231][T19646] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  880.046243][T19646] RDX: 0000000000000040 RSI: 0000000080000a80 RDI: 0000000000000508
[  880.046254][T19646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  880.046265][T19646] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  880.046275][T19646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  880.046301][T19646]  </TASK>
[  880.046312][T19646] syz.4.4077: vmalloc error: size 32, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  880.456855][T19646] CPU: 1 UID: 0 PID: 19646 Comm: syz.4.4077 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  880.456887][T19646] Tainted: [L]=SOFTLOCKUP
[  880.456893][T19646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  880.456903][T19646] Call Trace:
[  880.456910][T19646]  <TASK>
[  880.456917][T19646]  dump_stack_lvl+0x100/0x190
[  880.456943][T19646]  warn_alloc.cold+0x95/0x1c1
[  880.456963][T19646]  ? __pfx_warn_alloc+0x10/0x10
[  880.456991][T19646]  ? trace_kmalloc+0xe3/0x110
[  880.457015][T19646]  ? __kmalloc_cache_node_noprof+0x2d9/0x770
[  880.457037][T19646]  ? __kasan_kmalloc+0x8a/0xb0
[  880.457058][T19646]  ? __get_vm_area_node+0x208/0x330
[  880.457085][T19646]  __vmalloc_node_range_noprof+0xccd/0x1630
[  880.457119][T19646]  ? xt_compat_init_offsets+0xe2/0x1f0
[  880.457149][T19646]  ? __mutex_lock+0x26d/0x1b10
[  880.457179][T19646]  ? css_rstat_updated+0x1ce/0x5a0
[  880.457209][T19646]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  880.457237][T19646]  ? __pfx___mutex_lock+0x10/0x10
[  880.457263][T19646]  ? __kasan_kmalloc+0xaa/0xb0
[  880.457281][T19646]  ? __kvmalloc_node_noprof+0x360/0xa00
[  880.457299][T19646]  ? xt_alloc_table_info+0x44/0xa0
[  880.457326][T19646]  ? nf_setsockopt+0x8d/0xf0
[  880.457350][T19646]  ? ipv6_setsockopt+0x135/0x170
[  880.457374][T19646]  ? __sys_setsockopt+0x119/0x190
[  880.457390][T19646]  ? __ia32_sys_setsockopt+0xbc/0x160
[  880.457409][T19646]  ? xt_compat_init_offsets+0xe2/0x1f0
[  880.457432][T19646]  __vmalloc_node_noprof+0xad/0xf0
[  880.457455][T19646]  ? xt_compat_init_offsets+0xe2/0x1f0
[  880.457483][T19646]  xt_compat_init_offsets+0xe2/0x1f0
[  880.457511][T19646]  translate_compat_table+0x20b/0x17e0
[  880.457540][T19646]  ? __lock_acquire+0x4a5/0x2630
[  880.457565][T19646]  ? __pfx_translate_compat_table+0x10/0x10
[  880.457610][T19646]  compat_do_replace+0x279/0x500
[  880.457639][T19646]  ? __pfx_compat_do_replace+0x10/0x10
[  880.457667][T19646]  ? lockdep_hardirqs_on+0x78/0x100
[  880.457707][T19646]  ? bpf_lsm_capable+0x9/0x10
[  880.457728][T19646]  ? security_capable+0x80/0x260
[  880.457928][T19646]  do_ip6t_set_ctl+0x562/0xb00
[  880.457963][T19646]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  880.457992][T19646]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  880.458026][T19646]  ? find_held_lock+0x2b/0x80
[  880.458054][T19646]  ? nf_sockopt_find.isra.0+0x222/0x290
[  880.458085][T19646]  nf_setsockopt+0x8d/0xf0
[  880.458116][T19646]  ipv6_setsockopt+0x135/0x170
[  880.458146][T19646]  sctp_setsockopt+0x161/0xb370
[  880.458174][T19646]  ? __pfx_aa_sk_perm+0x10/0x10
[  880.458197][T19646]  ? __pfx_sctp_setsockopt+0x10/0x10
[  880.458225][T19646]  ? aa_sock_opt_perm+0xfe/0x1b0
[  880.458252][T19646]  ? sock_common_setsockopt+0x2e/0xf0
[  880.458276][T19646]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  880.458302][T19646]  do_sock_setsockopt+0xf3/0x1d0
[  880.458329][T19646]  __sys_setsockopt+0x119/0x190
[  880.458354][T19646]  __ia32_sys_setsockopt+0xbc/0x160
[  880.458533][T19646]  ? __do_fast_syscall_32+0x98/0x950
[  880.458564][T19646]  ? lockdep_hardirqs_on+0x78/0x100
[  880.458587][T19646]  __do_fast_syscall_32+0xe7/0x950
[  880.458610][T19646]  ? lockdep_hardirqs_on+0x78/0x100
[  880.458636][T19646]  do_fast_syscall_32+0x32/0x70
[  880.458660][T19646]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  880.458681][T19646] RIP: 0023:0xf6feefcc
[  880.458697][T19646] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  880.458715][T19646] RSP: 002b:00000000f53dd50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  880.458734][T19646] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  880.458744][T19646] RDX: 0000000000000040 RSI: 0000000080000a80 RDI: 0000000000000508
[  880.458754][T19646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  880.458765][T19646] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  880.458775][T19646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  880.458806][T19646]  </TASK>
[  880.458813][T19646] Mem-Info:
[  880.705529][T19646] active_anon:8764 inactive_anon:1987 isolated_anon:0
[  880.705529][T19646]  active_file:7884 inactive_file:9174 isolated_file:0
[  880.705529][T19646]  unevictable:1768 dirty:205 writeback:0
[  880.705529][T19646]  slab_reclaimable:6478 slab_unreclaimable:71959
[  880.705529][T19646]  mapped:25477 shmem:5886 pagetables:1425
[  880.705529][T19646]  sec_pagetables:325 bounce:0
[  880.705529][T19646]  kernel_misc_reclaimable:0
[  880.705529][T19646]  free:42003 free_pcp:13495 free_cma:0
[  880.805043][T19646] Node 0 active_anon:8kB inactive_anon:140kB active_file:0kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2072kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7724kB pagetables:1400kB sec_pagetables:1104kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  880.848884][T19646] Node 1 active_anon:29792kB inactive_anon:7808kB active_file:31536kB inactive_file:36688kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:99820kB dirty:836kB writeback:0kB shmem:15028kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5672kB pagetables:4108kB sec_pagetables:196kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  880.884389][T19646] Node 0 DMA free:2600kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:12kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  880.954179][T19646] lowmem_reserve[]: 0 285 285 285 285
[  880.956290][T19646] Node 0 DMA32 free:23940kB boost:29448kB min:42536kB low:45808kB high:49080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8kB inactive_anon:132kB active_file:0kB inactive_file:8kB unevictable:3536kB writepending:0kB zspages:1516kB present:1032196kB managed:292572kB mlocked:0kB bounce:0kB free_pcp:808kB local_pcp:32kB free_cma:0kB
[  881.004076][T19646] lowmem_reserve[]: 0 0 0 0 0
[  881.006824][T19646] Node 1 DMA32 free:145672kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:26548kB inactive_anon:7808kB active_file:31536kB inactive_file:36688kB unevictable:3536kB writepending:836kB zspages:6680kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:57996kB local_pcp:11720kB free_cma:0kB
[  881.021743][T19646] lowmem_reserve[]: 0 0 0 0 0
[  881.023632][T19646] Node 0 DMA: 116*4kB (UM) 9*8kB (UM) 9*16kB (UM) 10*32kB (UM) 5*64kB (UM) 2*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2600kB
[  881.038005][T19646] Node 0 DMA32: 237*4kB (UME) 92*8kB (UME) 53*16kB (UME) 203*32kB (UME) 77*64kB (UME) 18*128kB (UME) 4*256kB (M) 5*512kB (M) 4*1024kB (M) 0*2048kB 0*4096kB = 23940kB
[  881.046982][T19646] Node 1 DMA32: 2841*4kB (UM) 1639*8kB (UM) 1889*16kB (UM) 42*32kB (UME) 79*64kB (UME) 46*128kB (UME) 36*256kB (UM) 59*512kB (UME) 34*1024kB (UME) 5*2048kB (M) 0*4096kB = 151468kB
[  881.057269][T19646] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  881.062523][T19646] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  881.069501][T19646] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  881.074466][T19646] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  881.078337][T19646] 20598 total pagecache pages
[  881.080502][T19646] 1328 pages in swap cache
[  881.082476][T19646] Free swap  = 39768kB
[  881.087034][T19646] Total swap = 124996kB
[  881.090032][T19646] 524155 pages RAM
[  881.092433][T19646] 0 pages HighMem/MovableOnly
[  881.095809][T19646] 210119 pages reserved
[  881.097829][T19646] 0 pages cma reserved
[  881.208538][T19650] input: syz1 as /devices/virtual/input/input254
[  881.318145][T19654] FAULT_INJECTION: forcing a failure.
[  881.318145][T19654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  881.343383][T19654] CPU: 1 UID: 0 PID: 19654 Comm: syz.1.4078 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  881.343416][T19654] Tainted: [L]=SOFTLOCKUP
[  881.343423][T19654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  881.343435][T19654] Call Trace:
[  881.343445][T19654]  <TASK>
[  881.343455][T19654]  dump_stack_lvl+0x100/0x190
[  881.343482][T19654]  should_fail_ex.cold+0x5/0xa
[  881.343508][T19654]  __fpu_restore_sig+0x8f1/0x1340
[  881.343544][T19654]  ? __lock_acquire+0x4a5/0x2630
[  881.343564][T19654]  ? __pfx___fpu_restore_sig+0x10/0x10
[  881.343614][T19654]  ? __might_fault+0xc5/0x140
[  881.343650][T19654]  fpu__restore_sig+0x151/0x190
[  881.343680][T19654]  ia32_restore_sigcontext+0x456/0x620
[  881.343704][T19654]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  881.343734][T19654]  ? _raw_spin_unlock_irq+0x23/0x50
[  881.343760][T19654]  ? lockdep_hardirqs_on+0x78/0x100
[  881.343791][T19654]  __do_compat_sys_rt_sigreturn+0x18c/0x270
[  881.343814][T19654]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  881.343837][T19654]  ? rcu_is_watching+0x12/0xc0
[  881.343862][T19654]  do_int80_emulation+0x141/0x700
[  881.344134][T19654]  asm_int80_emulation+0x1a/0x20
[  881.344160][T19654] RIP: 0023:0xf701efca
[  881.344177][T19654] Code: 19 85 d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  881.344195][T19654] RSP: 002b:00000000f53ec50c EFLAGS: 00000292
[  881.344213][T19654] RAX: 0000000000000091 RBX: 0000000000000003 RCX: 0000000080000500
[  881.344225][T19654] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  881.344236][T19654] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  881.344247][T19654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  881.344258][T19654] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  881.344284][T19654]  </TASK>
[  882.042868][T19661] 
: renamed from bond_slave_0
[  882.477309][T19674] netlink: 'syz.0.4087': attribute type 39 has an invalid length.
[  882.496716][    C0] ==================================================================
[  882.520419][    C0] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x3a/0x60
[  882.535201][    C0] Read of size 1 at addr ffff88802aed3818 by task syz.4.4081/19659
[  882.547545][    C0] 
[  882.548665][    C0] CPU: 0 UID: 0 PID: 19659 Comm: syz.4.4081 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  882.548691][    C0] Tainted: [L]=SOFTLOCKUP
[  882.548697][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  882.548706][    C0] Call Trace:
[  882.548715][    C0]  <IRQ>
[  882.548722][    C0]  dump_stack_lvl+0x100/0x190
[  882.548745][    C0]  print_report+0x13d/0x4b0
[  882.548767][    C0]  ? __virt_addr_valid+0x239/0x430
[  882.548797][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  882.548818][    C0]  kasan_report+0xdf/0x1d0
[  882.548836][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  882.548857][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  882.548877][    C0]  __kasan_check_byte+0x36/0x50
[  882.548894][    C0]  lock_acquire+0x12a/0x370
[  882.548909][    C0]  ? do_raw_spin_unlock+0x53/0x1e0
[  882.548926][    C0]  ? .slowpath+0x9/0x18
[  882.548946][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  882.548964][    C0]  ? p9_req_put+0xaf/0x250
[  882.548986][    C0]  p9_req_put+0xaf/0x250
[  882.549006][    C0]  req_done+0x1dc/0x2e0
[  882.549024][    C0]  ? __pfx_req_done+0x10/0x10
[  882.549043][    C0]  ? __pfx_req_done+0x10/0x10
[  882.549061][    C0]  vring_interrupt+0x2ef/0x650
[  882.549080][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  882.549098][    C0]  __handle_irq_event_percpu+0x235/0x8c0
[  882.549121][    C0]  handle_irq_event+0xab/0x1e0
[  882.549139][    C0]  handle_edge_irq+0x35e/0x960
[  882.549159][    C0]  __common_interrupt+0xd8/0x2f0
[  882.549183][    C0]  common_interrupt+0x60/0xe0
[  882.549200][    C0]  asm_common_interrupt+0x26/0x40
[  882.549216][    C0] RIP: 0010:handle_softirqs+0x1ad/0xa00
[  882.549237][    C0] Code: 30 44 88 74 24 23 45 89 ee 48 c7 c7 00 67 ad 8b e8 c8 1f c0 09 31 d2 65 66 89 15 c6 a6 42 12 e8 a9 5a 48 00 fb bb ff ff ff ff <49> c7 c4 c0 a0 40 8e 41 0f bc de 83 c3 01 0f 85 a4 00 00 00 e9 47
[  882.549252][    C0] RSP: 0000:ffffc90000007f20 EFLAGS: 00000206
[  882.549266][    C0] RAX: 000000000001a184 RBX: 00000000ffffffff RCX: 0000000000000000
[  882.549278][    C0] RDX: 0000000000000000 RSI: ffffffff8df1c469 RDI: ffffffff8c1c2800
[  882.549288][    C0] RBP: 000000010000e275 R08: 0000000000000001 R09: 0000000000000000
[  882.549299][    C0] R10: 0000000000000001 R11: 0000000000000001 R12: 000000000000000a
[  882.549309][    C0] R13: 0000000000000282 R14: 0000000000000282 R15: 1ffff92000000fec
[  882.549325][    C0]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  882.549348][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  882.549367][    C0]  ? _raw_spin_unlock+0x28/0x50
[  882.549385][    C0]  ? __hrtimer_rearm_deferred+0x9b/0x740
[  882.549403][    C0]  __irq_exit_rcu+0x162/0x210
[  882.549421][    C0]  irq_exit_rcu+0x9/0x30
[  882.549439][    C0]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  882.549459][    C0]  </IRQ>
[  882.549464][    C0]  <TASK>
[  882.549471][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  882.549487][    C0] RIP: 0010:preempt_count_add+0x9e/0x150
[  882.549505][    C0] Code: 0f 00 85 c0 75 38 65 48 8b 2d a6 0a 36 12 48 b8 00 00 00 00 00 fc ff df 48 8d bd 70 15 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 <0f> 85 88 00 00 00 48 89 9d 70 15 00 00 5b 5d e9 7e a5 b6 09 31 ff
[  882.549520][    C0] RSP: 0000:ffffc900061cf658 EFLAGS: 00000246
[  882.549532][    C0] RAX: dffffc0000000000 RBX: ffffffff8b89b8bb RCX: 1ffffffff3634270
[  882.549543][    C0] RDX: 1ffff1100a9f6bee RSI: ffffffff8def6f7c RDI: ffff888054fb5f70
[  882.549554][    C0] RBP: ffff888054fb4a00 R08: ffffffff8a3008e5 R09: 0000000000000000
[  882.549564][    C0] R10: ffffc900061cf800 R11: 0000000000000000 R12: 0000000000000000
[  882.549574][    C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000000
[  882.549586][    C0]  ? __mutex_lock+0x17b/0x1b10
[  882.549608][    C0]  ? __unix_dgram_recvmsg+0x255/0xc30
[  882.549628][    C0]  ? preempt_count_add+0x76/0x150
[  882.549645][    C0]  __mutex_lock+0x17b/0x1b10
[  882.549667][    C0]  ? __unix_dgram_recvmsg+0x255/0xc30
[  882.549682][    C0]  ? __unix_dgram_recvmsg+0x75c/0xc30
[  882.549697][    C0]  ? __unix_dgram_recvmsg+0x75c/0xc30
[  882.549714][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  882.549735][    C0]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  882.549759][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  882.549791][    C0]  ? __unix_dgram_recvmsg+0x255/0xc30
[  882.549805][    C0]  __unix_dgram_recvmsg+0x255/0xc30
[  882.549822][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  882.549839][    C0]  ? __lock_acquire+0x4a5/0x2630
[  882.549857][    C0]  unix_dgram_recvmsg+0xcd/0x100
[  882.549873][    C0]  ____sys_recvmsg+0x5b3/0x640
[  882.549892][    C0]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  882.549906][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  882.549928][    C0]  ? rcu_is_watching+0x12/0xc0
[  882.549946][    C0]  ? ___sys_recvmsg+0x177/0x1a0
[  882.549965][    C0]  ? kfree+0x1dd/0x6c0
[  882.549987][    C0]  ___sys_recvmsg+0x16a/0x1a0
[  882.550008][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  882.550028][    C0]  ? irqentry_exit+0x24d/0x7e0
[  882.550049][    C0]  ? irqentry_exit+0x24d/0x7e0
[  882.550073][    C0]  ? __pfx___might_resched+0x10/0x10
[  882.550089][    C0]  ? do_recvmmsg+0x56e/0x760
[  882.550110][    C0]  do_recvmmsg+0x563/0x760
[  882.550132][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  882.550153][    C0]  ? sched_setaffinity+0x2d7/0x400
[  882.550174][    C0]  ? sched_setaffinity+0xe0/0x400
[  882.550190][    C0]  ? __pfx_sched_setaffinity+0x10/0x10
[  882.550210][    C0]  __sys_recvmmsg+0x21f/0x270
[  882.550227][    C0]  ? __pfx___sys_recvmmsg+0x10/0x10
[  882.550246][    C0]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  882.550264][    C0]  ? __do_fast_syscall_32+0x98/0x950
[  882.550285][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[  882.550304][    C0]  __do_fast_syscall_32+0xe7/0x950
[  882.550326][    C0]  do_fast_syscall_32+0x32/0x70
[  882.550348][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  882.550368][    C0] RIP: 0023:0xf6feefcc
[  882.550381][    C0] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  882.550395][    C0] RSP: 002b:00000000f53bc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  882.550410][    C0] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800000c0
[  882.550421][    C0] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  882.550430][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  882.550440][    C0] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  882.550449][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  882.550464][    C0]  </TASK>
[  882.550470][    C0] 
[  882.691098][T19679] cgroup: name respecified
[  882.691789][    C0] Allocated by task 19674:
[  882.691803][    C0]  kasan_save_stack+0x30/0x50
[  882.691826][    C0]  kasan_save_track+0x14/0x30
[  882.691842][    C0]  __kasan_kmalloc+0xaa/0xb0
[  883.247528][    C0]  p9_client_create+0xaf/0xd40
[  883.249719][    C0]  v9fs_session_init+0x3c/0xd20
[  883.252636][    C0]  v9fs_get_tree+0xb8/0xb50
[  883.255546][    C0]  vfs_get_tree+0x92/0x320
[  883.258375][    C0]  path_mount+0x7d0/0x23d0
[  883.260833][    C0]  __ia32_sys_mount+0x292/0x310
[  883.265423][    C0]  __do_fast_syscall_32+0xe7/0x950
[  883.268807][    C0]  do_fast_syscall_32+0x32/0x70
[  883.273899][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  883.278011][    C0] 
[  883.279513][    C0] Freed by task 19674:
[  883.282069][    C0]  kasan_save_stack+0x30/0x50
[  883.285054][    C0]  kasan_save_track+0x14/0x30
[  883.288020][    C0]  kasan_save_free_info+0x3b/0x70
[  883.291512][    C0]  __kasan_slab_free+0x5f/0x80
[  883.294625][    C0]  kfree+0x223/0x6c0
[  883.302740][    C0]  p9_client_create+0x72d/0xd40
[  883.305653][    C0]  v9fs_session_init+0x3c/0xd20
[  883.308180][    C0]  v9fs_get_tree+0xb8/0xb50
[  883.310573][    C0]  vfs_get_tree+0x92/0x320
[  883.313047][    C0]  path_mount+0x7d0/0x23d0
[  883.315865][    C0]  __ia32_sys_mount+0x292/0x310
[  883.318943][    C0]  __do_fast_syscall_32+0xe7/0x950
[  883.322281][    C0]  do_fast_syscall_32+0x32/0x70
[  883.325476][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  883.329625][    C0] 
[  883.331174][    C0] The buggy address belongs to the object at ffff88802aed3800
[  883.331174][    C0]  which belongs to the cache kmalloc-512 of size 512
[  883.337997][    C0] The buggy address is located 24 bytes inside of
[  883.337997][    C0]  freed 512-byte region [ffff88802aed3800, ffff88802aed3a00)
[  883.345782][    C0] 
[  883.348053][    C0] The buggy address belongs to the physical page:
[  883.353560][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802aed3c00 pfn:0x2aed0
[  883.358996][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  883.364015][    C0] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  883.369045][    C0] page_type: f5(slab)
[  883.371770][    C0] raw: 00fff00000000240 ffff88801b842c80 ffffea0000029510 ffffea0000a37f10
[  883.378181][    C0] raw: ffff88802aed3c00 000000080010000f 00000000f5000000 0000000000000000
[  883.383422][    C0] head: 00fff00000000240 ffff88801b842c80 ffffea0000029510 ffffea0000a37f10
[  883.391799][    C0] head: ffff88802aed3c00 000000080010000f 00000000f5000000 0000000000000000
[  883.397472][    C0] head: 00fff00000000002 ffffffffffffff01 00000000ffffffff 00000000ffffffff
[  883.401182][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  883.407529][    C0] page dumped because: kasan: bad access detected
[  883.414428][    C0] page_owner tracks the page as allocated
[  883.418143][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5752, tgid 5752 (syz-executor), ts 105572427002, free_ts 56239852865
[  883.431993][    C0]  post_alloc_hook+0x153/0x170
[  883.435033][    C0]  get_page_from_freelist+0x11a6/0x33b0
[  883.438527][    C0]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  883.442461][    C0]  new_slab+0xa6/0x6c0
[  883.446735][    C0]  refill_objects+0x277/0x420
[  883.450226][    C0]  __pcs_replace_empty_main+0x375/0x650
[  883.458484][    C0]  __kmalloc_cache_noprof+0x493/0x6f0
[  883.464472][    C0]  inetdev_init+0x66/0x570
[  883.468464][    C0]  inetdev_event+0x7fa/0x17f0
[  883.472693][    C0]  notifier_call_chain+0x99/0x400
[  883.477195][    C0]  call_netdevice_notifiers_info+0xbe/0x110
[  883.481822][    C0]  register_netdevice+0x18fe/0x24b0
[  883.484347][    C0]  veth_newlink+0x316/0xa00
[  883.486332][    C0]  rtnl_newlink+0x1499/0x2380
[  883.489154][    C0]  rtnetlink_rcv_msg+0x95e/0xe90
[  883.493143][    C0]  netlink_rcv_skb+0x159/0x420
[  883.496876][    C0] page last free pid 5152 tgid 5152 stack trace:
[  883.501632][    C0]  __free_frozen_pages+0x747/0x1040
[  883.506176][    C0]  qlist_free_all+0x47/0xf0
[  883.510147][    C0]  kasan_quarantine_reduce+0x1a0/0x1f0
[  883.512712][    C0]  __kasan_slab_alloc+0x69/0x90
[  883.514965][    C0]  __kmalloc_noprof+0x2b9/0x850
[  883.517345][    C0]  tomoyo_realpath_from_path+0xb6/0x690
[  883.519986][    C0]  tomoyo_check_open_permission+0x2af/0x3c0
[  883.522783][    C0]  tomoyo_file_open+0x6b/0x90
[  883.526181][    C0]  security_file_open+0xb5/0x1e0
[  883.528707][    C0]  do_dentry_open+0x5aa/0x1660
[  883.535790][    C0]  vfs_open+0x82/0x3f0
[  883.538196][    C0]  path_openat+0x208c/0x31a0
[  883.540671][    C0]  do_file_open+0x20e/0x430
[  883.544680][    C0]  do_sys_openat2+0x10d/0x1e0
[  883.547651][    C0]  __x64_sys_openat+0x12d/0x210
[  883.550441][    C0]  do_syscall_64+0x10b/0xf80
[  883.553884][    C0] 
[  883.555340][    C0] Memory state around the buggy address:
[  883.558620][    C0]  ffff88802aed3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  883.563393][    C0]  ffff88802aed3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  883.568719][    C0] >ffff88802aed3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  883.573055][    C0]                             ^
[  883.574939][    C0]  ffff88802aed3880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  883.579742][    C0]  ffff88802aed3900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  883.583777][    C0] ==================================================================
[  883.587616][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  883.591449][    C0] CPU: 0 UID: 0 PID: 19659 Comm: syz.4.4081 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  883.599273][    C0] Tainted: [L]=SOFTLOCKUP
[  883.604260][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  883.613901][    C0] Call Trace:
[  883.617370][    C0]  <IRQ>
[  883.619455][    C0]  dump_stack_lvl+0x100/0x190
[  883.622508][    C0]  vpanic+0x552/0x970
[  883.624493][    C0]  ? __pfx_vpanic+0x10/0x10
[  883.627232][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  883.631327][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  883.634202][    C0]  panic+0xd1/0xe0
[  883.636926][    C0]  ? __pfx_panic+0x10/0x10
[  883.642291][    C0]  ? end_report.part.0+0x23/0x90
[  883.645388][    C0]  ? rcu_is_watching+0x12/0xc0
[  883.648425][    C0]  ? end_report.part.0+0x23/0x90
[  883.652028][    C0]  ? check_panic_on_warn+0x1f/0x90
[  883.659663][    C0]  check_panic_on_warn.cold+0x19/0x34
[  883.662289][    C0]  end_report.part.0+0x3a/0x90
[  883.666386][    C0]  kasan_report.cold+0xe/0x18
[  883.670196][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  883.674569][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  883.677208][    C0]  __kasan_check_byte+0x36/0x50
[  883.679549][    C0]  lock_acquire+0x12a/0x370
[  883.682149][    C0]  ? do_raw_spin_unlock+0x53/0x1e0
[  883.685884][    C0]  ? .slowpath+0x9/0x18
[  883.687486][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  883.690060][    C0]  ? p9_req_put+0xaf/0x250
[  883.693000][    C0]  p9_req_put+0xaf/0x250
[  883.695127][    C0]  req_done+0x1dc/0x2e0
[  883.697162][    C0]  ? __pfx_req_done+0x10/0x10
[  883.699598][    C0]  ? __pfx_req_done+0x10/0x10
[  883.702291][    C0]  vring_interrupt+0x2ef/0x650
[  883.706241][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  883.709426][    C0]  __handle_irq_event_percpu+0x235/0x8c0
[  883.713047][    C0]  handle_irq_event+0xab/0x1e0
[  883.717817][    C0]  handle_edge_irq+0x35e/0x960
[  883.723488][    C0]  __common_interrupt+0xd8/0x2f0
[  883.727006][    C0]  common_interrupt+0x60/0xe0
[  883.729196][    C0]  asm_common_interrupt+0x26/0x40
[  883.731735][    C0] RIP: 0010:handle_softirqs+0x1ad/0xa00
[  883.734298][    C0] Code: 30 44 88 74 24 23 45 89 ee 48 c7 c7 00 67 ad 8b e8 c8 1f c0 09 31 d2 65 66 89 15 c6 a6 42 12 e8 a9 5a 48 00 fb bb ff ff ff ff <49> c7 c4 c0 a0 40 8e 41 0f bc de 83 c3 01 0f 85 a4 00 00 00 e9 47
[  883.745848][    C0] RSP: 0000:ffffc90000007f20 EFLAGS: 00000206
[  883.750367][    C0] RAX: 000000000001a184 RBX: 00000000ffffffff RCX: 0000000000000000
[  883.755878][    C0] RDX: 0000000000000000 RSI: ffffffff8df1c469 RDI: ffffffff8c1c2800
[  883.761487][    C0] RBP: 000000010000e275 R08: 0000000000000001 R09: 0000000000000000
[  883.769435][    C0] R10: 0000000000000001 R11: 0000000000000001 R12: 000000000000000a
[  883.774583][    C0] R13: 0000000000000282 R14: 0000000000000282 R15: 1ffff92000000fec
[  883.784996][    C0]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  883.790078][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  883.793690][    C0]  ? _raw_spin_unlock+0x28/0x50
[  883.797735][    C0]  ? __hrtimer_rearm_deferred+0x9b/0x740
[  883.801416][    C0]  __irq_exit_rcu+0x162/0x210
[  883.804715][    C0]  irq_exit_rcu+0x9/0x30
[  883.807405][    C0]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  883.810733][    C0]  </IRQ>
[  883.813541][    C0]  <TASK>
[  883.815924][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  883.821222][    C0] RIP: 0010:preempt_count_add+0x9e/0x150
[  883.834019][    C0] Code: 0f 00 85 c0 75 38 65 48 8b 2d a6 0a 36 12 48 b8 00 00 00 00 00 fc ff df 48 8d bd 70 15 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 <0f> 85 88 00 00 00 48 89 9d 70 15 00 00 5b 5d e9 7e a5 b6 09 31 ff
[  883.846511][    C0] RSP: 0000:ffffc900061cf658 EFLAGS: 00000246
[  883.850906][    C0] RAX: dffffc0000000000 RBX: ffffffff8b89b8bb RCX: 1ffffffff3634270
[  883.858463][    C0] RDX: 1ffff1100a9f6bee RSI: ffffffff8def6f7c RDI: ffff888054fb5f70
[  883.865850][    C0] RBP: ffff888054fb4a00 R08: ffffffff8a3008e5 R09: 0000000000000000
[  883.870922][    C0] R10: ffffc900061cf800 R11: 0000000000000000 R12: 0000000000000000
[  883.880151][    C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000000
[  883.885304][    C0]  ? __mutex_lock+0x17b/0x1b10
[  883.889041][    C0]  ? __unix_dgram_recvmsg+0x255/0xc30
[  883.896143][    C0]  ? preempt_count_add+0x76/0x150
[  883.898240][    C0]  __mutex_lock+0x17b/0x1b10
[  883.900514][    C0]  ? __unix_dgram_recvmsg+0x255/0xc30
[  883.907147][    C0]  ? __unix_dgram_recvmsg+0x75c/0xc30
[  883.912010][    C0]  ? __unix_dgram_recvmsg+0x75c/0xc30
[  883.919167][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  883.924307][    C0]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  883.926572][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  883.929052][    C0]  ? __unix_dgram_recvmsg+0x255/0xc30
[  883.931084][    C0]  __unix_dgram_recvmsg+0x255/0xc30
[  883.942396][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  883.950237][    C0]  ? __lock_acquire+0x4a5/0x2630
[  883.952592][    C0]  unix_dgram_recvmsg+0xcd/0x100
[  883.962785][    C0]  ____sys_recvmsg+0x5b3/0x640
[  883.965478][    C0]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  883.968461][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  883.970953][    C0]  ? rcu_is_watching+0x12/0xc0
[  883.972894][    C0]  ? ___sys_recvmsg+0x177/0x1a0
[  883.974482][    C0]  ? kfree+0x1dd/0x6c0
[  883.975818][    C0]  ___sys_recvmsg+0x16a/0x1a0
[  884.003570][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  884.005723][    C0]  ? irqentry_exit+0x24d/0x7e0
[  884.007560][    C0]  ? irqentry_exit+0x24d/0x7e0
[  884.009531][    C0]  ? __pfx___might_resched+0x10/0x10
[  884.023872][    C0]  ? do_recvmmsg+0x56e/0x760
[  884.025891][    C0]  do_recvmmsg+0x563/0x760
[  884.027770][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  884.029936][    C0]  ? sched_setaffinity+0x2d7/0x400
[  884.043500][    C0]  ? sched_setaffinity+0xe0/0x400
[  884.045521][    C0]  ? __pfx_sched_setaffinity+0x10/0x10
[  884.047698][    C0]  __sys_recvmmsg+0x21f/0x270
[  884.049722][    C0]  ? __pfx___sys_recvmmsg+0x10/0x10
[  884.062270][    C0]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  884.065925][    C0]  ? __do_fast_syscall_32+0x98/0x950
[  884.068437][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[  884.070683][    C0]  __do_fast_syscall_32+0xe7/0x950
[  884.085232][    C0]  do_fast_syscall_32+0x32/0x70
[  884.087204][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  884.089626][    C0] RIP: 0023:0xf6feefcc
[  884.091118][    C0] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  884.119185][    C0] RSP: 002b:00000000f53bc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[  884.137579][    C0] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800000c0
[  884.141630][    C0] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  884.154359][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  884.159242][    C0] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  884.173814][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  884.178621][    C0]  </TASK>
[  884.188987][    C0] Kernel Offset: disabled
[  884.206110][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:24:13  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff857c1685 RDI=ffffffff9b462820 RBP=ffffffff9b4627e0 RSP=ffffc90000007568
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838666666
R12=0000000000000000 R13=0000000000000020 R14=0000000000000010 R15=ffffffff857c1620
RIP=ffffffff857c16af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097177000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f53cbda4 CR3=000000005236a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffc90000577f30 RCX=ffffffff922abc01 RDX=ffffc90000577f38
RSI=ffffc90000577f20 RDI=ffffc90000577760 RBP=0000000000000001 RSP=ffffc900005776d8
R8 =0000000000000001 R9 =0000000000000007 R10=0000000000000200 R11=00000000000a877c
R12=ffffc900005777a0 R13=ffffc90000577750 R14=ffffc90000577f30 R15=ffffc90000577784
RIP=ffffffff8b87f236 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097277000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5414da4 CR3=000000002abe5000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004c00000000 0000000100000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004c00000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=0000000000000000 RCX=ffffffff81fb88dd RDX=ffff8880223a0000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffff88802b243000 RSP=ffffc90000bb7868
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000003 R13=ffffed1005648601 R14=0000000000000001 R15=ffff88802b43c700
RIP=ffffffff8207fd78 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 000fffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 000fffff 00000000
FS =0000 0000000000000000 000fffff 00000000
GS =0000 ffff888097377000 000fffff 00000000
LDT=0000 0000000000000000 000fffff 00000000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5435da4 CR3=000000000e596000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000bebef1 RBX=ffff88801c3ca500 RCX=ffffffff8b880095 RDX=0000000000000000
RSI=ffffffff8df1c469 RDI=ffffffff8c1c2800 RBP=0000000000000000 RSP=ffffc9000048fdf0
R8 =0000000000000001 R9 =ffffed10056a67b5 R10=ffff88802b533dab R11=0000000000000000
R12=0000000000000003 R13=ffffed10038794a0 R14=0000000000000003 R15=ffffffff90d7dc50
RIP=ffffffff8b87e87f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 000fffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 000fffff 00000000
FS =0000 0000000000000000 000fffff 00000000
GS =0000 ffff888097477000 000fffff 00000000
LDT=0000 0000000000000000 000fffff 00000000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa9a5383e9c CR3=0000000072119000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000