last executing test programs:

4m54.420579586s ago: executing program 0 (id=2494):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002480)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000003700)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fddbdf253b000000080003005d78e44538e2a3ead2ae4151d50145412c910900df7dbfeb9a4820a26c07d8028311335cb0fcb74bf7cd85157fe62c2c39fcb01b8efe4a55ea62ab7244d803c062561f9fef55111a744d74de52f6c5", @ANYRES32=r2, @ANYBLOB="1e003300c0100e0008021100000108021100000050505050505073000000000004008e00"], 0x40}, 0x1, 0x0, 0x0, 0x20040080}, 0x28008004)

4m54.360516895s ago: executing program 0 (id=2495):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002b80)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)="82", 0x1}, {&(0x7f0000000140)="11", 0x1a000}], 0x2}}], 0x1, 0x0)

4m54.360346663s ago: executing program 0 (id=2496):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000140)=0x4000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
pipe(&(0x7f0000000180)={<r4=>0xffffffffffffffff})
ioctl$SIOCGIFHWADDR(r4, 0x8927, &(0x7f00000001c0)={'pimreg0\x00'})
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r5=>0x0})
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r9=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000080)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r8, 0x8933, &(0x7f0000000400)={'wg2\x00', <r10=>0x0})
bind$xdp(r7, &(0x7f0000000100)={0x2c, 0xa, r10}, 0x10)
bind$xdp(r6, &(0x7f0000000180)={0x2c, 0x1, r9, 0x0, r7}, 0x10)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x8, r5}, 0x10)

4m54.181240722s ago: executing program 0 (id=2498):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(0x0, 0xd21, 0x4000)
r2 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x15)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_open_dev$swradio(&(0x7f0000000240), 0x0, 0x2)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}]})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x20000080)
r7 = msgget$private(0x0, 0x4a0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c0000001000050400"/20, @ANYRES32=0x0, @ANYBLOB="5d580000000000001c001a8018000a801400070000000000000000000000000000000001140003006970766c616e310000000000000000001c0012800b0001006970766c616e00000c0002800600010000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
msgctl$IPC_STAT(r7, 0x2, 0x0)
msgsnd(r7, &(0x7f0000000440)=ANY=[@ANYBLOB], 0xe3, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0xf, 0x3, 0x4, 0x1000000000000002, 0x102000000000002, 0x8000000d, 0x2004c8, 0xffff, 0x3, 0xffffffff, 0xffffffffffffffff, 0x7fffffffffffffff, 0xd0b, 0xfffffffffffffff9, 0x2000000000000003, 0x5], 0x80a0000, 0x4284})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r9, 0x40505331, &(0x7f0000000540)={{}, {0x18}, 0x0, 0x7})

4m53.134657966s ago: executing program 0 (id=2505):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xb)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xfffff000)
setpgid(0x0, r0)
utimes(&(0x7f0000000040)='./file0\x00', 0x0)

4m53.049923907s ago: executing program 0 (id=2506):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000140)=0x4000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
pipe(&(0x7f0000000180)={<r4=>0xffffffffffffffff})
ioctl$SIOCGIFHWADDR(r4, 0x8927, &(0x7f00000001c0)={'pimreg0\x00'})
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r5=>0x0})
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r9=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000080)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r8, 0x8933, &(0x7f0000000400)={'wg2\x00', <r10=>0x0})
bind$xdp(r7, &(0x7f0000000100)={0x2c, 0xa, r10}, 0x10)
bind$xdp(r6, &(0x7f0000000180)={0x2c, 0x1, r9, 0x0, r7}, 0x10)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x8, r5}, 0x10)

4m37.945481378s ago: executing program 32 (id=2506):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000140)=0x4000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
pipe(&(0x7f0000000180)={<r4=>0xffffffffffffffff})
ioctl$SIOCGIFHWADDR(r4, 0x8927, &(0x7f00000001c0)={'pimreg0\x00'})
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r5=>0x0})
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r9=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000080)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r8, 0x8933, &(0x7f0000000400)={'wg2\x00', <r10=>0x0})
bind$xdp(r7, &(0x7f0000000100)={0x2c, 0xa, r10}, 0x10)
bind$xdp(r6, &(0x7f0000000180)={0x2c, 0x1, r9, 0x0, r7}, 0x10)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x8, r5}, 0x10)

7.248850339s ago: executing program 4 (id=3804):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000002100110829bd7000fcdbdf250a0010020c000004040000001400"], 0x40}, 0x1, 0x0, 0x0, 0x20048180}, 0x44000)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc04c5609, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000340)='illinois', 0x8)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

6.212183381s ago: executing program 3 (id=3808):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1a, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e76, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xc}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x880}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mknodat(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup/file0\x00', 0x1000, 0x10000001)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0x1, <r4=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x2a, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYBLOB="189eca7b4320cc0c07834e0e6d7c7a54b0ce2afe3a7c44e4c8808ef3667b5e0ab9711dfcbced0608b80cf9856105df027f84f720df1031ef24", @ANYBLOB="000000000000fa00b703000000010000850000000c000000b700000000000000184200000800000000000000000000008520000005000200b7080000000080007a8af8ff00000000b7080000000140007b8af0ff00000000bfa100000000ef6a68220000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000183000000200000000000000000000008500000064000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYRES16], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x60, &(0x7f0000000040)={&(0x7f0000000800)={0x1c, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0x6, 0xb, 0x0, 0x0, @str='{\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x42804}, 0x84)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)

5.51946593s ago: executing program 1 (id=3811):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x1, 0xa0300)
ioctl$SG_IO(r0, 0x2285, 0x0)
syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b4000000000000007910480000000000790030000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

5.439933174s ago: executing program 1 (id=3812):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000880)=@filter={'filter\x00', 0x4, 0x4, 0x6e0, 0xffffffff, 0x0, 0xec, 0x42c, 0xfeffffff, 0xffffffff, 0x618, 0x618, 0x618, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xc8, 0xec, 0x0, {}, [@common=@eui64={{0x24}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x3}}}, {{@uncond, 0x0, 0x31c, 0x340, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, '.\x00', {0x7}}}, @common=@hbh={{0x48}, {0x7, 0x0, 0x0, [0x2d9, 0x7f, 0x206, 0xfffe, 0x6, 0x4, 0xff7e, 0xf980, 0x9, 0x800, 0x0, 0x9, 0x2, 0x7, 0x10, 0x4d4]}}]}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1c8, 0x1ec, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0xffffff01, 0x3, 0x0, 0x1, 'syz0\x00', 0x5}}, @common=@ah={{0x30}, {[0x4d2, 0x4d3], 0x2, 0xf4, 0x10532374a3873ad6}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x6}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x73c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="182700000000000000acda9557e10da241b34dcb3dec2cbeb28e0dfe3ce0c358e78ed67d97cbdfd8324bc8d8637fcdf3d02c604d99b9a222de5334e7290004000000e0ffffffffffffff0005000000000000000c00000064ebbf863e939f4702c12dd7cd63daeec24a58c77879d02b8df1f380c3f40ea8f68810cb3af8a33169e8c7cb5e59d3d9855dbfc7908e54b83531d225fae8682903942c808b7ac12fa3a87222a877d53022172b62932468e027cdfbc9d737fdc11d361267a42f01b1dd47dda5353267c3a7b0b94ab853c77934d7f633cb7958e9e431d7ab9f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r1 = socket$kcm(0x2c, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x11b, 0x6, &(0x7f0000000000), 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan1\x00'})
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000200), 0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x5}]}, 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="1400000002010500000011000000000002000008"], 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$pidfd(0xffffff9c, 0x0, 0x630400, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000280)={0x0, 0xfffffffffffffed3, &(0x7f00000000c0)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="9c0000000001010400000000000000000a0002003c0001802c000180140003000000000000000000000000000000000014000400fc0200000000000000000000000000000c00028005000100000000001c0002800c000280050001009900000500000080050001000000000008000740000000002800068024000380060002004e210000060002004e210000060001004e240000060002004e2100003669e41419e2c46a22572cc88fc76b29a2c117959c16430202ef6f33c7de1084b2f8e9941b4921ad66bae03d50d12c0ce236c4ecef825153917850d6ae09f0225924daaecbabb5ac8223a449ad7a0bd316a8f0f669988daff8f880477e945181eedcaec1692600be6d1d62fd14fc87fe8b8e001f7c00b9b5e6c640ddcda92358ae9f83c6ee213dfff421e0ea6905369dd29f5ac62edd9a0947f35baf8a935e9592192709597ddf5e514bc4f7b91142bfe1bd25287ac83656fcb4bc90d1c8504bc713a27b88fc934c262b75f65068ab90"], 0x9c}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r9 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'nicvf0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r10, {0x0, 0x6}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000740)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0x9, 0x5}, {0xf, 0x6}, {0xc, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040054)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

5.269592081s ago: executing program 4 (id=3813):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x0, 0x255fdbfb, {0xa, 0x80, 0x80}, [@RTA_IP_PROTO={0x5, 0x1b, 0x1}, @RTA_UID={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x20000004)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='3', 0x1}], 0x1)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newtaction={0x17c, 0x30, 0x1, 0x0, 0x0, {}, [{0x168, 0x1, [@m_ct={0x2c, 0x22, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_bpf={0x138, 0x1, 0x0, 0x0, {{0x8}, {0xac, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file1\x00'}, @TCA_ACT_BPF_OPS={0x44, 0x4, [{0x2, 0xf8, 0x0, 0x100}, {0x7fff, 0x0, 0xd, 0x2}, {0xd, 0x1, 0xc, 0x2}, {0x5, 0x6, 0x5, 0x8}, {0x8, 0x2e, 0x81, 0x2}, {0x5, 0x4, 0x0, 0xffff}, {0x100, 0xfd, 0xf9, 0x8}, {0x800, 0x95, 0x8, 0x98}]}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x1}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x2be2737c, 0x80000001, 0x10000000, 0x8, 0x90}}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x9}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x6626decb, 0x702, 0x4, 0x10001, 0xfffffffc}}]}, {0x66, 0x6, "d01bfa19bcadcc507cedc388b58cba1835a004d24fb03d281484bceb2804b16764d745a08e159f7ff8ea802d1e8f4b02936b78b45bcc24f548c2cef95a941a588f944f8bdf755c9bdff648f597990e94879853d57f8a059c1b2ad50fdf1ea8221c35"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x17c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000400000000000000009500000000f444a972110e5a000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x18c)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@quota}]})
lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xffffffffffffffff)
connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000280)={r2, r2, 0x1, 0x2, &(0x7f0000000100)="8d83", 0x9, 0x8, 0x2, 0x5508, 0xc338, 0x1, 0x7, 'syz0\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

5.269042153s ago: executing program 1 (id=3814):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000000c0)={@remote, <r2=>0x0}, &(0x7f0000000100)=0x14)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40001000}, 0xc, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYRES16=r2, @ANYBLOB="08003a800400000005002a000100000005002e0001000000"], 0x44}, 0x1, 0x0, 0x0, 0x4020000}, 0x44)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x6, 0x2, 0xc7a, 0x41414270, [0x3, 0x7], [0x2, 0x6]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019540)=""/102392, 0x18ff8)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(0xffffffffffffffff, 0xc058534b, &(0x7f0000000400)={0x4, 0x2, 0x6, 0x3, 0x200, 0x6})
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@generic={&(0x7f0000000300)='./file0\x00'}, 0x13)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f00000000c0)={0x84, @multicast1, 0x15, 0x3, 'rr\x00', 0x1, 0x0, 0x4007a}, 0x2c)
r5 = socket$kcm(0xa, 0x2, 0x0)
syz_io_uring_setup(0x118e, &(0x7f0000000600)={0x0, 0xfff7fffe, 0x1000, 0x0, 0x161}, &(0x7f0000000500), &(0x7f0000000340))
r6 = syz_open_procfs(0x0, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_QUERY(r7, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x2, 0x81, 0x5}, {@private=0xa010100, 0x4e23, 0x3, 0x1cb, 0x12d61, 0x12d58}}, 0x44)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r6, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r6}}, './file0\x00'})
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000440)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000680)=[{0x22, 0x0, [0x5, 0x400, 0xb56, 0x80, 0x9, 0xffffffff, 0x7, 0xfffffffe, 0x7, 0x5, 0x8, 0x7, 0x3ff, 0x3ff, 0x6, 0xfffffffd]}, {0x28, 0x0, [0x7, 0x2, 0x7, 0x8000005, 0x3, 0x9, 0x1, 0x0, 0x1, 0x5, 0x0, 0xffff0001, 0x0, 0x6, 0xee94, 0x400]}], 0xffffffffffffffff, 0x1, 0x1, 0x90}}, 0xfce5)
sendmsg$sock(r5, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x15, 0x0, @dev={0xfe, 0x80, '\x00', 0x2}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x10, 0x1, 0x24, 0x3}}], 0x10}, 0x40004)
mknodat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

5.208287094s ago: executing program 3 (id=3815):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x4, 0xa}, {}, {0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_OPS={{0x6, 0x4, 0x1c}, {0x4}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x7, 0x5}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8858}, 0x20004844)

5.140142388s ago: executing program 3 (id=3816):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x40000}})
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="1300000065ffff0800000006043950323030"], 0x13)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x20004, <r5=>r3})
r6 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r6, 0xc00c642e, &(0x7f00000000c0)={<r7=>0x0, 0x0, r5})
ioctl$DRM_IOCTL_GEM_FLINK(r6, 0xc008640a, &(0x7f0000000300)={r7, <r8=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r6, 0xc010640b, &(0x7f0000000100)={r8, <r9=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000080)={r9})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r10 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r10, &(0x7f000000e280)={0x2020}, 0x2020)
r11 = socket$inet(0x2, 0x3, 0x30)
sendmsg$inet(r11, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000300)='\b\x00', 0x64}, {&(0x7f0000000280)="f28521ab5a3db8820e5429fdd1eea52f6305bc372b94", 0x6}], 0x2, &(0x7f0000000340)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@dev={0xac, 0x14, 0x14, 0x11}, @private=0xa010101]}]}}}], 0x14}, 0x0)

4.450443452s ago: executing program 2 (id=3817):
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0)={{0xdddd1000, 0x1000, 0xe, 0xf0, 0x0, 0xfd, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x10}, {0x2, 0x1000, 0xb, 0x9, 0x8, 0x2, 0x9, 0xa, 0x5, 0xf, 0x3, 0xc5}, {0xd000, 0xe6e50002, 0xb, 0x0, 0x2, 0x7, 0x4, 0x0, 0xc, 0x0, 0x6, 0x3}, {0x8000000, 0x80a0000, 0x8, 0xfc, 0x40, 0x4f, 0x2, 0xd, 0x2, 0x3}, {0x2, 0x0, 0x9, 0x1, 0x3, 0x9, 0x9, 0x5, 0x5, 0x46, 0xe, 0x4b}, {0x1000, 0xd000, 0x0, 0x7, 0x6, 0x6c, 0x1, 0x8, 0x4, 0x8d, 0x1}, {0x6000, 0x1000, 0x8, 0x9d, 0xd, 0xfe, 0x0, 0xb, 0x5, 0x7, 0x0, 0xf8}, {0x100000, 0xd000, 0xd, 0x17, 0x3, 0x2, 0xff, 0x0, 0x14, 0x6, 0x2, 0x7}, {0x41000, 0x5}, {0x2, 0x9}, 0x40010002, 0x0, 0xf000, 0x300, 0x5, 0x2000, 0xeeef0000, [0xffffffffffffff47, 0x401, 0x8, 0x5]})
close_range(r0, 0xffffffffffffffff, 0x0)

4.170560167s ago: executing program 4 (id=3818):
creat(0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x8400, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020}, 0x2020)
io_uring_setup(0x5e4b, &(0x7f0000000200)={0x0, 0xdba3, 0x3, 0x0, 0x315})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
sendto$inet(r4, 0x0, 0x0, 0x800, &(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000000c0)=@random="519400008000", 0x6, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_SPLICE={0x1e, 0x8, 0x0, @fd=r3, 0x2, {0x0, r3}, 0x1, 0x6, 0x1, {0x0, 0x0, r2}})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x141802, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)

4.170130351s ago: executing program 2 (id=3819):
r0 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300"], 0x3c}}, 0x0)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r0)
sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYRESDEC=r0], 0x28}}, 0x24004094)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
read$FUSE(r2, &(0x7f0000000640)={0x2020}, 0x2020)
mount$9p_virtio(&(0x7f00000000c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
r3 = open$dir(&(0x7f0000000000)='./file0/file1\x00', 0x200000, 0x116)
unlinkat(r2, &(0x7f0000000600)='./file0/file0\x00', 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r2, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000400)={&(0x7f0000002780)=ANY=[@ANYBLOB="dc000000010801030000000000000000000000032c0004800800094000000001080008400000000c08000440000001010800054000000004080008400000007f1400048008000540000083f008000340000010000600024086dd00000900010073797a3002000000050003000200000006000240001100001400048008000740000000090800034000000000090004800800044000008000080002400000a23808000740000000030800024000005c120800014000000004080005400000000008000140fffffff00500030006000000986b994a86147124e212063b1065b66c73d36fde267a3731dbc1dc646586fc832443549311d718a17e620ef6a5ccb74eb7ccc4a58c778a28cbfdedcac423846be6aa1c4a37ae746ad2cf1b9209745cc35cf38f1a8290fe3d439d27236f2935ce725f10ab384fba922a6cb315d2207ecf1797443edf446fd74b8fb61f9fb3ce9467d221b5944c1ae6937f294ea1f028ec28a5faab818e2e94dda04bd176ef"], 0xdc}, 0x1, 0x0, 0x0, 0x800}, 0x4040800)
fstat(r3, &(0x7f0000000500))
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x200002)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r7 = syz_io_uring_setup(0x63a0, &(0x7f0000000140)={0x0, 0x3698, 0x1000, 0xfffffffd}, &(0x7f00000005c0)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)

4.142201952s ago: executing program 3 (id=3820):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b2b, &(0x7f0000000040)={'wlan1\x00', @random="010000000002"})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2800, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
read(r4, 0x0, 0x0)

3.168055333s ago: executing program 4 (id=3821):
socket$inet6(0xa, 0x80002, 0x0) (async)
r0 = socket$inet6(0xa, 0x80002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0) (async)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_CMDTEST(r5, 0x8040640a, &(0x7f00000000c0)={0x1, 0x30000, 0xffffffff, 0x3, 0x10, 0x6, 0x40, 0x6, 0x80, 0x1, 0x100, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$COMEDI_CMDTEST(r5, 0x8040640a, &(0x7f00000000c0)={0x1, 0x30000, 0xffffffff, 0x3, 0x10, 0x6, 0x40, 0x6, 0x80, 0x1, 0x100, 0x0, 0x0, 0x0, 0x0})
ptrace$ARCH_GET_GS(0x1e, r1, &(0x7f0000000480), 0x1004)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x6d93, 0x4) (async)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x6d93, 0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x8800, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x8800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f00000001c0)) (async)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f00000001c0))
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4138ae84, &(0x7f00000004c0)=@x86={0x2, 0x2, 0x4, 0x0, 0x9, 0x3, 0x90, 0x1, 0x2, 0x5, 0x7, 0x5, 0x0, 0x6, 0x5, 0x9, 0x56, 0x67, 0x5, '\x00', 0xe}) (async)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4138ae84, &(0x7f00000004c0)=@x86={0x2, 0x2, 0x4, 0x0, 0x9, 0x3, 0x90, 0x1, 0x2, 0x5, 0x7, 0x5, 0x0, 0x6, 0x5, 0x9, 0x56, 0x67, 0x5, '\x00', 0xe})
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, &(0x7f0000000140)=@x86={0x5, 0x0, 0x7, 0x0, 0xdc, 0x4, 0x6, 0x7, 0x7, 0x9, 0x3, 0x9, 0x0, 0x7, 0x100, 0xf7, 0x5, 0xf4, 0xc, '\x00', 0xfe})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

2.511295353s ago: executing program 2 (id=3822):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x5d96}], 0x1c)
r2 = syz_open_dev$vim2m(&(0x7f0000000180), 0x8, 0x2)
ioctl$vim2m_VIDIOC_QUERYBUF(r2, 0xc04c5609, &(0x7f0000000240)=@multiplanar_overlay={0xfffffffe, 0x3, 0x4, 0x1, 0x6, {0x77359400}, {0x3, 0x9, 0x2c, 0x3, 0x8, 0x1, "d7d554d3"}, 0x5, 0x3, {&(0x7f00000001c0)=[{0x799e0db, 0x4, {0x200}}, {0x2, 0x1c000, {0x543d}, 0x6}]}, 0x8, 0x0, r1})
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x7, @loopback, 0x52}, 0x1c, &(0x7f0000000d80)}, 0x240480c3)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
ioctl$IOC_PR_PREEMPT(r3, 0x40026102, 0x0)
accept4$inet6(r0, 0x0, &(0x7f0000000000), 0x800)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f00000002c0)={'rose0\x00', 0x1}) (fail_nth: 3)

2.245316928s ago: executing program 2 (id=3823):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x5d96}], 0x1c)
r2 = syz_open_dev$vim2m(&(0x7f0000000180), 0x8, 0x2)
ioctl$vim2m_VIDIOC_QUERYBUF(r2, 0xc04c5609, &(0x7f0000000240)=@multiplanar_overlay={0xfffffffe, 0x3, 0x4, 0x1, 0x6, {0x77359400}, {0x3, 0x9, 0x2c, 0x3, 0x8, 0x1, "d7d554d3"}, 0x5, 0x3, {&(0x7f00000001c0)=[{0x799e0db, 0x4, {0x200}}, {0x2, 0x1c000, {0x543d}, 0x6}]}, 0x8, 0x0, r1})
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x7, @loopback, 0x52}, 0x1c, &(0x7f0000000d80)}, 0x240480c3)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
ioctl$IOC_PR_PREEMPT(r3, 0x40026102, 0x0)
accept4$inet6(r0, 0x0, &(0x7f0000000000), 0x800)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f00000002c0)={'rose0\x00', 0x1})

2.228722511s ago: executing program 3 (id=3824):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x4, 0xa}, {}, {0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_OPS={{0x6, 0x4, 0x1c}, {0x4}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x7, 0x5}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8858}, 0x20004844)

2.151292129s ago: executing program 3 (id=3825):
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$usbmon(0x0, 0xb07, 0xe08c3)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000001a000000bca30000000000002403000020feffff720af0fff8ffffff71a4f2ff000000001f03000000000000e5000200000000002604fdffff0200007b010000000000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
read$FUSE(0xffffffffffffffff, &(0x7f00000025c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
capget(&(0x7f0000000040)={0x19980330, r1}, &(0x7f0000000080)={0x6, 0x8e33, 0x0, 0x9, 0x5, 0x10001})

2.150893267s ago: executing program 4 (id=3826):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
syz_open_dev$tty20(0xc, 0x4, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x40c0080)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
r2 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r2, &(0x7f00000002c0)='./file1\x00', 0x6000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r2, &(0x7f0000000100)='./file1\x00', r2, &(0x7f0000000240)='./file0\x00', 0x0)

1.902082676s ago: executing program 1 (id=3827):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280))
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x0, 0x0)
syslog(0x9, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB="000000000000002804277148b915971b33f79500acad172fda0904de4a38ccf8ce40c4f0e5dd2899caecb2c5d32b71779b91ac24287f4743cd967c4649f92941e3a4f794169880cd681a4d747229cd8081e50f95dfed3980b831f90655813e52bd196b20198fc5fa8ef4e7c6a60a7014bb86b35e516ddf0052a63216a215dc7b698e7ff8db66acc7bc143b902501e9d3dfb79fd26d58263ce1dab7657ed331cabe519c6e5db3c0fa834deebd3c5ec2dc9b3cef617697895980", @ANYRESHEX=r1, @ANYBLOB=',\x00'])
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x3, 'dh\x00', 0x1, 0x7, 0x49}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @broadcast, 0x4e21, 0x3, 'wrr\x00', 0x24, 0x81, 0x5}, {@multicast1, 0x4e03, 0x3, 0x1cb, 0x7, 0xd29d}}, 0x44)
ioctl$SNAPSHOT_FREE(r2, 0x3305)
syz_clone3(&(0x7f0000000340)={0x22024000, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)=<r3=>0x0, {0x15}, &(0x7f00000001c0), 0x0, &(0x7f0000000280)=""/38, &(0x7f00000002c0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4, {r2}}, 0x58)
ptrace$ARCH_SET_CPUID(0x1e, r3, 0x0, 0x1012)

1.864032869s ago: executing program 2 (id=3828):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f00001f}})

1.862859865s ago: executing program 1 (id=3829):
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rt_sigprocmask(0x0, &(0x7f0000000340)={[0x4, 0xf]}, &(0x7f0000000380), 0x8)
r0 = gettid()
tkill(r0, 0x12)
tkill(r0, 0x1)
tkill(r0, 0x14)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x106, 0x8}}, 0x20)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x22, 0x2, @thr={&(0x7f0000000180)="5df6b77f1a60e5398432149216acaaaa657913eefd5e3ec719e08c36f1997a894076643b17c5bf91c8afc5ba53e7b208e163bfb31efa53dc0e46d74156f4e9df374e", &(0x7f0000000200)="6c64374da4aa64ef07c0079525fed01dc58ecd21fd61b5018377f5b8f6eb5aa79bc03a92d43c484e84c941fea49676c25ae7148a1713d8258f59cdcc125b5f181f3612a38dccd25cb5b96ac4d764ea92c6dc0db53a0c1105c50964b0074cdbb7ca92db78061188bc697488f1dfee31df3493a9784ba1da92a33e4426cd5b85b46d22eb8342b08a2e3fcf9f1ad3a827243e29062a47187fb42c2be869de5e8de278d57733b52c5e024326302609a9fb1e6e92f7e43c82005a1f404a19ce190ae46d63c34648b4e4ef"}}, &(0x7f0000000300))
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x184, 0x30, 0x20, 0x70bd26, 0x0, {}, [{0x170, 0x1, [@m_ct={0x50, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4f, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0xf, 0x6, "b9c84ba59a9e51a0493f1e"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_connmark={0x11c, 0x12, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x10, 0x1, 0x0, 0x56}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x4440, 0xde44, 0x6, 0x0, 0xfffffeff}, 0x9}}]}, {0xb1, 0x6, "038fa8374d60b389ef4c62048b50650ac7da9d1cda31578afe02471f135e416aa7311c148cf84d1544c20c846da496a9c890f30e7572d5c44bfbe5552ccc239a94ce4761478fd45a6db8ac4ad337db9776a6407e02991374575e1bf4f8a2a06edd42265052e32521e2df43de8fd4dbfc7d890c9cf08e12940009be86462efe7926bb362a69dae35094b7224c8536a6a75d07224793fe9a9483dc38624b83e81374185f60f2ebe5e70c876f6137"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x184}}, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000002000002e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c897f23c90f7c97000000000000000000000000000000000010000000200000002004e030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22ac1414bb00"/383], 0x18c)
r4 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r4, &(0x7f0000000380)=[{&(0x7f0000000640)=""/212, 0xd4}], 0x1, 0x6, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x4010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r6, 0x0, 0x29, &(0x7f0000001e00)=""/218, &(0x7f0000001f00)=0xda)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)

1.761605452s ago: executing program 2 (id=3830):
r0 = socket$inet6(0xa, 0x3, 0xff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x3f73, 0x100, 0x4, 0x1a}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000600)=<r5=>0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r6, 0x0, 0x0, 0x0, 0x2000, 0x1, {0x1}})
io_uring_enter(r3, 0x3516, 0xf400, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000cc0)=ANY=[@ANYBLOB="b700000018000000bfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff0000000015040000000002000f040000000000003404ffc101ed0a0065040000170000801f400000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885769"], 0x0}, 0x94)
connect$inet6(r0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000008380), 0x400000000000174, 0x4008890)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3ea3}, [@cb_func={0x18, 0xb, 0x4, 0x0, 0x1}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0xf4, &(0x7f0000000680)=""/244, 0x40f00, 0x3a, '\x00', 0x0, 0x25, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x4, 0xb, 0x1ff, 0x10000}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r8, r7, r7, r7, r7, r7, r7], 0x0, 0x10, 0x101}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000003c0)=r9, 0x4)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r10, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000140)=ANY=[@ANYBLOB="0604000000000000072000000001060c000800000000000000000000000000000000c0020000000000000000000000003c2047f32c1b7699c4a577b3241b3d1a0acc2d0e6a5f4d4da83e18ac77e5c01033203a8beface7e26757c551b82fc1da70dcf5bf34f3d0c056e734d3448f03cef0f132f3c637e9d08b0bbc0346c5ade9e894abc976df7c522847d70bc84b4d5fda046a1fc79b9fd9dc552c9631a5b11ddd59a6a51dba271dcde58ac5a8c97f2ea7518ac6b1"], 0x30)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0)

1.230775977s ago: executing program 1 (id=3831):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x20000106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
read(0xffffffffffffffff, 0x0, 0xfffffffffffffe50)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r5=>0x0})
prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0)
r6 = syz_io_uring_setup(0x10f, &(0x7f0000000700)={0x0, 0xfffffffe, 0x100, 0x1}, &(0x7f0000000240)=<r7=>0x0, &(0x7f0000000180)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1})
io_uring_enter(r6, 0x47f5, 0x6021, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001d00)=@newtfilter={0x2338, 0x2c, 0xd2b, 0x70bd29, 0x35dfdbfb, {0x0, 0x0, 0x0, r5, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x230c, 0x2, [@TCA_U32_POLICE={0x1824, 0x6, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0x4, 0x1, 0x1000, 0x4, 0x9, 0x5, 0x1, 0x1, 0x9, 0x7fffffff, 0x3, 0x3, 0x10001, 0xd, 0x7, 0xe645, 0x2, 0x65d, 0x4, 0x9, 0x800, 0x0, 0x9ddb, 0x2, 0x9, 0x9, 0x66, 0x7, 0xcc9, 0x95e, 0x37, 0x5, 0xfffffff7, 0x2d0, 0x2, 0x7, 0x27ad, 0x401, 0x5, 0x2, 0x5, 0x6, 0xfffff523, 0x4, 0x1, 0x4, 0x8, 0x8, 0xff, 0x9000000, 0xff, 0x4, 0x1, 0x2, 0x6, 0x2, 0x4d, 0x9, 0x7f, 0xc86, 0xfffffffa, 0x8, 0x3, 0x9, 0x0, 0x2, 0x7c5, 0xffff, 0x6, 0xe, 0x3, 0x3, 0x9, 0x6, 0x4, 0xfffffffe, 0x8, 0x8, 0x7, 0x8, 0x30fd, 0x8, 0x3, 0x5, 0x80000001, 0x1, 0x1ff, 0x3, 0x40, 0x101, 0x3, 0x1000, 0x4, 0xffffffff, 0x3, 0x8, 0xfb, 0x81, 0xa, 0x760b33bb, 0xf3, 0x6, 0x5, 0x3, 0xffffff01, 0x2, 0x8, 0x4, 0x10, 0x9, 0xf, 0x9, 0xf, 0x0, 0x7, 0x2000000, 0x7, 0x8001, 0x2, 0x7fff, 0x4, 0x1e5, 0x9, 0x4, 0x8, 0xbe64, 0x7f, 0x3, 0xe000000, 0x0, 0x7, 0x3, 0x6, 0x7, 0x10001, 0x2, 0x7ff, 0xfffffffd, 0x9, 0x0, 0xa, 0xf4d8, 0x3, 0x2, 0xfffffff7, 0x80, 0xaa95, 0x8, 0x80, 0x80000001, 0x4, 0xe11b, 0x2, 0x2, 0x1, 0x4, 0x1, 0x40, 0x822a, 0x3, 0x40, 0x2, 0x9, 0x9, 0x401, 0x7, 0xffffffff, 0xeb, 0x8, 0xb14, 0xc11, 0x6, 0x1, 0x0, 0x463, 0x10001, 0x81, 0x3, 0x7, 0x101, 0x7ff, 0xa8f1, 0x2, 0x8, 0x2, 0x5ef, 0x10000000, 0x10, 0x5, 0x0, 0xe, 0x9, 0x10001, 0x2, 0x1, 0x4bde748e, 0x2, 0x8001, 0x10000, 0x4, 0xfe, 0xfffffffe, 0x5, 0xa89ab600, 0xfffffffe, 0x1, 0x7fff, 0x4c3, 0x4, 0x6, 0xfffffffb, 0x5, 0x5, 0xe, 0xc4c, 0x9, 0x2, 0x2, 0x4, 0x5, 0xa, 0x3, 0x9, 0x81, 0xffffffff, 0x518b, 0x0, 0x24b8, 0x51ea260a, 0x8000, 0x2, 0x4, 0x7, 0x80000001, 0xfffffff8, 0xd, 0x0, 0x8, 0x4, 0x4, 0xfffffffa, 0x8, 0x4, 0x1, 0x9, 0x7, 0x20000000, 0x4, 0x5, 0x5, 0x6, 0x0, 0xa9, 0x46c, 0xffff8000]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x80000000, 0x5, 0xffffffff, 0x101, 0x80000001, 0x7, 0x8, 0x38b, 0x10, 0xcb86, 0x5, 0x1a2, 0x7a4, 0x3, 0xffffffff, 0x19, 0x8, 0xf27, 0x0, 0x7007, 0x7, 0x3, 0x8, 0x2, 0x3ff, 0xfffffffe, 0x7, 0xa, 0x0, 0xc, 0x4, 0x3, 0xffffff7f, 0x7, 0x3, 0x4, 0x8, 0x0, 0x3, 0x7f, 0x8, 0xc, 0x7, 0x0, 0x0, 0x9, 0x8, 0x3, 0x6b01, 0xa, 0x5, 0x6, 0x81, 0x67f, 0x0, 0xa8, 0xf, 0x10, 0xfffffff9, 0x7, 0x0, 0x6, 0x3, 0x1ff, 0x8, 0xb, 0xba04, 0x3, 0x5, 0x276f, 0x68d8, 0xa1, 0x6, 0x173a, 0x9, 0x100, 0xfffff800, 0x8b, 0x3, 0x80000000, 0x7, 0x2, 0x4, 0x4f, 0xd66, 0xa, 0x7fff, 0x1, 0x9, 0x0, 0x10, 0x2, 0xb50a, 0x5, 0xfffffff9, 0x985c, 0x3, 0x82, 0x101, 0x6, 0x3, 0x3ff, 0x0, 0x7fffffff, 0x1, 0x1, 0x401, 0x9, 0x0, 0xd, 0x3, 0x1c0, 0x20, 0x10000, 0x877, 0x7f, 0x4, 0x7, 0x0, 0x3, 0x3, 0x1000, 0x7, 0xffff7fff, 0x7, 0xfffffff7, 0xe3, 0x8, 0x8, 0xffffffc0, 0x4, 0x2, 0x6, 0x5, 0x6, 0x6, 0x4, 0x8, 0x6, 0x9, 0x3, 0xffffc8f5, 0x9, 0x7ff, 0x6, 0xe, 0x4, 0x8, 0x8ea, 0x5, 0x4, 0x5, 0x6, 0x10, 0x7, 0x69c00000, 0x0, 0x0, 0x3, 0x401, 0x60, 0xe, 0x3, 0x6, 0x1, 0xc, 0x3, 0x5d, 0x1, 0x9, 0x5, 0x4, 0x5, 0xfffffffd, 0x5, 0xa, 0x8, 0x9, 0xab7, 0x101, 0xfffffff8, 0x6, 0xb2, 0x9, 0xfffffeff, 0x6, 0x101, 0x48, 0xf0, 0x9, 0xc, 0x8001, 0x8, 0x800, 0x8, 0xffff0000, 0x7, 0xcc5, 0xddc7, 0x6, 0x3, 0x9, 0x10000, 0x4, 0x1, 0x9, 0x76f1b7e9, 0x0, 0x10000, 0x2, 0xa, 0xd, 0x6, 0x5, 0xfffffffe, 0xb47, 0x7, 0x99, 0x7eb0a6b2, 0xaa23, 0x400, 0x0, 0x0, 0x7, 0x4, 0x4, 0xb, 0x40, 0x4b04, 0x200, 0x376594a4, 0x6, 0xe5e6, 0x6, 0x2, 0x0, 0x54, 0x6, 0xdb7e, 0x8, 0x6, 0xafa, 0x8000, 0x2, 0xa514, 0x1000, 0x81, 0x9, 0x6, 0x20ae, 0xd, 0x7, 0x0, 0x835, 0xfffff85c]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8001, 0x6, 0x6, 0x101, 0x58, 0x5, 0x5, 0x0, 0xc, 0x3, 0xd40, 0x100, 0x7, 0xa, 0xfffffffd, 0x4, 0x4, 0xfffffffb, 0x3ff, 0xfffffbff, 0x7, 0xba8b, 0x79, 0xffffffff, 0x3, 0x0, 0x2, 0x6, 0x4, 0x7, 0xf9, 0x6, 0x7f, 0xe, 0x9, 0x0, 0x6, 0x5, 0x80000001, 0x9, 0x36c, 0x4, 0x1, 0x70a, 0x7, 0x7, 0x6, 0x8, 0x3ff, 0x3, 0xfffffff6, 0x345, 0x9, 0x0, 0x7c3, 0x8, 0x407b, 0x400, 0xc4, 0x100, 0xe, 0x3, 0x9, 0x3, 0x5, 0x2, 0x9, 0x80000001, 0x200, 0x1, 0x1, 0x0, 0x796, 0x10, 0x9, 0x4, 0x8001, 0x6, 0x9, 0x400, 0xe5, 0xb7f8, 0x5, 0xd, 0x3, 0x3, 0xfffffffe, 0x1ff, 0x5, 0x34a53ca3, 0x2, 0x5, 0x3, 0x2000, 0x7, 0x37, 0x1b, 0x2, 0xffff, 0x4, 0x4, 0x8, 0x0, 0x80000000, 0x7, 0x10, 0x7fff, 0x401, 0x1, 0xb4df, 0x2, 0xfffff000, 0x6, 0x5, 0xa1a4, 0x6, 0x6, 0x9, 0x3, 0x0, 0x5, 0x1, 0xc, 0x8, 0x8, 0x3, 0x5, 0x80000000, 0x4, 0x9, 0x401, 0x1, 0x5e05, 0x5, 0x81, 0x8, 0x8, 0x6, 0x6, 0xfffffffb, 0x2, 0x58a, 0x19ec0, 0x6, 0xb, 0xfffffffe, 0x7fffffff, 0x2, 0xf6, 0x8, 0x7, 0x400, 0x4a3f0afd, 0x8666, 0x81, 0x8, 0x4, 0x8, 0x6, 0x9, 0x7, 0x9, 0x69, 0x7fff, 0x2, 0x8, 0x3, 0x1, 0x10000, 0x81, 0x5, 0x81, 0xfffffffe, 0x2, 0x4, 0x9, 0x2, 0x7, 0x3, 0x2, 0xfffffffd, 0x88, 0x1000, 0xffffffff, 0xc3, 0x7, 0x3, 0x9, 0x9, 0x0, 0x10, 0x9354, 0x4, 0x7, 0x4, 0xffff0000, 0x8, 0x2, 0x2, 0x1f04, 0x8, 0x9, 0x8, 0x5, 0x7ff, 0x0, 0x40, 0x8, 0x2, 0x1ff, 0x1, 0x0, 0x800, 0x7, 0x8000, 0x1, 0x7, 0xa, 0x1b20, 0x1, 0x7, 0x8, 0x9, 0x9, 0x8, 0x8, 0x2, 0x5, 0x9b, 0x3, 0x7, 0x10000, 0x5, 0xd, 0xffff7fff, 0xffffff00, 0xd2c00, 0x4, 0x9, 0x2d72, 0x9b, 0x7ff, 0x2, 0xfffffffa, 0x4, 0x5, 0x0, 0x23, 0x2, 0x21fc, 0x1000, 0x400, 0x100, 0x3, 0x5, 0x10]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xaff3, 0xffffec83, 0x58c, 0x7, 0x1, 0x0, 0x3, 0x7236, 0x4, 0x0, 0xbc9, 0x0, 0x4, 0x5, 0xffff, 0x5, 0x3, 0x3, 0xfff, 0x9, 0x6, 0x8120, 0x11f82c0c, 0x1, 0x3, 0x8, 0x400, 0x80000001, 0x4, 0x6, 0x862, 0x1, 0xff, 0xc0000, 0x8, 0x6, 0xf, 0x0, 0x6, 0x3, 0x5, 0x9, 0x7, 0xfffffffc, 0x8, 0x49, 0xbbc, 0x1bc80a19, 0x7ff, 0x7, 0x400, 0xe7a9, 0x0, 0x3, 0x2, 0x7, 0x8, 0x7, 0x4905, 0x79e, 0x0, 0x9, 0xfffffffb, 0x3, 0x892, 0x0, 0x0, 0x10, 0x3, 0x2, 0x8, 0x9, 0x3, 0x8, 0x6, 0xb, 0x8, 0x2, 0x7ff, 0x2, 0x6, 0x5, 0x8, 0x2, 0x1000, 0x9, 0x422, 0xe, 0x6, 0x401, 0x6, 0xfffff001, 0x6, 0x4, 0x10000, 0x7, 0x101, 0x1, 0x3, 0x9, 0x9, 0x712b, 0x7, 0x7, 0x3, 0xfffffeff, 0x1, 0xd1, 0xeef, 0x100, 0x100, 0x7, 0x9, 0xd11b, 0xfffffe01, 0x8, 0x92, 0x8, 0xfffffffb, 0x1, 0x5, 0x4, 0x39, 0x8, 0x8, 0x4, 0x1, 0xc000, 0x81, 0x0, 0xa, 0x9, 0xf232, 0xb78, 0xfffffff9, 0x2, 0x1ca, 0x225, 0x3e, 0x1, 0x800, 0x7, 0x4, 0x8, 0x7, 0x7, 0x200, 0x4, 0x81, 0xcd, 0x7, 0x10000, 0x10000, 0xffff6ab2, 0x0, 0x9, 0x5, 0x8, 0xffff, 0x2, 0x61fc, 0x5, 0x7, 0x100, 0x3, 0x8, 0x3, 0x8, 0x0, 0x203, 0x200, 0x8000, 0x8, 0x1, 0x9, 0x6, 0x9, 0x7, 0x48b, 0x8, 0xde, 0x4, 0x5, 0x2, 0x6, 0x1, 0x1a4, 0x6, 0x56c, 0x8, 0xe, 0x8, 0x2, 0x2, 0x30, 0x3, 0x4, 0x3, 0x7a, 0xe, 0x7d, 0x1, 0x8001, 0x71c, 0xe, 0x85d0, 0x0, 0x0, 0xfffffff9, 0x9, 0x2, 0x8, 0x4, 0x1, 0x0, 0x12b, 0x0, 0x3, 0x400, 0xa, 0x1, 0x3, 0x6, 0x315636ce, 0x8000, 0x1, 0x9, 0x1, 0x1, 0x6, 0xb8b2, 0x3ff, 0x7, 0x4, 0x5, 0xfffffffe, 0x5, 0x2, 0x2, 0x4000, 0x1, 0x4, 0x0, 0xffff, 0x40, 0x7, 0x2, 0x1, 0x100, 0xffff0000, 0xffffffff, 0xf75, 0x4, 0x7, 0x0, 0xf275]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x100, 0x10000, 0x5, 0x1800, 0x8, 0x7, 0x7, 0x3, 0x80000000, 0x8, 0x800, 0x2f, 0x7, 0x400, 0x7fffffff, 0x1f39, 0xee03, 0x10001, 0xffffffd4, 0x7, 0x0, 0x101, 0x1, 0x0, 0xfffffb66, 0xca7d, 0x0, 0x1, 0x7fff, 0x5, 0x0, 0x8001, 0xfffffff3, 0x9, 0x5, 0x48c, 0x6, 0x5, 0x9, 0xe, 0xaff, 0x5, 0x2, 0x1000, 0x2, 0x26fb, 0x800, 0x4, 0x8b4, 0x3, 0x7, 0x7, 0x10001, 0x4, 0x1, 0x4, 0xd, 0x2, 0x4, 0xe8, 0xf9eb, 0x100, 0x7fffffff, 0x5, 0x100, 0x7, 0xfff, 0x3, 0x5, 0x8, 0x101, 0x3, 0xf, 0x3, 0x4, 0x7ed, 0x0, 0x40, 0x9, 0xa238, 0x4, 0x100, 0x3, 0x9, 0x7, 0x7fff, 0x10, 0x3ff, 0x8, 0x3, 0x4, 0x6, 0xfff, 0x7, 0x2, 0x3, 0xaacb, 0x7, 0x3, 0x9e78, 0x0, 0x2, 0x6, 0x400, 0xa9ab, 0x5, 0x3ce, 0xc0c, 0x0, 0x1, 0x7, 0x4, 0x1, 0x81, 0x3, 0x6, 0x200, 0x7f, 0xff, 0x4, 0x7, 0x6, 0x8001, 0xc, 0x3, 0xaaf9, 0x2, 0x3, 0x80000000, 0x5, 0x9, 0x5680, 0x6, 0x6, 0x501, 0xd, 0x5, 0xac4c, 0x6, 0xb2, 0x1, 0x3, 0x8, 0x4, 0x1, 0x6, 0x2, 0x3ff, 0x3, 0x5, 0x7, 0x7, 0x3, 0x2, 0x3e01, 0x80, 0xfffffff7, 0x7fff, 0x9, 0x6d3, 0x400000, 0x0, 0xfffffffa, 0x349c, 0x80, 0x6, 0x6, 0x40, 0x8, 0x316, 0x9, 0x9, 0xd272, 0x476, 0x7ff, 0x101, 0x3ff, 0x71a2, 0x0, 0x5, 0x2, 0x5, 0xb, 0x7f2c, 0x9, 0x78dd, 0x40, 0x1, 0x8, 0x3b, 0x7fffffff, 0x3, 0x8000, 0xd, 0x7, 0xffff, 0x9, 0x6, 0x3, 0x7ff, 0x1, 0x7, 0x9, 0x6, 0x1, 0xf, 0x5, 0x3ff, 0x6, 0x9, 0x401, 0x7fff, 0x6b1, 0x1000, 0x7, 0x5, 0x6, 0x81, 0x1000, 0xffffffff, 0xfffffffb, 0x704cb4f5, 0x8c0, 0x8, 0x0, 0x1, 0x80009298, 0x8, 0x80, 0x10, 0x10, 0x2, 0x9, 0x3, 0x9, 0x4, 0x0, 0x100, 0xfffffff7, 0x0, 0xfffffff3, 0x0, 0x6, 0x6073, 0x8, 0xd209, 0xffffff00, 0x7, 0x9, 0x0, 0x5, 0x8, 0xffffff59, 0x80000000, 0x7fffffff, 0x4]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0x9, 0xb, 0x100000, 0x3, 0xdaee, 0x4, 0x769, 0x8, 0x5, 0xffffffff, 0x2, 0x9, 0x1, 0x2f1a, 0x7fffffff, 0x2, 0x8, 0x8000, 0x9, 0x9, 0x7fb, 0x1000, 0xb, 0x4, 0x9, 0x9, 0x80000000, 0x1, 0xcf, 0x3, 0x1, 0xffffffff, 0x3, 0x7, 0x4, 0x6, 0x1, 0x6, 0x3, 0xffffffbe, 0x7, 0x1, 0xd0, 0xd24, 0xfffffffa, 0x2, 0xa, 0x9, 0xe7f, 0x10, 0x81, 0x2, 0x90f, 0xa, 0x1000, 0x3, 0x3, 0x7, 0x9, 0x8, 0x800, 0xf, 0x7, 0x4, 0x9ac7, 0x0, 0x2, 0x8, 0x100, 0x6, 0x1, 0x3, 0x80000001, 0xbb9, 0x9, 0xdff5, 0xfa05, 0x2, 0x80000001, 0x358, 0xffff, 0x9, 0x4cea, 0x5, 0x10, 0x9, 0x7, 0xb, 0xa, 0x90000000, 0x26445006, 0x93, 0x8, 0xe8c, 0x8, 0x10001, 0x1, 0x7, 0x400, 0x9, 0x8, 0x3, 0x3, 0xa, 0x1, 0x401, 0x8000, 0x1, 0x1000, 0x9, 0x1, 0x0, 0x80000000, 0xfffffffa, 0xfffff800, 0x9, 0x8, 0x10000, 0x6, 0x4, 0x0, 0x9, 0x7fffffff, 0x8, 0x8001, 0x311f, 0x0, 0x4, 0xffffffff, 0x3458, 0x3, 0xa, 0x7fffffff, 0xf, 0x2, 0x8e, 0x2, 0x1b80000, 0x7, 0x2, 0x6, 0x31, 0x7, 0x7fffffff, 0x80, 0x0, 0x1ff, 0x7e54, 0xffffffff, 0x4, 0x5, 0x8, 0x3, 0xfffffeff, 0x33, 0x0, 0x101, 0x8, 0x10000, 0x2, 0xe0d, 0xfffffff7, 0x5, 0x81, 0x80, 0x3, 0x2, 0x0, 0x4, 0x5, 0xd, 0x2, 0x1ff, 0x9, 0x6, 0xfffffffc, 0x1, 0xb, 0x3, 0x7fff, 0x3ff, 0x5, 0x7, 0x4, 0x9, 0xfffffffd, 0x6, 0x10001, 0xfffffffb, 0x5, 0x7ff, 0x502a, 0x6, 0x7f, 0x101, 0xc4847a7, 0x515, 0x3, 0x3, 0x9, 0x1000, 0x2, 0x100, 0x5, 0x9, 0xfffffff7, 0xdd, 0x4, 0x3, 0x7d9, 0x2b0071a3, 0x7, 0xc0a6, 0x3, 0x80, 0x7fff, 0x0, 0xfffffff9, 0x1, 0x10001, 0x4, 0xfffffff3, 0x9, 0x4, 0xfffffbff, 0x400, 0xa, 0x0, 0x7ff, 0x2b, 0xe2, 0x4, 0x2, 0x3, 0xfffffff6, 0x8, 0x40, 0x7, 0x0, 0x8, 0x6, 0x2, 0x0, 0x0, 0xf, 0x96, 0x321f, 0x1, 0x9b, 0x7, 0x0, 0x800, 0x2, 0x1000, 0x70]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x10000}]}, @TCA_U32_DIVISOR={0x8, 0x4, 0x9b}, @TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0xc}}, @TCA_U32_HASH={0x8, 0x2, 0x3}, @TCA_U32_POLICE={0x408, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0xffff, 0x1, 0x4, 0x2, 0x3b9a, 0x7a, 0xa55, 0x0, 0x2, 0x80, 0x2, 0x9, 0x2, 0xe31a, 0x100, 0x4, 0x1, 0x2, 0x40, 0x0, 0xc8, 0x3, 0x2, 0x4, 0x1, 0xffff17fd, 0x0, 0xfffffff8, 0x1f9, 0x4, 0x0, 0x4, 0x2, 0x46, 0x8, 0x5, 0x3, 0x4, 0x8, 0xfc2d, 0x8, 0x4, 0x7ff, 0x8000, 0x5, 0x6, 0x8, 0x1, 0x6, 0xf00, 0x52a, 0x5, 0xbcd, 0xfb, 0xffffffff, 0x86be, 0xfa, 0x80, 0x6, 0x4, 0x200, 0x800, 0xf, 0x8, 0x2499a6f2, 0x5, 0xbce1, 0x4, 0x9, 0x3, 0x1, 0x1, 0xa98e, 0x3, 0x10, 0x7, 0xffff, 0x43db, 0xdbc, 0x2, 0x8001, 0xd0, 0x1, 0x40, 0xffff91ca, 0xfff, 0x982, 0xffffffff, 0x59, 0xfffff801, 0x1, 0x7, 0x800, 0xc, 0x10000, 0xffffff75, 0x7fffffff, 0x9, 0xe, 0x4, 0x2, 0x1, 0x2, 0x5, 0x8, 0x1, 0xff, 0x0, 0x4, 0xdf, 0x6, 0x7, 0x2, 0x7ff, 0xc651, 0x2000, 0x2, 0x8, 0x2, 0x9, 0x120, 0xf98b, 0x9, 0x6, 0x42ddc7, 0xd054, 0x5, 0x1, 0x3, 0x7fff, 0xa, 0x2, 0xffffffe2, 0x6b, 0x10001, 0x6, 0x4, 0x0, 0x4, 0x1, 0xc0000000, 0xb9ff, 0x8, 0xab, 0x4, 0x800, 0x37, 0x81, 0x7, 0xb, 0x4, 0x8, 0x1, 0x4, 0xa1e, 0x81, 0x7ff, 0xd, 0x66, 0x9, 0xffffffff, 0x4, 0x7, 0xaae, 0x4, 0x8, 0xff, 0x101, 0x1361, 0x5, 0x2, 0x80000001, 0x3, 0x6, 0x7, 0xfffffff9, 0x3, 0x401, 0x4fc, 0xfffffffb, 0x7, 0x4, 0x0, 0x1a5a, 0x8, 0xa71, 0x2321a7a3, 0x21, 0x1, 0x2, 0xf7, 0x5, 0x800, 0x0, 0x0, 0x2cb2, 0x2, 0x1733, 0x10, 0x8, 0x3, 0x5, 0x7ff, 0x4, 0x3, 0x3c5, 0x2, 0x7ff, 0x4, 0x3, 0x0, 0xfff, 0x11c, 0xfff, 0xff, 0x1000, 0xde1, 0x7ccf, 0x2, 0x100, 0x65, 0xfffffffb, 0x6e906e55, 0x4, 0x80000000, 0x96, 0xfffffffc, 0x81, 0x4, 0x9, 0x3, 0xed, 0x4, 0x3, 0x4a6f, 0x3, 0x9, 0x8, 0x2, 0x14d5, 0x6, 0x1, 0xee53, 0x6, 0x0, 0x81, 0x8, 0x80000001, 0xae, 0x5, 0x3, 0x800, 0x7, 0x8000, 0x9, 0x100]}]}, @TCA_U32_SEL={0x6c4, 0x5, {0x9, 0xc, 0x3, 0xfffb, 0xa, 0x8000, 0x9fcd, 0x9, [{0x100, 0x3, 0x7ded, 0x2d35}, {0x0, 0xe8e, 0xfdf, 0x4}, {0x3, 0x10c8a5e7, 0x0, 0x90000000}, {0x6, 0x2, 0x9, 0x10001}, {0x5e9e, 0x7, 0x728a91c7, 0x2}, {0x2, 0x1700000, 0x7, 0x9387}, {0x7, 0x0, 0x400, 0xd840}, {0xc7, 0x0, 0xed2, 0x7f}, {0x0, 0x22, 0x6fd, 0x7fffffff}, {0x373d, 0x633e041b}, {0x6ee, 0x7, 0x7, 0x8}, {0x3, 0x89d, 0x6, 0xd}, {0xe5, 0xc, 0x80000000, 0x6f4}, {0x6, 0x1005, 0xe80b, 0x191}, {0xc, 0x4, 0x1ff, 0x6}, {0x7fff, 0x9, 0x6, 0x1}, {0x16e5, 0x1000, 0x5, 0x3}, {0x2bbd, 0x100, 0x6, 0x200}, {0x7fffffff, 0xd, 0x0, 0x10}, {0x3, 0x3, 0x8, 0x1}, {0x8, 0x6, 0x57, 0x2cce}, {0x2, 0x0, 0x4, 0x3df6}, {0xc, 0x918, 0xbc, 0x6fdc}, {0x5, 0x9f6, 0x10001, 0xaa}, {0x5, 0x6, 0x1, 0xa}, {0x48, 0xe, 0x7, 0x3}, {0x5, 0x97, 0x6, 0xff}, {0x1, 0xffffffff, 0x835, 0x2}, {0x3, 0x10, 0xd875, 0x1000}, {0x4, 0x6, 0x8, 0x200}, {0x2, 0x0, 0x0, 0x1200}, {0x5, 0x5, 0xad, 0x4}, {0x5, 0x9, 0x40, 0x8001}, {0x4, 0x0, 0x9, 0x26}, {0x2, 0x9, 0x6, 0x8}, {0x0, 0x0, 0x10}, {0xd98, 0x7ff, 0x6, 0x200}, {0x6b28, 0x7, 0x0, 0xd}, {0x10000, 0x80, 0xdf01, 0xa331}, {0x10000, 0x0, 0x6, 0x3}, {0x1ff, 0xada, 0x158, 0x5}, {0x0, 0x75b, 0x4}, {0xff, 0xffffff82, 0xff}, {0x4a9, 0x8000, 0x6, 0x7}, {0x8, 0x9, 0x7, 0x5}, {0x2, 0xbaea, 0x3, 0x8}, {0x101, 0x900, 0x4, 0x9}, {0x800, 0xa, 0x0, 0x2}, {0x401, 0x9, 0x5, 0x6}, {0x7, 0x7, 0xa, 0x1}, {0x6, 0xb4e, 0x3, 0x15}, {0x2, 0x40, 0x0, 0x81}, {0x7, 0x0, 0x4e52}, {0xfff, 0x4, 0x4b, 0x6}, {0x1, 0x1, 0x2, 0x1}, {0x2, 0x46e7, 0x0, 0x8001}, {0x5d, 0x6, 0xffffffff, 0xe9}, {0xf, 0x5, 0x3, 0x200}, {0x746, 0xffffffff, 0xf3d9, 0x7ff}, {0x7, 0x400, 0x8, 0xfffffffa}, {0x0, 0x3, 0x9, 0xff}, {0x9, 0x64d, 0xc0, 0x2}, {0x2, 0x7fffffff, 0x400, 0x7}, {0xffff, 0x10001, 0x4ff, 0x2}, {0xfffff801, 0x3ff, 0x8001, 0x8}, {0x3, 0x1000, 0x8, 0x10}, {0x9, 0x6b76, 0x1, 0xffffffff}, {0x9, 0x28, 0xfffffffd, 0x7}, {0x6, 0x4, 0x3, 0xfffffff9}, {0x5, 0x10, 0xab, 0x6}, {0x8, 0x6, 0x4, 0xd7}, {0x2, 0xe, 0x9, 0x7}, {0x7, 0xfffff582, 0xd, 0x200}, {0x3, 0x4, 0x401, 0xa5}, {0x0, 0x1, 0xd, 0x2}, {0x9, 0x3, 0x3}, {0x7, 0x3ff, 0xd5c, 0x6}, {0x51, 0x40001, 0x5, 0xd20}, {0x0, 0x5b, 0x4be, 0x2}, {0x2, 0x8, 0xfffffffe, 0x400}, {0x1ff, 0x7, 0x6, 0x19e98421}, {0x2, 0x10000, 0xc932, 0xff}, {0x8, 0xe8, 0xffff, 0xffff8000}, {0x0, 0xe, 0x8}, {0x6, 0x7, 0x8}, {0x4, 0xb48, 0x7}, {0x5, 0xc9, 0x4, 0xffff}, {0x1, 0xfa, 0x0, 0x7}, {0x8001, 0x22, 0x1, 0x7}, {0xba, 0x4, 0x1, 0x1}, {0xe, 0x4, 0x1000, 0x5}, {0x4, 0x9, 0x4, 0x4}, {0x7, 0xc, 0x8, 0x8b0}, {0x7ff, 0x1, 0xfffffff9, 0x847}, {0x7d0827f, 0x8, 0x8, 0x8}, {0x8, 0x1ff, 0xf3}, {0x2, 0x4, 0x6, 0x8600000}, {0x0, 0x8000, 0x2, 0xa7}, {0x9, 0x1, 0x1}, {0x5, 0x8, 0x400, 0x7}, {0x4, 0xfffffff9, 0x2, 0x8}, {0x2, 0x7, 0x3, 0x3}, {0x40, 0x3, 0x6, 0xe5}, {0x7, 0x5, 0x2, 0x80000001}, {0x9, 0x7ff, 0x206, 0x3}, {0x0, 0x800, 0xe, 0xffffffff}, {0x266, 0x10, 0xfffffffe, 0xc}]}}]}}]}, 0x2338}}, 0x24040084)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
syz_open_dev$media(0x0, 0x4, 0x200)

0s ago: executing program 4 (id=3832):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b2b, &(0x7f0000000040)={'wlan1\x00', @random="010000000002"})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2800, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
read(r4, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 attached
[  635.534861][T18523] 9p: Bad value for 'rfdno'
[  635.544231][T18524] vhci_hcd: connection closed
[  635.544436][ T1163] vhci_hcd vhci_hcd.1: stop threads
[  635.550042][ T1163] vhci_hcd vhci_hcd.1: release socket
[  635.551979][ T1163] vhci_hcd vhci_hcd.1: disconnect device
[  635.928406][ T6069] usb usb40-port1: attempt power cycle
[  636.324126][T18534] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  636.326961][T18534] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  636.330682][T18534] vhci_hcd vhci_hcd.0: Device attached
[  636.556685][ T6069] usb 40-1: SetAddress Request (65) to port 0
[  636.558811][ T6069] usb 40-1: new SuperSpeed USB device number 65 using vhci_hcd
[  636.836928][ T1201] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  636.908186][T18537] vhci_hcd: connection reset by peer
[  636.911173][ T1201] vhci_hcd vhci_hcd.1: stop threads
[  636.913607][ T1201] vhci_hcd vhci_hcd.1: release socket
[  636.915992][ T1201] vhci_hcd vhci_hcd.1: disconnect device
[  636.954649][T18550] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  636.957475][T18550] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  636.962190][T18550] vhci_hcd vhci_hcd.0: Device attached
[  636.974955][T18550] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  636.989200][ T1163] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  637.236816][   T24] usb 46-1: SetAddress Request (43) to port 0
[  637.239560][   T24] usb 46-1: new SuperSpeed USB device number 43 using vhci_hcd
[  637.581365][T18556] FAULT_INJECTION: forcing a failure.
[  637.581365][T18556] name failslab, interval 1, probability 0, space 0, times 0
[  637.585628][T18556] CPU: 1 UID: 0 PID: 18556 Comm: syz.2.3278 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  637.585647][T18556] Tainted: [L]=SOFTLOCKUP
[  637.585651][T18556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  637.585668][T18556] Call Trace:
[  637.585673][T18556]  <TASK>
[  637.585678][T18556]  dump_stack_lvl+0x100/0x190
[  637.585694][T18556]  should_fail_ex.cold+0x5/0xa
[  637.585713][T18556]  should_failslab+0xc2/0x120
[  637.585729][T18556]  kmem_cache_alloc_noprof+0x83/0x780
[  637.585744][T18556]  ? fcntl_setlk+0xaa/0xde0
[  637.585758][T18556]  ? fcntl_setlk+0xaa/0xde0
[  637.585769][T18556]  fcntl_setlk+0xaa/0xde0
[  637.585782][T18556]  ? __pfx_fcntl_setlk+0x10/0x10
[  637.585798][T18556]  ? find_held_lock+0x2b/0x80
[  637.585809][T18556]  ? __might_fault+0xc5/0x140
[  637.585825][T18556]  ? __might_fault+0xc5/0x140
[  637.585842][T18556]  do_compat_fcntl64+0x20f/0x720
[  637.585860][T18556]  ? __pfx_do_compat_fcntl64+0x10/0x10
[  637.585885][T18556]  __do_fast_syscall_32+0xde/0x660
[  637.585902][T18556]  do_fast_syscall_32+0x32/0x70
[  637.585916][T18556]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  637.585931][T18556] RIP: 0023:0xf743d579
[  637.585940][T18556] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  637.585950][T18556] RSP: 002b:00000000f544550c EFLAGS: 00000292 ORIG_RAX: 0000000000000037
[  637.585962][T18556] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000026
[  637.585969][T18556] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  637.585975][T18556] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  637.585981][T18556] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  637.585988][T18556] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  637.586001][T18556]  </TASK>
[  637.650033][T18551] vhci_hcd: connection reset by peer
[  637.656748][T16924] vhci_hcd vhci_hcd.4: stop threads
[  637.658439][T16924] vhci_hcd vhci_hcd.4: release socket
[  637.666597][T16924] vhci_hcd vhci_hcd.4: disconnect device
[  637.719950][   T60] usb 8-1: USB disconnect, device number 25
[  637.918294][T18565] input: syz0 as /devices/virtual/input/input25
[  638.041184][   T40] audit: type=1804 audit(1770378028.589:1567): pid=18574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.3283" name="/newroot/252/file1" dev="fuse" ino=1 res=1 errno=0
[  638.166620][ T6024] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  638.317669][T18581] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  638.338296][ T6024] usb 8-1: Using ep0 maxpacket: 16
[  638.342309][ T6024] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  638.356736][ T6024] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  638.359758][ T6024] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  638.367275][ T6024] usb 8-1: config 0 descriptor??
[  638.380723][ T6024] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input26
[  638.506740][   T40] audit: type=1326 audit(1770378028.959:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18575 comm="syz.1.3284" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0
[  638.644784][ T5331] bcm5974 8-1:0.0: could not read from device
[  638.667795][ T6024] usb 8-1: USB disconnect, device number 26
[  638.672004][ T5331] bcm5974 8-1:0.0: could not read from device
[  638.681950][ T5331] bcm5974 8-1:0.0: could not read from device
[  639.513042][T18606] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3291'.
[  639.740807][T18615] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3294'.
[  639.744446][T18615] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3294'.
[  639.758041][T18615] syzkaller0: entered promiscuous mode
[  639.759976][T18615] syzkaller0: entered allmulticast mode
[  639.898872][T18611] 9p: Bad value for 'rfdno'
[  639.910262][T18611] input: syz0 as /devices/virtual/input/input27
[  640.009262][T18596] orangefs_mount: mount request failed with -4
[  640.591497][T18630] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  640.707106][   T40] audit: type=1326 audit(1770378031.249:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.3296" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f35579 code=0x0
[  640.720115][T18635] sctp: [Deprecated]: syz.3.3299 (pid 18635) Use of struct sctp_assoc_value in delayed_ack socket option.
[  640.720115][T18635] Use struct sctp_sack_info instead
[  640.727508][T18635] sctp: [Deprecated]: syz.3.3299 (pid 18635) Use of struct sctp_assoc_value in delayed_ack socket option.
[  640.727508][T18635] Use struct sctp_sack_info instead
[  640.767138][T18635] syzkaller1: entered promiscuous mode
[  640.769055][T18635] syzkaller1: entered allmulticast mode
[  640.858143][T18638] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  640.860263][T18638] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  640.862996][T18638] vhci_hcd vhci_hcd.0: Device attached
[  640.949168][T18642] 9p: Bad value for 'rfdno'
[  641.106598][    T9] usb 43-1: new low-speed USB device number 5 using vhci_hcd
[  641.626638][ T6069] usb 40-1: device descriptor read/8, error -110
[  641.699292][T18639] vhci_hcd: connection reset by peer
[  641.701785][T16924] vhci_hcd vhci_hcd.3: stop threads
[  641.703890][T16924] vhci_hcd vhci_hcd.3: release socket
[  641.706484][T16924] vhci_hcd vhci_hcd.3: disconnect device
[  641.736881][ T6069] usb usb40-port1: unable to enumerate USB device
[  641.857062][T18644] orangefs_mount: mount request failed with -4
[  642.106976][ T1201] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  642.267070][   T24] usb 46-1: device descriptor read/8, error -110
[  642.362802][T18673] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  642.496420][   T40] audit: type=1326 audit(1770378033.039:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18667 comm="syz.4.3310" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f35579 code=0x0
[  642.598435][T18683] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  642.600523][T18683] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  642.603840][T18683] vhci_hcd vhci_hcd.0: Device attached
[  642.609676][T18683] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  642.687540][   T24] usb usb46-port1: attempt power cycle
[  642.747317][ T1201] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  642.786143][T18689] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3314'.
[  643.061020][T18694] FAULT_INJECTION: forcing a failure.
[  643.061020][T18694] name failslab, interval 1, probability 0, space 0, times 0
[  643.069209][T18694] CPU: 2 UID: 0 PID: 18694 Comm: syz.2.3316 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  643.069228][T18694] Tainted: [L]=SOFTLOCKUP
[  643.069232][T18694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  643.069238][T18694] Call Trace:
[  643.069242][T18694]  <TASK>
[  643.069247][T18694]  dump_stack_lvl+0x100/0x190
[  643.069263][T18694]  should_fail_ex.cold+0x5/0xa
[  643.069283][T18694]  should_failslab+0xc2/0x120
[  643.069299][T18694]  __kvmalloc_node_noprof+0x101/0xac0
[  643.069315][T18694]  ? alloc_netdev_mqs+0xd7/0x14f0
[  643.069332][T18694]  ? __pfx_sprintf+0x10/0x10
[  643.069345][T18694]  ? __pfx_sl_setup+0x10/0x10
[  643.069359][T18694]  ? alloc_netdev_mqs+0xd7/0x14f0
[  643.069375][T18694]  alloc_netdev_mqs+0xd7/0x14f0
[  643.069395][T18694]  slip_open+0x367/0x1120
[  643.069412][T18694]  ? __pfx___might_resched+0x10/0x10
[  643.069437][T18694]  ? find_held_lock+0x2b/0x80
[  643.069453][T18694]  ? __pfx_slip_open+0x10/0x10
[  643.069470][T18694]  ? tty_set_ldisc+0x2b1/0x740
[  643.069497][T18694]  ? __pfx_slip_open+0x10/0x10
[  643.069518][T18694]  tty_ldisc_open+0xa2/0x120
[  643.069564][T18694]  tty_set_ldisc+0x325/0x740
[  643.069590][T18694]  tty_ioctl+0x695/0x1690
[  643.069620][T18694]  ? __pfx_tty_ioctl+0x10/0x10
[  643.069643][T18694]  ? do_vfs_ioctl+0x226/0x13e0
[  643.069668][T18694]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  643.069700][T18694]  ? find_held_lock+0x2b/0x80
[  643.069715][T18694]  ? hook_file_ioctl_common+0x146/0x410
[  643.069743][T18694]  ? __fget_files+0x21f/0x3d0
[  643.069765][T18694]  tty_compat_ioctl+0x2b3/0x420
[  643.069789][T18694]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  643.069813][T18694]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  643.069841][T18694]  __do_fast_syscall_32+0xde/0x660
[  643.069864][T18694]  do_fast_syscall_32+0x32/0x70
[  643.069884][T18694]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  643.069905][T18694] RIP: 0023:0xf743d579
[  643.069919][T18694] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  643.069936][T18694] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  643.069952][T18694] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005423
[  643.069963][T18694] RDX: 00000000800003c0 RSI: 0000000000000000 RDI: 0000000000000000
[  643.069973][T18694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  643.069982][T18694] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  643.069991][T18694] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  643.070014][T18694]  </TASK>
[  643.172127][    C2] hpet: Lost 5 RTC interrupts
[  643.256992][   T24] usb usb46-port1: unable to enumerate USB device
[  643.266667][T18684] vhci_hcd: connection closed
[  643.267236][   T62] vhci_hcd vhci_hcd.3: stop threads
[  643.270472][   T62] vhci_hcd vhci_hcd.3: release socket
[  643.272324][   T62] vhci_hcd vhci_hcd.3: disconnect device
[  643.298575][T18702] netlink: 'syz.4.3317': attribute type 2 has an invalid length.
[  643.307358][T18702] netlink: 532 bytes leftover after parsing attributes in process `syz.4.3317'.
[  643.710421][T18720] comedi comedi3: mpc624: I/O port conflict (0x7fff,16)
[  645.240340][T18741] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  645.308329][   T40] audit: type=1326 audit(1770378035.859:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18738 comm="syz.2.3326" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743d579 code=0x0
[  646.072893][T18749] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  646.079569][T18749] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  646.082401][T18749] overlayfs: missing 'lowerdir'
[  646.276706][    T9] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  647.257055][T18768] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  647.259233][T18768] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  647.262417][T18769] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  647.264509][T18769] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  647.272000][T18769] vhci_hcd vhci_hcd.0: Device attached
[  647.285128][T18769] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  647.499989][T18768] vhci_hcd vhci_hcd.0: Device attached
[  647.595218][T18768] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  647.596800][ T1327] usb 40-1: SetAddress Request (66) to port 0
[  647.606626][ T1327] usb 40-1: new SuperSpeed USB device number 66 using vhci_hcd
[  647.624836][T18783] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  647.627587][T18783] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  647.635637][T18783] vhci_hcd vhci_hcd.0: Device attached
[  647.751689][T17197] usb usb44-port1: attempt power cycle
[  647.870408][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  647.886134][T16924] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  647.893953][ T6022] usb 46-1: SetAddress Request (47) to port 0
[  647.895931][ T6022] usb 46-1: new SuperSpeed USB device number 47 using vhci_hcd
[  647.906772][    T9] usb 41-1: new high-speed USB device number 6 using vhci_hcd
[  647.945499][T18771] vhci_hcd: connection reset by peer
[  647.949941][   T12] vhci_hcd vhci_hcd.1: stop threads
[  647.951664][   T12] vhci_hcd vhci_hcd.1: release socket
[  647.956047][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  648.066649][T18770] vhci_hcd: connection reset by peer
[  648.154655][   T62] vhci_hcd vhci_hcd.4: stop threads
[  648.156471][   T62] vhci_hcd vhci_hcd.4: release socket
[  648.160930][   T62] vhci_hcd vhci_hcd.4: disconnect device
[  648.210330][T18784] vhci_hcd: connection reset by peer
[  648.213411][   T62] vhci_hcd vhci_hcd.2: stop threads
[  648.215276][   T62] vhci_hcd vhci_hcd.2: release socket
[  648.217186][   T62] vhci_hcd vhci_hcd.2: disconnect device
[  648.317105][T17197] usb usb44-port1: unable to enumerate USB device
[  648.835547][T18809] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  648.874138][T18815] netlink: 7 bytes leftover after parsing attributes in process `syz.2.3339'.
[  648.879467][T18815] netlink: 7 bytes leftover after parsing attributes in process `syz.2.3339'.
[  648.919243][   T40] audit: type=1326 audit(1770378039.470:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18806 comm="syz.1.3337" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0
[  649.105964][   T40] audit: type=1326 audit(1770378295.643:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000
[  649.113990][   T40] audit: type=1326 audit(1770378295.643:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000
[  649.132979][   T40] audit: type=1326 audit(1770378295.663:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf743d579 code=0x7ffc0000
[  649.142138][   T40] audit: type=1326 audit(1770378295.673:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000
[  649.151207][   T40] audit: type=1326 audit(1770378295.673:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000
[  649.158845][   T40] audit: type=1326 audit(1770378295.673:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf743d579 code=0x7ffc0000
[  649.216768][   T40] audit: type=1326 audit(1770378295.703:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000
[  649.223967][   T40] audit: type=1326 audit(1770378295.763:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000
[  649.233301][   T40] audit: type=1326 audit(1770378295.773:1581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18814 comm="syz.2.3339" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf743d579 code=0x7ffc0000
[  650.045076][T18839] FAULT_INJECTION: forcing a failure.
[  650.045076][T18839] name failslab, interval 1, probability 0, space 0, times 0
[  650.050082][T18839] CPU: 3 UID: 0 PID: 18839 Comm: syz.2.3347 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  650.050110][T18839] Tainted: [L]=SOFTLOCKUP
[  650.050117][T18839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  650.050126][T18839] Call Trace:
[  650.050133][T18839]  <TASK>
[  650.050140][T18839]  dump_stack_lvl+0x100/0x190
[  650.050166][T18839]  should_fail_ex.cold+0x5/0xa
[  650.050195][T18839]  should_failslab+0xc2/0x120
[  650.050218][T18839]  ? load_msg+0x118/0x4a0
[  650.050234][T18839]  __kmalloc_noprof+0xf6/0x9c0
[  650.050255][T18839]  ? __pfx___might_resched+0x10/0x10
[  650.050286][T18839]  ? load_msg+0x118/0x4a0
[  650.050301][T18839]  load_msg+0x118/0x4a0
[  650.050321][T18839]  do_msgrcv+0x209/0x16f0
[  650.050339][T18839]  ? __mutex_unlock_slowpath+0x15c/0x790
[  650.050361][T18839]  ? __pfx_compat_do_msg_fill+0x10/0x10
[  650.050388][T18839]  ? __pfx_do_msgrcv+0x10/0x10
[  650.050412][T18839]  ? fput+0x79/0x100
[  650.050435][T18839]  ? ksys_write+0x1ac/0x250
[  650.050456][T18839]  ? __pfx_ksys_write+0x10/0x10
[  650.050480][T18839]  ? __do_fast_syscall_32+0xde/0x660
[  650.050501][T18839]  __do_fast_syscall_32+0xde/0x660
[  650.050523][T18839]  do_fast_syscall_32+0x32/0x70
[  650.050537][T18839]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  650.050568][T18839] RIP: 0023:0xf743d579
[  650.050578][T18839] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  650.050588][T18839] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000191
[  650.050599][T18839] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  650.050607][T18839] RDX: 0000000000002000 RSI: 0000000000000001 RDI: 0000000000005800
[  650.050613][T18839] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  650.050619][T18839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  650.050626][T18839] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  650.050640][T18839]  </TASK>
[  650.137005][T18840] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  650.138375][T18844] FAULT_INJECTION: forcing a failure.
[  650.138375][T18844] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  650.139089][T18840] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  650.146240][T18844] CPU: 2 UID: 0 PID: 18844 Comm: syz.4.3348 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  650.146269][T18844] Tainted: [L]=SOFTLOCKUP
[  650.146276][T18844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  650.146286][T18844] Call Trace:
[  650.146292][T18844]  <TASK>
[  650.146299][T18844]  dump_stack_lvl+0x100/0x190
[  650.146325][T18844]  should_fail_ex.cold+0x5/0xa
[  650.146354][T18844]  _copy_from_user+0x2e/0xd0
[  650.146381][T18844]  _autofs_dev_ioctl+0x11c/0x870
[  650.146400][T18844]  ? hook_file_ioctl_common+0x146/0x410
[  650.146427][T18844]  ? __pfx__autofs_dev_ioctl+0x10/0x10
[  650.146447][T18844]  ? __fget_files+0x21f/0x3d0
[  650.146478][T18844]  ? __pfx_autofs_dev_ioctl_compat+0x10/0x10
[  650.146498][T18844]  autofs_dev_ioctl_compat+0x19/0x30
[  650.146517][T18844]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  650.146548][T18844]  __do_fast_syscall_32+0xde/0x660
[  650.146573][T18844]  do_fast_syscall_32+0x32/0x70
[  650.146595][T18844]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  650.146616][T18844] RIP: 0023:0xf7f35579
[  650.146630][T18844] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  650.146647][T18844] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  650.146664][T18844] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c018937a
[  650.146682][T18844] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  650.146692][T18844] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  650.146702][T18844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  650.146712][T18844] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  650.146735][T18844]  </TASK>
[  650.307556][T18840] vhci_hcd vhci_hcd.0: Device attached
[  650.323337][T18840] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  650.761576][T18842] vhci_hcd: connection closed
[  650.761776][   T62] vhci_hcd vhci_hcd.1: stop threads
[  650.765029][   T62] vhci_hcd vhci_hcd.1: release socket
[  650.766906][   T62] vhci_hcd vhci_hcd.1: disconnect device
[  651.520186][T18876] program syz.2.3360 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  651.975909][T18882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3362'.
[  652.181951][T18887] syzkaller1: entered promiscuous mode
[  652.183725][T18887] syzkaller1: entered allmulticast mode
[  652.664794][ T1327] usb 40-1: device descriptor read/8, error -110
[  652.903902][T18900] Invalid ELF header magic: != ELF
[  652.916247][T18900] fuse: Bad value for 'user_id'
[  652.917878][T18900] fuse: Bad value for 'user_id'
[  652.994839][ T6022] usb 46-1: device descriptor read/8, error -110
[  653.054725][    T9] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  653.095011][ T1327] usb usb40-port1: attempt power cycle
[  653.197009][T18912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3372'.
[  653.309963][T18914] autofs: Unknown parameter 'syzkaller0'
[  653.401249][ T6022] usb usb46-port1: attempt power cycle
[  653.624953][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  653.630119][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  653.695844][ T1327] usb usb40-port1: unable to enumerate USB device
[  653.893242][T18938] FAULT_INJECTION: forcing a failure.
[  653.893242][T18938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  653.898838][T18938] CPU: 2 UID: 0 PID: 18938 Comm: syz.4.3380 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  653.898868][T18938] Tainted: [L]=SOFTLOCKUP
[  653.898875][T18938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  653.898885][T18938] Call Trace:
[  653.898892][T18938]  <TASK>
[  653.898900][T18938]  dump_stack_lvl+0x100/0x190
[  653.898927][T18938]  should_fail_ex.cold+0x5/0xa
[  653.898957][T18938]  _copy_from_user+0x2e/0xd0
[  653.898984][T18938]  ? __pfx_binder_ioctl+0x10/0x10
[  653.899003][T18938]  binder_ioctl+0x491/0x7450
[  653.899026][T18938]  ? find_held_lock+0x2b/0x80
[  653.899043][T18938]  ? tomoyo_path_number_perm+0x28f/0x580
[  653.899068][T18938]  ? tomoyo_path_number_perm+0x28f/0x580
[  653.899098][T18938]  ? tomoyo_path_number_perm+0x188/0x580
[  653.899125][T18938]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  653.899152][T18938]  ? __pfx_binder_ioctl+0x10/0x10
[  653.899178][T18938]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  653.899200][T18938]  ? do_vfs_ioctl+0x226/0x13e0
[  653.899228][T18938]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  653.899262][T18938]  ? find_held_lock+0x2b/0x80
[  653.899279][T18938]  ? hook_file_ioctl_common+0x146/0x410
[  653.899310][T18938]  ? __fget_files+0x21f/0x3d0
[  653.899333][T18938]  ? __pfx_binder_ioctl+0x10/0x10
[  653.899352][T18938]  compat_ptr_ioctl+0x6e/0xa0
[  653.899377][T18938]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  653.899409][T18938]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  653.899440][T18938]  __do_fast_syscall_32+0xde/0x660
[  653.899466][T18938]  do_fast_syscall_32+0x32/0x70
[  653.899488][T18938]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  653.899510][T18938] RIP: 0023:0xf7f35579
[  653.899542][T18938] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  653.899558][T18938] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  653.899575][T18938] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201
[  653.899586][T18938] RDX: 0000000080001640 RSI: 0000000000000000 RDI: 0000000000000000
[  653.899596][T18938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  653.899605][T18938] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  653.899615][T18938] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  653.899640][T18938]  </TASK>
[  653.899687][T18938] binder: 18937:18938 ioctl c0306201 80001640 returned -14
[  653.993125][T14977] libceph: connect (1)[c::]:6789 error -101
[  653.995272][T14977] libceph: mon0 (1)[c::]:6789 connect error
[  653.997879][T14977] libceph: connect (1)[c::]:6789 error -101
[  654.000018][T14977] libceph: mon0 (1)[c::]:6789 connect error
[  654.044595][ T6022] usb usb46-port1: unable to enumerate USB device
[  654.254218][   T24] libceph: connect (1)[c::]:6789 error -101
[  654.256244][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  654.484523][T18951] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  654.486605][T18951] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  654.489182][T18951] vhci_hcd vhci_hcd.0: Device attached
[  654.499941][T18951] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  654.570014][T18958] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3385'.
[  654.676534][T18962] ptrace attach of "/syz-executor exec"[15567] was attempted by ""[18962]
[  654.731148][T18939] ceph: No mds server is up or the cluster is laggy
[  654.756455][   T24] usb 46-1: SetAddress Request (51) to port 0
[  654.759049][   T24] usb 46-1: new SuperSpeed USB device number 51 using vhci_hcd
[  655.063985][T18955] vhci_hcd: connection reset by peer
[  655.066605][ T1163] vhci_hcd vhci_hcd.4: stop threads
[  655.069172][ T1163] vhci_hcd vhci_hcd.4: release socket
[  655.071625][ T1163] vhci_hcd vhci_hcd.4: disconnect device
[  655.180872][T18975] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3392'.
[  655.184370][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  655.184382][   T40] audit: type=1326 audit(1770378301.736:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.1.3392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  655.184493][   T40] audit: type=1326 audit(1770378301.736:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.1.3392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  655.187021][T18975] netlink: 'syz.1.3392': attribute type 5 has an invalid length.
[  655.611703][T18991] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  655.613851][T18991] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  655.616860][T18991] vhci_hcd vhci_hcd.0: Device attached
[  655.622528][T18991] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  655.903598][ T1327] usb 44-1: SetAddress Request (74) to port 0
[  655.910450][ T1327] usb 44-1: new SuperSpeed USB device number 74 using vhci_hcd
[  655.943192][T17197] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  656.096858][T17197] usb 9-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  656.103125][T17197] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.106227][T17197] usb 9-1: Product: syz
[  656.111830][T17197] usb 9-1: Manufacturer: syz
[  656.114281][T17197] usb 9-1: SerialNumber: syz
[  656.257662][T18992] vhci_hcd: connection reset by peer
[  656.260048][ T1163] vhci_hcd vhci_hcd.3: stop threads
[  656.262246][ T1163] vhci_hcd vhci_hcd.3: release socket
[  656.264734][ T1163] vhci_hcd vhci_hcd.3: disconnect device
[  656.343491][ T5944] Bluetooth: hci3: command 0x0406 tx timeout
[  656.421456][T19008] FAULT_INJECTION: forcing a failure.
[  656.421456][T19008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  656.433005][T19008] CPU: 3 UID: 0 PID: 19008 Comm: syz.1.3402 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  656.433025][T19008] Tainted: [L]=SOFTLOCKUP
[  656.433029][T19008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  656.433036][T19008] Call Trace:
[  656.433040][T19008]  <TASK>
[  656.433045][T19008]  dump_stack_lvl+0x100/0x190
[  656.433061][T19008]  should_fail_ex.cold+0x5/0xa
[  656.433080][T19008]  _copy_from_user+0x2e/0xd0
[  656.433098][T19008]  do_pagemap_scan+0xc4/0xcc0
[  656.433114][T19008]  ? __pfx_do_pagemap_scan+0x10/0x10
[  656.433127][T19008]  ? do_vfs_ioctl+0x226/0x13e0
[  656.433146][T19008]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  656.433172][T19008]  ? __fget_files+0x21f/0x3d0
[  656.433186][T19008]  do_pagemap_cmd+0x58/0x80
[  656.433199][T19008]  ? __pfx_do_pagemap_cmd+0x10/0x10
[  656.433212][T19008]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  656.433232][T19008]  __do_fast_syscall_32+0xde/0x660
[  656.433248][T19008]  do_fast_syscall_32+0x32/0x70
[  656.433262][T19008]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  656.433276][T19008] RIP: 0023:0xf7fe7579
[  656.433285][T19008] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  656.433296][T19008] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  656.433307][T19008] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0606610
[  656.433314][T19008] RDX: 0000000080000480 RSI: 0000000000000000 RDI: 0000000000000000
[  656.433320][T19008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  656.433327][T19008] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  656.433333][T19008] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  656.433347][T19008]  </TASK>
[  656.533307][T18995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  656.536802][T18995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  656.714781][T19014] FAULT_INJECTION: forcing a failure.
[  656.714781][T19014] name failslab, interval 1, probability 0, space 0, times 0
[  656.718868][T19014] CPU: 2 UID: 0 PID: 19014 Comm: syz.2.3404 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  656.718886][T19014] Tainted: [L]=SOFTLOCKUP
[  656.718890][T19014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  656.718908][T19014] Call Trace:
[  656.718913][T19014]  <TASK>
[  656.718918][T19014]  dump_stack_lvl+0x100/0x190
[  656.718935][T19014]  should_fail_ex.cold+0x5/0xa
[  656.718951][T19014]  ? __pfx_io_file_supports_nowait+0x10/0x10
[  656.718965][T19014]  should_failslab+0xc2/0x120
[  656.718982][T19014]  ? io_cache_alloc_new+0x45/0xe0
[  656.718996][T19014]  ? io_cache_alloc_new+0x45/0xe0
[  656.719010][T19014]  __kmalloc_noprof+0xf6/0x9c0
[  656.719025][T19014]  ? io_cache_alloc_new+0x45/0xe0
[  656.719040][T19014]  io_cache_alloc_new+0x45/0xe0
[  656.719055][T19014]  io_arm_apoll+0x873/0xa10
[  656.719069][T19014]  ? __pfx_io_arm_apoll+0x10/0x10
[  656.719086][T19014]  ? __io_issue_sqe+0x14a/0x7a0
[  656.719105][T19014]  io_arm_poll_handler+0x223/0x2b0
[  656.719119][T19014]  io_queue_async+0x159/0x200
[  656.719131][T19014]  io_submit_sqes+0x1610/0x21c0
[  656.719151][T19014]  __do_sys_io_uring_enter+0x6b4/0x15b0
[  656.719168][T19014]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  656.719185][T19014]  ? fput+0x79/0x100
[  656.719200][T19014]  ? ksys_write+0x1ac/0x250
[  656.719212][T19014]  ? __pfx_ksys_write+0x10/0x10
[  656.719228][T19014]  __do_fast_syscall_32+0xde/0x660
[  656.719244][T19014]  do_fast_syscall_32+0x32/0x70
[  656.719259][T19014]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  656.719273][T19014] RIP: 0023:0xf743d579
[  656.719282][T19014] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  656.719293][T19014] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 00000000000001aa
[  656.719304][T19014] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000002de6
[  656.719311][T19014] RDX: 0000000010009f25 RSI: 0000000000000000 RDI: 0000000000000000
[  656.719317][T19014] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  656.719324][T19014] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  656.719330][T19014] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  656.719344][T19014]  </TASK>
[  657.167862][T17197] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  657.174554][T17197] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO
[  657.183991][T17197] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  657.190610][T17197] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  657.201755][T17197] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  657.221344][T17197] lan78xx 9-1:1.0: probe with driver lan78xx failed with error -71
[  657.231662][T17197] usb 9-1: USB disconnect, device number 11
[  657.376158][T19021] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  657.378182][T19021] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  657.380642][T19021] vhci_hcd vhci_hcd.0: Device attached
[  657.388089][T19021] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  657.970677][T19027] vhci_hcd: connection closed
[  657.970892][ T1163] vhci_hcd vhci_hcd.3: stop threads
[  657.974208][ T1163] vhci_hcd vhci_hcd.3: release socket
[  657.977898][ T1163] vhci_hcd vhci_hcd.3: disconnect device
[  658.091107][T19038] binder: BINDER_SET_CONTEXT_MGR already set
[  658.094253][T19038] binder: 19037:19038 ioctl 4018620d 80000100 returned -16
[  658.099624][T19038] binder: BINDER_SET_CONTEXT_MGR already set
[  658.101573][T19038] binder: 19037:19038 ioctl 4018620d 800002c0 returned -16
[  658.578359][T19040] syz.3.3412 (19040): drop_caches: 2
[  658.583860][T19040] syz.3.3412 (19040): drop_caches: 2
[  658.827362][T19048] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  658.830038][T19048] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  658.833344][T19048] vhci_hcd vhci_hcd.0: Device attached
[  658.841519][T19048] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  659.049614][T19056] comedi comedi3: comedi_config --init_data is deprecated
[  659.381779][ T1148] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  659.387302][ T1163] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  659.791321][   T24] usb 46-1: device descriptor read/8, error -110
[  659.981185][T19049] vhci_hcd: connection closed
[  659.989550][ T1163] vhci_hcd vhci_hcd.3: stop threads
[  659.994203][ T1163] vhci_hcd vhci_hcd.3: release socket
[  659.996591][ T1163] vhci_hcd vhci_hcd.3: disconnect device
[  660.201668][   T24] usb usb46-port1: attempt power cycle
[  660.280769][   T40] audit: type=1326 audit(1770378306.829:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.291066][   T40] audit: type=1326 audit(1770378306.829:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.297902][   T40] audit: type=1326 audit(1770378306.839:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.304862][   T40] audit: type=1326 audit(1770378306.839:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.311995][   T40] audit: type=1326 audit(1770378306.839:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.318732][   T40] audit: type=1326 audit(1770378306.839:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=248 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.325504][   T40] audit: type=1326 audit(1770378306.839:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.332237][   T40] audit: type=1326 audit(1770378306.839:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.338938][   T40] audit: type=1326 audit(1770378306.839:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.345679][   T40] audit: type=1326 audit(1770378306.839:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19067 comm="syz.4.3422" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  660.761902][   T24] usb usb46-port1: unable to enumerate USB device
[  660.829011][T19085] netlink: 'syz.2.3427': attribute type 1 has an invalid length.
[  660.874544][T19085] gretap1: entered allmulticast mode
[  660.891575][T19085] bond3: (slave gretap1): making interface the new active one
[  660.895374][T19085] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  660.981225][ T1327] usb 44-1: device descriptor read/8, error -110
[  661.221225][T19097] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  661.223689][T19097] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  661.228256][T19097] vhci_hcd vhci_hcd.0: Device attached
[  661.248678][T19094] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  661.256744][T19103] vhci_hcd: connection closed
[  661.257002][ T1148] vhci_hcd vhci_hcd.3: stop threads
[  661.262464][ T1148] vhci_hcd vhci_hcd.3: release socket
[  661.264505][ T1148] vhci_hcd vhci_hcd.3: disconnect device
[  661.267085][T19105] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  661.274048][T19105] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3432'.
[  662.040968][T19117] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  662.047088][T19117] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3433'.
[  662.090687][T19121] FAULT_INJECTION: forcing a failure.
[  662.090687][T19121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  662.095265][T19121] CPU: 2 UID: 0 PID: 19121 Comm: syz.3.3435 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  662.095283][T19121] Tainted: [L]=SOFTLOCKUP
[  662.095287][T19121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  662.095295][T19121] Call Trace:
[  662.095300][T19121]  <TASK>
[  662.095305][T19121]  dump_stack_lvl+0x100/0x190
[  662.095321][T19121]  should_fail_ex.cold+0x5/0xa
[  662.095340][T19121]  _copy_from_iter+0x1f4/0x1690
[  662.095364][T19121]  ? __asan_memset+0x23/0x50
[  662.095376][T19121]  ? __build_skb_around+0x278/0x390
[  662.095390][T19121]  ? __pfx__copy_from_iter+0x10/0x10
[  662.095407][T19121]  ? __alloc_skb+0x220/0x410
[  662.095422][T19121]  ? __pfx___alloc_skb+0x10/0x10
[  662.095438][T19121]  ? __pfx__copy_from_iter+0x10/0x10
[  662.095457][T19121]  skb_copy_datagram_from_iter+0x11f/0x720
[  662.095491][T19121]  tun_get_user+0x1884/0x3e10
[  662.095517][T19121]  ? __pfx_tun_get_user+0x10/0x10
[  662.095536][T19121]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  662.095552][T19121]  ? find_held_lock+0x2b/0x80
[  662.095562][T19121]  ? tun_get+0x191/0x370
[  662.095578][T19121]  ? tun_get+0x191/0x370
[  662.095597][T19121]  tun_chr_write_iter+0xdc/0x200
[  662.095616][T19121]  vfs_write+0x6ac/0x1070
[  662.095629][T19121]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  662.095649][T19121]  ? __pfx_vfs_write+0x10/0x10
[  662.095660][T19121]  ? find_held_lock+0x2b/0x80
[  662.095680][T19121]  ksys_write+0x12a/0x250
[  662.095692][T19121]  ? __pfx_ksys_write+0x10/0x10
[  662.095704][T19121]  ? __pfx_ksys_write+0x10/0x10
[  662.095716][T19121]  ? fput+0x79/0x100
[  662.095733][T19121]  __do_fast_syscall_32+0xde/0x660
[  662.095750][T19121]  do_fast_syscall_32+0x32/0x70
[  662.095764][T19121]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  662.095778][T19121] RIP: 0023:0xf7f63579
[  662.095787][T19121] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  662.095798][T19121] RSP: 002b:00000000f542650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  662.095809][T19121] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  662.095816][T19121] RDX: 0000000000000072 RSI: 0000000000000000 RDI: 0000000000000000
[  662.095823][T19121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  662.095829][T19121] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  662.095836][T19121] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  662.095850][T19121]  </TASK>
[  662.661554][T19144] loop6: detected capacity change from 0 to 7
[  662.666252][    C3] blk_print_req_error: 11 callbacks suppressed
[  662.666265][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.672038][    C3] buffer_io_error: 11 callbacks suppressed
[  662.672049][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.680587][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.683739][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.688185][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.691958][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.696193][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.700331][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.703996][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.707158][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.720069][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.723126][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.726622][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.730106][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.733408][T19144] ldm_validate_partition_table(): Disk read failed.
[  662.741419][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.744878][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.747667][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.751094][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.754649][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  662.757678][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  662.762658][T19144] Dev loop6: unable to read RDB block 0
[  662.768772][T19144]  loop6: unable to read partition table
[  662.771714][T19144] loop6: partition table beyond EOD, truncated
[  662.774217][T19144] loop_reread_partitions: partition scan of loop6 (���������S�j̖�P=ý?�}X���	���%��`��ր����5) failed (rc=-5)
[  662.868064][T19146] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  663.198531][T19148] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  663.204819][T19148] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  663.207715][T19148] overlayfs: missing 'lowerdir'
[  663.493439][T19150] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  663.500627][T19151] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  663.502674][T19151] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  663.506367][T19151] vhci_hcd vhci_hcd.0: Device attached
[  663.511258][T19154] vhci_hcd: connection closed
[  663.511476][   T62] vhci_hcd vhci_hcd.4: stop threads
[  663.514519][   T62] vhci_hcd vhci_hcd.4: release socket
[  663.516142][   T62] vhci_hcd vhci_hcd.4: disconnect device
[  663.822340][T19159] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  663.825752][T19162] loop8: detected capacity change from 0 to 7
[  663.826509][T19159] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3444'.
[  663.836185][T19162]  loop8: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2
[  663.838897][T19162] loop8: partition table partially beyond EOD, truncated
[  663.844081][T19162] loop8: p1 size 3651402975 extends beyond EOD, truncated
[  663.856487][T19162] loop8: p2 start 956478 is beyond EOD, truncated
[  664.163455][T19168] FAULT_INJECTION: forcing a failure.
[  664.163455][T19168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  664.169126][T19167] netlink: 'syz.1.3446': attribute type 1 has an invalid length.
[  664.169944][T19168] CPU: 1 UID: 0 PID: 19168 Comm: syz.4.3447 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  664.169962][T19168] Tainted: [L]=SOFTLOCKUP
[  664.169966][T19168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  664.169973][T19168] Call Trace:
[  664.169978][T19168]  <TASK>
[  664.169982][T19168]  dump_stack_lvl+0x100/0x190
[  664.169999][T19168]  should_fail_ex.cold+0x5/0xa
[  664.170018][T19168]  _copy_to_user+0x32/0xd0
[  664.170036][T19168]  simple_read_from_buffer+0xcb/0x170
[  664.170050][T19168]  proc_fail_nth_read+0x1af/0x230
[  664.170063][T19168]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  664.170077][T19168]  ? rw_verify_area+0xce/0x6d0
[  664.170089][T19168]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  664.170107][T19168]  vfs_read+0x1e4/0xb30
[  664.170128][T19168]  ? __pfx_vfs_read+0x10/0x10
[  664.170144][T19168]  ? find_held_lock+0x2b/0x80
[  664.170161][T19168]  ? __fget_files+0x215/0x3d0
[  664.170185][T19168]  ? __fget_files+0x21f/0x3d0
[  664.170210][T19168]  ksys_read+0x12a/0x250
[  664.170229][T19168]  ? __pfx_ksys_read+0x10/0x10
[  664.170255][T19168]  do_int80_emulation+0x101/0x470
[  664.170280][T19168]  asm_int80_emulation+0x1a/0x20
[  664.170298][T19168] RIP: 0023:0xf713572b
[  664.170311][T19168] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  664.170325][T19168] RSP: 002b:00000000f53f64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  664.170341][T19168] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f53f65d0
[  664.170351][T19168] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  664.170360][T19168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  664.170369][T19168] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  664.170378][T19168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  664.170402][T19168]  </TASK>
[  665.106687][T19188] 
: renamed from bond_slave_0 (while UP)
[  665.139006][   T82] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  665.139020][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  666.539077][T19200] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  666.617007][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  666.617027][   T40] audit: type=1326 audit(1770378313.162:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19197 comm="syz.1.3455" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0
[  666.750273][T19206] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  666.762471][T19206] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  666.765247][T19206] overlayfs: missing 'lowerdir'
[  667.612075][T19214] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  667.615057][T19214] syzkaller0: entered promiscuous mode
[  667.617056][T19214] syzkaller0: entered allmulticast mode
[  667.646269][T19214] syzkaller0: mtu greater than device maximum
[  667.652101][T19213] tipc: Resetting bearer <eth:syzkaller0>
[  667.663299][T19213] tipc: Disabling bearer <eth:syzkaller0>
[  667.778617][T19218] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  667.780983][T19218] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  667.788265][T19218] vhci_hcd vhci_hcd.0: Device attached
[  667.802124][T19218] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  668.077145][   T24] usb 44-1: SetAddress Request (76) to port 0
[  668.079895][   T24] usb 44-1: new SuperSpeed USB device number 76 using vhci_hcd
[  668.096530][T19227] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  668.098865][T19227] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  668.109193][T19227] vhci_hcd vhci_hcd.0: Device attached
[  668.154194][T19227] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  668.379119][   T10] usb 40-1: SetAddress Request (70) to port 0
[  668.381026][   T10] usb 40-1: new SuperSpeed USB device number 70 using vhci_hcd
[  668.556923][T19219] vhci_hcd: connection reset by peer
[  668.561111][   T12] vhci_hcd vhci_hcd.3: stop threads
[  668.566991][   T12] vhci_hcd vhci_hcd.3: release socket
[  668.570566][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  668.700798][T19238] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3463'.
[  668.705141][T19238] tipc: Started in network mode
[  668.705141][T19228] vhci_hcd: connection reset by peer
[  668.705264][   T12] vhci_hcd vhci_hcd.1: stop threads
[  668.710094][T19238] tipc: Node identity 425419fad528, cluster identity 4711
[  668.712553][   T12] vhci_hcd vhci_hcd.1: release socket
[  668.714237][T19238] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  668.715226][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  668.722363][T19238] syzkaller0: entered promiscuous mode
[  668.724559][T19238] syzkaller0: entered allmulticast mode
[  668.729554][T19238] tipc: Resetting bearer <eth:syzkaller0>
[  668.732981][T19237] tipc: Resetting bearer <eth:syzkaller0>
[  668.752115][T19237] tipc: Disabling bearer <eth:syzkaller0>
[  670.577782][   T40] audit: type=1326 audit(1770378317.134:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19252 comm="syz.4.3468" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f35579 code=0x0
[  670.650070][T19258] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  670.896123][   T62] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  670.900424][   T62] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  671.710088][T19275] fuse: Bad value for 'fd'
[  671.717303][T19280] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  671.846584][T19279] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3472'.
[  671.925340][   T40] audit: type=1326 audit(1770378318.485:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19276 comm="syz.4.3472" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f35579 code=0x0
[  672.367031][T19296] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  672.369141][T19296] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  672.372150][T19296] vhci_hcd vhci_hcd.0: Device attached
[  672.403502][T19296] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  672.671806][T19303] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  672.765101][   T40] audit: type=1326 audit(1770378319.325:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19299 comm="syz.4.3476" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f35579 code=0x0
[  673.135084][   T24] usb 44-1: device descriptor read/8, error -110
[  673.526064][   T24] usb usb44-port1: attempt power cycle
[  673.552197][T19297] vhci_hcd: connection closed
[  673.552428][   T82] vhci_hcd vhci_hcd.1: stop threads
[  673.556952][   T82] vhci_hcd vhci_hcd.1: release socket
[  673.558917][   T82] vhci_hcd vhci_hcd.1: disconnect device
[  673.619629][   T10] usb 40-1: device descriptor read/8, error -110
[  674.085201][T19321] loop6: detected capacity change from 0 to 7
[  674.114070][   T24] usb usb44-port1: unable to enumerate USB device
[  674.115619][    C3] blk_print_req_error: 11 callbacks suppressed
[  674.115637][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.123134][    C3] buffer_io_error: 11 callbacks suppressed
[  674.123148][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.194243][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.197539][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.200648][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.204010][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.207528][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.210821][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.217735][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.221167][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.320159][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.323307][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.326976][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.330215][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.452821][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.453224][   T10] usb usb40-port1: attempt power cycle
[  674.455966][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.460245][T19321] ldm_validate_partition_table(): Disk read failed.
[  674.460719][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.465990][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.481720][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  674.485595][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  674.497664][T19321] Dev loop6: unable to read RDB block 0
[  674.508529][T19321]  loop6: unable to read partition table
[  674.521696][T19321] loop6: partition table beyond EOD, truncated
[  674.525045][T19321] loop_reread_partitions: partition scan of loop6 (���������S�j̖�P=ý?�}X���	���%��`��ր����5) failed (rc=-5)
[  675.046210][   T10] usb usb40-port1: unable to enumerate USB device
[  676.653655][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  676.657298][ T1140] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  676.757257][T19364] fuse: Bad value for 'fd'
[  676.914568][T19365] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  676.972229][T19367] 9pnet_virtio: no channels available for device syz
[  678.062302][T19376] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  679.003000][T19376] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3493'.
[  679.081566][   T40] audit: type=1326 audit(1770378325.638:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19373 comm="syz.2.3493" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743d579 code=0x0
[  680.294761][T19422] fuse: Bad value for 'fd'
[  680.302415][T19423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3503'.
[  680.315584][T19423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3503'.
[  680.323454][T19423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3503'.
[  680.331465][T19423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3503'.
[  680.357234][T19421] netlink: 'syz.1.3503': attribute type 27 has an invalid length.
[  680.411952][T19423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3503'.
[  680.416150][T19423] openvswitch: netlink: Missing key (keys=40, expected=80)
[  680.460366][T19421] bridge0: port 2(bridge_slave_1) entered disabled state
[  680.462977][T19421] bridge0: port 1(bridge_slave_0) entered disabled state
[  680.624613][T19421] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  680.632873][T19421] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  680.662902][T19421] veth0_vlan: left allmulticast mode
[  680.770483][T19421] vlan2: left promiscuous mode
[  680.775118][T19421] vlan2: left allmulticast mode
[  680.777103][T19421] hsr_slave_1: left allmulticast mode
[  680.790099][ T1140] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  680.796409][ T1140] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  680.801297][ T1140] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  680.815157][ T1140] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  680.840064][T19428] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  681.376387][T19433] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  681.378481][T19433] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  681.390151][T19433] vhci_hcd vhci_hcd.0: Device attached
[  681.432129][T19433] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  681.650394][   T24] usb 46-1: SetAddress Request (55) to port 0
[  681.653096][   T24] usb 46-1: new SuperSpeed USB device number 55 using vhci_hcd
[  681.771509][ T1140] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  682.226079][T19434] vhci_hcd: connection reset by peer
[  682.228049][ T1140] vhci_hcd vhci_hcd.4: stop threads
[  682.230219][ T1140] vhci_hcd vhci_hcd.4: release socket
[  682.230685][T19442] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  682.232080][ T1140] vhci_hcd vhci_hcd.4: disconnect device
[  682.234070][T19442] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  682.238498][T19442] vhci_hcd vhci_hcd.0: Device attached
[  682.410206][ T1201] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  682.499968][T17197] usb 44-1: SetAddress Request (80) to port 0
[  682.502668][T17197] usb 44-1: new SuperSpeed USB device number 80 using vhci_hcd
[  682.540224][T19442] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  683.495489][T19443] vhci_hcd: connection reset by peer
[  683.500409][T16924] vhci_hcd vhci_hcd.3: stop threads
[  683.502169][T16924] vhci_hcd vhci_hcd.3: release socket
[  683.507709][T16924] vhci_hcd vhci_hcd.3: disconnect device
[  684.025590][T19460] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  684.027953][T19460] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  684.030662][T19460] vhci_hcd vhci_hcd.0: Device attached
[  684.036507][T19460] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  684.296347][T19470] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  684.298532][T19470] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  684.301658][T19470] vhci_hcd vhci_hcd.0: Device attached
[  684.331555][T19470] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  684.733302][T19477] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  684.735442][T19477] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  684.749126][T19477] vhci_hcd vhci_hcd.0: Device attached
[  684.806333][T19477] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  684.863792][T19461] vhci_hcd: connection closed
[  684.864622][ T1140] vhci_hcd vhci_hcd.4: stop threads
[  684.869043][ T1140] vhci_hcd vhci_hcd.4: release socket
[  684.871608][ T1140] vhci_hcd vhci_hcd.4: disconnect device
[  684.906491][T19471] vhci_hcd: connection closed
[  684.906857][ T1140] vhci_hcd vhci_hcd.3: stop threads
[  684.911112][ T1140] vhci_hcd vhci_hcd.3: release socket
[  684.913500][ T1140] vhci_hcd vhci_hcd.3: disconnect device
[  685.018723][   T60] usb 42-1: SetAddress Request (67) to port 0
[  685.021007][   T60] usb 42-1: new SuperSpeed USB device number 67 using vhci_hcd
[  685.316430][T19478] vhci_hcd: connection reset by peer
[  685.318597][   T12] vhci_hcd vhci_hcd.2: stop threads
[  685.320859][   T12] vhci_hcd vhci_hcd.2: release socket
[  685.323259][   T12] vhci_hcd vhci_hcd.2: disconnect device
[  685.660326][T19493] loop6: detected capacity change from 0 to 7
[  685.666401][    C3] blk_print_req_error: 6 callbacks suppressed
[  685.666437][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.672991][    C3] buffer_io_error: 6 callbacks suppressed
[  685.673008][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.683561][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.687617][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.691154][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.695116][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.699975][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.703832][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.708238][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.711533][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.719807][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.723529][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.726720][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.729878][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.733312][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.737405][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.740751][T19493] ldm_validate_partition_table(): Disk read failed.
[  685.744665][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.747844][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.753342][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  685.757075][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  685.762298][T19493] Dev loop6: unable to read RDB block 0
[  685.766546][T19493]  loop6: unable to read partition table
[  685.769473][T19493] loop6: partition table beyond EOD, truncated
[  685.771765][T19493] loop_reread_partitions: partition scan of loop6 (���������S�j̖�P=ý?�}X���	���%��`��ր����5) failed (rc=-5)
[  685.776657][T19496] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  685.779380][T19496] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  685.785758][T19496] vhci_hcd vhci_hcd.0: Device attached
[  685.835134][T19496] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  686.866491][   T24] usb 46-1: device descriptor read/8, error -110
[  686.870582][ T1140] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  687.003302][T19497] vhci_hcd: connection closed
[  687.003494][ T1140] vhci_hcd vhci_hcd.3: stop threads
[  687.007120][ T1140] vhci_hcd vhci_hcd.3: release socket
[  687.009351][ T1140] vhci_hcd vhci_hcd.3: disconnect device
[  687.258564][   T24] usb usb46-port1: attempt power cycle
[  687.537598][T17197] usb 44-1: device descriptor read/8, error -110
[  687.698966][T19516] openvswitch: netlink: IP tunnel dst address not specified
[  687.708592][T19516] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3532'.
[  687.830136][   T24] usb usb46-port1: unable to enumerate USB device
[  687.879534][T19524] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  687.881659][T19524] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  687.886422][T19524] vhci_hcd vhci_hcd.0: Device attached
[  687.922403][T19524] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  687.948296][T17197] usb usb44-port1: attempt power cycle
[  688.015111][T19530] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  688.042498][T19527] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  688.044585][T19527] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  688.047640][T19527] vhci_hcd vhci_hcd.0: Device attached
[  688.167471][ T1140] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  688.317090][   T24] usb 46-1: SetAddress Request (59) to port 0
[  688.319163][   T24] usb 46-1: new SuperSpeed USB device number 59 using vhci_hcd
[  688.507854][T17197] usb usb44-port1: unable to enumerate USB device
[  688.630416][T19528] vhci_hcd: connection reset by peer
[  688.632779][ T1140] vhci_hcd vhci_hcd.4: stop threads
[  688.634867][ T1140] vhci_hcd vhci_hcd.4: release socket
[  688.657873][ T1140] vhci_hcd vhci_hcd.4: disconnect device
[  688.816700][T19525] vhci_hcd: connection closed
[  688.816955][T16924] vhci_hcd vhci_hcd.2: stop threads
[  688.820025][T16924] vhci_hcd vhci_hcd.2: release socket
[  688.822064][T16924] vhci_hcd vhci_hcd.2: disconnect device
[  689.521131][T16924] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  689.524202][T16924] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  690.089568][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  690.093711][   T60] usb 42-1: device descriptor read/8, error -110
[  690.486445][   T60] usb usb42-port1: attempt power cycle
[  691.057689][   T60] usb usb42-port1: unable to enumerate USB device
[  691.081622][T19566] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  691.084399][T19566] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  691.091979][T19566] vhci_hcd vhci_hcd.0: Device attached
[  691.109640][T19566] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  691.889955][T19581] netlink: 'syz.1.3540': attribute type 10 has an invalid length.
[  691.894252][T19581] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  691.909710][T19581] 8021q: adding VLAN 0 to HW filter on device bond1
[  691.921747][T19574] vhci_hcd: connection closed
[  691.922076][   T62] vhci_hcd vhci_hcd.4: stop threads
[  691.930418][   T62] vhci_hcd vhci_hcd.4: release socket
[  691.935733][   T62] vhci_hcd vhci_hcd.4: disconnect device
[  692.138573][T19599] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  692.140773][T19599] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  692.144733][T19599] vhci_hcd vhci_hcd.0: Device attached
[  692.148198][T19603] vhci_hcd: connection closed
[  692.148342][   T82] vhci_hcd vhci_hcd.2: stop threads
[  692.151889][   T82] vhci_hcd vhci_hcd.2: release socket
[  692.153628][   T82] vhci_hcd vhci_hcd.2: disconnect device
[  692.195863][T19605] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  692.198412][T19605] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  692.201163][T19605] vhci_hcd vhci_hcd.0: Device attached
[  692.209623][T19605] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  692.475110][ T6022] usb 40-1: SetAddress Request (74) to port 0
[  692.477852][ T6022] usb 40-1: new SuperSpeed USB device number 74 using vhci_hcd
[  692.655319][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  692.955581][T19606] vhci_hcd: connection reset by peer
[  692.975839][T19615] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  692.977947][T19615] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  692.981237][T19615] vhci_hcd vhci_hcd.0: Device attached
[  693.025247][   T12] vhci_hcd vhci_hcd.1: stop threads
[  693.027339][   T12] vhci_hcd vhci_hcd.1: release socket
[  693.031360][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  693.072497][T19615] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  693.254661][   T34] usb 44-1: SetAddress Request (84) to port 0
[  693.256699][   T34] usb 44-1: new SuperSpeed USB device number 84 using vhci_hcd
[  693.284810][   T62] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  693.364639][   T24] usb 46-1: device descriptor read/8, error -110
[  693.615777][T19616] vhci_hcd: connection reset by peer
[  693.618336][   T62] vhci_hcd vhci_hcd.3: stop threads
[  693.620524][   T62] vhci_hcd vhci_hcd.3: release socket
[  693.622836][   T62] vhci_hcd vhci_hcd.3: disconnect device
[  693.733562][T19626] netlink: 'syz.4.3557': attribute type 13 has an invalid length.
[  693.761698][   T24] usb usb46-port1: attempt power cycle
[  694.005988][T19630] veth1_to_bond: entered allmulticast mode
[  694.008149][T19630] veth1_to_bond: entered promiscuous mode
[  694.011130][T19630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3550'.
[  694.061283][T19630] bond0: (slave bond_slave_1): Releasing backup interface
[  694.079830][T19630] veth1_to_bond (unregistering): left allmulticast mode
[  694.082318][T19630] veth1_to_bond (unregistering): left promiscuous mode
[  694.314582][   T24] usb usb46-port1: unable to enumerate USB device
[  694.499458][T19633] binder: BINDER_SET_CONTEXT_MGR already set
[  694.502128][T19633] binder: 19631:19633 ioctl 4018620d 80000100 returned -16
[  694.547328][T19636] F2FS-fs (nbd2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  694.550771][T19636] F2FS-fs (nbd2): Can't find valid F2FS filesystem in 1th superblock
[  694.555709][T19636] F2FS-fs (nbd2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  694.558251][T19636] F2FS-fs (nbd2): Can't find valid F2FS filesystem in 2th superblock
[  695.062349][T19644] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  695.304025][   T40] audit: type=1326 audit(1770378597.872:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19632 comm="syz.3.3551" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f63579 code=0x0
[  695.702944][T19668] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  695.705480][T19668] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  695.709732][T19668] vhci_hcd vhci_hcd.0: Device attached
[  696.111018][T19663] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  696.265650][T19677] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3572'.
[  696.269374][T19677] unsupported nlmsg_type 40
[  696.690327][T19669] vhci_hcd: connection closed
[  696.690748][ T1201] vhci_hcd vhci_hcd.1: stop threads
[  696.702831][ T1201] vhci_hcd vhci_hcd.1: release socket
[  696.705179][ T1201] vhci_hcd vhci_hcd.1: disconnect device
[  697.532687][ T6022] usb 40-1: device descriptor read/8, error -110
[  698.004619][ T6022] usb usb40-port1: attempt power cycle
[  698.333610][   T34] usb 44-1: device descriptor read/8, error -110
[  698.446279][   T82] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  698.733348][   T34] usb usb44-port1: attempt power cycle
[  698.742338][T19724] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  698.861774][T19721] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  698.864580][T19721] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  698.868176][T19721] vhci_hcd vhci_hcd.0: Device attached
[  698.951945][ T6022] usb usb40-port1: unable to enumerate USB device
[  698.955763][T19726] netlink: 'syz.2.3579': attribute type 13 has an invalid length.
[  699.041789][   T82] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  699.213192][T19722] vhci_hcd: connection closed
[  699.213418][   T82] vhci_hcd vhci_hcd.1: stop threads
[  699.216285][   T82] vhci_hcd vhci_hcd.1: release socket
[  699.218195][   T82] vhci_hcd vhci_hcd.1: disconnect device
[  699.293118][ T6022] usb 40-1: enqueue for inactive port 0
[  699.300371][   T34] usb usb44-port1: unable to enumerate USB device
[  699.373966][T19741] fuse: Unknown parameter 'roode'
[  699.431107][T19742] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3584'.
[  699.806093][ T6022] usb usb40-port1: attempt power cycle
[  700.176828][ T6023] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  700.492885][ T6022] usb usb40-port1: unable to enumerate USB device
[  701.250454][ T6023] usb 6-1: Using ep0 maxpacket: 8
[  701.256489][ T6023] usb 6-1: config 0 has no interfaces?
[  701.259918][ T6023] usb 6-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  701.262795][ T6023] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.265321][ T6023] usb 6-1: Product: syz
[  701.266646][ T6023] usb 6-1: Manufacturer: syz
[  701.268156][ T6023] usb 6-1: SerialNumber: syz
[  701.273925][ T6023] usb 6-1: config 0 descriptor??
[  701.478482][ T6023] usb 6-1: USB disconnect, device number 27
[  701.980681][T19781] FAULT_INJECTION: forcing a failure.
[  701.980681][T19781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  701.985112][T19781] CPU: 1 UID: 0 PID: 19781 Comm: syz.4.3595 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  701.985142][T19781] Tainted: [L]=SOFTLOCKUP
[  701.985147][T19781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  701.985153][T19781] Call Trace:
[  701.985158][T19781]  <TASK>
[  701.985164][T19781]  dump_stack_lvl+0x100/0x190
[  701.985181][T19781]  should_fail_ex.cold+0x5/0xa
[  701.985199][T19781]  _copy_to_user+0x32/0xd0
[  701.985218][T19781]  simple_read_from_buffer+0xcb/0x170
[  701.985232][T19781]  proc_fail_nth_read+0x1af/0x230
[  701.985246][T19781]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  701.985260][T19781]  ? rw_verify_area+0xce/0x6d0
[  701.985271][T19781]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  701.985284][T19781]  vfs_read+0x1e4/0xb30
[  701.985299][T19781]  ? __pfx_vfs_read+0x10/0x10
[  701.985310][T19781]  ? find_held_lock+0x2b/0x80
[  701.985321][T19781]  ? __fget_files+0x215/0x3d0
[  701.985336][T19781]  ? __fget_files+0x21f/0x3d0
[  701.985352][T19781]  ksys_read+0x12a/0x250
[  701.985364][T19781]  ? __pfx_ksys_read+0x10/0x10
[  701.985380][T19781]  do_int80_emulation+0x101/0x470
[  701.985398][T19781]  asm_int80_emulation+0x1a/0x20
[  701.985409][T19781] RIP: 0023:0xf713572b
[  701.985419][T19781] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  701.985430][T19781] RSP: 002b:00000000f53b44bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  701.985441][T19781] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f53b45d0
[  701.985448][T19781] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  701.985454][T19781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  701.985460][T19781] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  701.985467][T19781] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  701.985481][T19781]  </TASK>
[  702.131881][T19784] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  702.134687][T19784] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  702.138265][T19784] vhci_hcd vhci_hcd.0: Device attached
[  702.146099][T19784] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  702.529826][ T6023] usb 42-1: SetAddress Request (71) to port 0
[  702.531818][ T6023] usb 42-1: new SuperSpeed USB device number 71 using vhci_hcd
[  702.572943][T19785] vhci_hcd: connection reset by peer
[  702.575408][ T1163] vhci_hcd vhci_hcd.2: stop threads
[  702.580237][ T1163] vhci_hcd vhci_hcd.2: release socket
[  702.587993][ T1163] vhci_hcd vhci_hcd.2: disconnect device
[  702.678797][T19795] netlink: 'syz.4.3600': attribute type 1 has an invalid length.
[  703.145764][T19802] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3601'.
[  703.261515][T19810] syzkaller0: entered promiscuous mode
[  703.263343][T19810] syzkaller0: entered allmulticast mode
[  704.160163][   T62] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  704.523257][T19836] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  704.525787][T19836] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  704.528955][T19836] vhci_hcd vhci_hcd.0: Device attached
[  704.571309][T19836] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  704.707354][T19837] vhci_hcd: connection closed
[  704.707538][   T62] vhci_hcd vhci_hcd.2: stop threads
[  704.726424][   T62] vhci_hcd vhci_hcd.2: release socket
[  704.728642][   T62] vhci_hcd vhci_hcd.2: disconnect device
[  704.804829][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  705.648025][T19845] dlm: Unknown command passed to DLM device : 3
[  705.648025][T19845] 
[  705.911712][T19858] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3615'.
[  706.001928][T19858] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  706.102642][T19867] FAULT_INJECTION: forcing a failure.
[  706.102642][T19867] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  706.106985][T19867] CPU: 0 UID: 0 PID: 19867 Comm: syz.3.3617 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  706.107004][T19867] Tainted: [L]=SOFTLOCKUP
[  706.107013][T19867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  706.107020][T19867] Call Trace:
[  706.107024][T19867]  <TASK>
[  706.107029][T19867]  dump_stack_lvl+0x100/0x190
[  706.107046][T19867]  should_fail_ex.cold+0x5/0xa
[  706.107065][T19867]  _copy_from_iter+0x1f4/0x1690
[  706.107084][T19867]  ? __alloc_skb+0x220/0x410
[  706.107099][T19867]  ? __alloc_skb+0x35d/0x410
[  706.107114][T19867]  ? __pfx__copy_from_iter+0x10/0x10
[  706.107130][T19867]  ? netlink_autobind.isra.0+0xc0/0x370
[  706.107154][T19867]  netlink_sendmsg+0x808/0xda0
[  706.107174][T19867]  ? __pfx_netlink_sendmsg+0x10/0x10
[  706.107193][T19867]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  706.107210][T19867]  ____sys_sendmsg+0xa54/0xc30
[  706.107224][T19867]  ? __pfx_____sys_sendmsg+0x10/0x10
[  706.107256][T19867]  ___sys_sendmsg+0x190/0x1e0
[  706.107277][T19867]  ? __pfx____sys_sendmsg+0x10/0x10
[  706.107326][T19867]  __sys_sendmsg+0x170/0x220
[  706.107353][T19867]  ? __pfx___sys_sendmsg+0x10/0x10
[  706.107386][T19867]  ? __pfx_ksys_write+0x10/0x10
[  706.107411][T19867]  __do_fast_syscall_32+0xde/0x660
[  706.107436][T19867]  do_fast_syscall_32+0x32/0x70
[  706.107457][T19867]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  706.107479][T19867] RIP: 0023:0xf7f63579
[  706.107493][T19867] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  706.107509][T19867] RSP: 002b:00000000f542650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  706.107526][T19867] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  706.107537][T19867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  706.107547][T19867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  706.107556][T19867] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  706.107567][T19867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  706.107586][T19867]  </TASK>
[  706.782541][T19880] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  706.947625][   T40] audit: type=1326 audit(1770378609.508:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19875 comm="syz.2.3619" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743d579 code=0x0
[  707.612912][ T6023] usb 42-1: device descriptor read/8, error -110
[  708.038179][ T6023] usb usb42-port1: attempt power cycle
[  708.173019][T19900] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  708.175012][T19897] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  708.175779][T19900] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  708.177972][T19897] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  708.184553][T19897] vhci_hcd vhci_hcd.0: Device attached
[  708.194775][T19900] vhci_hcd vhci_hcd.0: Device attached
[  708.202107][T19900] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  708.308348][T19899] vhci_hcd: connection closed
[  708.313439][   T12] vhci_hcd vhci_hcd.4: stop threads
[  708.323287][   T12] vhci_hcd vhci_hcd.4: release socket
[  708.333471][   T12] vhci_hcd vhci_hcd.4: disconnect device
[  708.466911][   T10] usb 40-1: SetAddress Request (82) to port 0
[  708.469585][   T10] usb 40-1: new SuperSpeed USB device number 82 using vhci_hcd
[  708.566781][T19902] vhci_hcd: connection reset by peer
[  708.568838][   T12] vhci_hcd vhci_hcd.1: stop threads
[  708.570504][   T12] vhci_hcd vhci_hcd.1: release socket
[  708.572381][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  708.617446][ T6023] usb usb42-port1: unable to enumerate USB device
[  709.123098][T19910] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  709.127485][ T5297] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  709.837594][   T40] audit: type=1326 audit(1770378612.419:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19930 comm="syz.2.3630" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743d579 code=0x0
[  709.916830][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  710.022560][T19936] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  710.559829][ T1148] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  712.081436][T19976] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3640'.
[  712.085424][T19976] FAULT_INJECTION: forcing a failure.
[  712.085424][T19976] name failslab, interval 1, probability 0, space 0, times 0
[  712.094540][T19976] CPU: 3 UID: 0 PID: 19976 Comm: syz.4.3640 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  712.094569][T19976] Tainted: [L]=SOFTLOCKUP
[  712.094575][T19976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  712.094586][T19976] Call Trace:
[  712.094593][T19976]  <TASK>
[  712.094601][T19976]  dump_stack_lvl+0x100/0x190
[  712.094626][T19976]  should_fail_ex.cold+0x5/0xa
[  712.094655][T19976]  should_failslab+0xc2/0x120
[  712.094680][T19976]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  712.094704][T19976]  ? __alloc_skb+0x156/0x410
[  712.094747][T19976]  ? __alloc_skb+0x156/0x410
[  712.094769][T19976]  __alloc_skb+0x156/0x410
[  712.094790][T19976]  ? __alloc_skb+0x35d/0x410
[  712.094813][T19976]  ? __pfx___alloc_skb+0x10/0x10
[  712.094837][T19976]  ? genl_rcv_msg+0x4be/0x800
[  712.094863][T19976]  netlink_ack+0x117/0xb80
[  712.094899][T19976]  netlink_rcv_skb+0x333/0x420
[  712.094925][T19976]  ? __pfx_genl_rcv_msg+0x10/0x10
[  712.094945][T19976]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  712.094996][T19976]  ? netlink_deliver_tap+0x1ae/0xcc0
[  712.095042][T19976]  genl_rcv+0x28/0x40
[  712.095060][T19976]  netlink_unicast+0x5aa/0x870
[  712.095087][T19976]  ? __pfx_netlink_unicast+0x10/0x10
[  712.095119][T19976]  netlink_sendmsg+0x8b0/0xda0
[  712.095147][T19976]  ? __pfx_netlink_sendmsg+0x10/0x10
[  712.095176][T19976]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  712.095210][T19976]  ____sys_sendmsg+0xa54/0xc30
[  712.095232][T19976]  ? __pfx_____sys_sendmsg+0x10/0x10
[  712.095264][T19976]  ___sys_sendmsg+0x190/0x1e0
[  712.095287][T19976]  ? __pfx____sys_sendmsg+0x10/0x10
[  712.095340][T19976]  __sys_sendmsg+0x170/0x220
[  712.095366][T19976]  ? __pfx___sys_sendmsg+0x10/0x10
[  712.095401][T19976]  ? __pfx_ksys_write+0x10/0x10
[  712.095427][T19976]  __do_fast_syscall_32+0xde/0x660
[  712.095452][T19976]  do_fast_syscall_32+0x32/0x70
[  712.095474][T19976]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  712.095496][T19976] RIP: 0023:0xf7f35579
[  712.095511][T19976] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  712.095527][T19976] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  712.095545][T19976] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[  712.095556][T19976] RDX: 0000000020000800 RSI: 0000000000000000 RDI: 0000000000000000
[  712.095567][T19976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  712.095577][T19976] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  712.095588][T19976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  712.095612][T19976]  </TASK>
[  712.202883][T19977] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  712.205455][T19977] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  712.210665][T19977] vhci_hcd vhci_hcd.0: Device attached
[  712.397390][T19991] syzkaller0: entered promiscuous mode
[  712.399159][T19991] syzkaller0: entered allmulticast mode
[  712.404659][T19978] vhci_hcd: connection closed
[  712.405225][   T62] vhci_hcd vhci_hcd.3: stop threads
[  712.417515][   T62] vhci_hcd vhci_hcd.3: release socket
[  712.420112][   T62] vhci_hcd vhci_hcd.3: disconnect device
[  713.093584][   T62] Bluetooth: hci0: Frame reassembly failed (-84)
[  713.097383][   T62] Bluetooth: hci0: Frame reassembly failed (-84)
[  713.099569][T19999] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  713.308279][T20004] netlink: 1276 bytes leftover after parsing attributes in process `syz.2.3646'.
[  713.311278][T20004] FAULT_INJECTION: forcing a failure.
[  713.311278][T20004] name failslab, interval 1, probability 0, space 0, times 0
[  713.315626][T20004] CPU: 3 UID: 0 PID: 20004 Comm: syz.2.3646 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  713.315644][T20004] Tainted: [L]=SOFTLOCKUP
[  713.315648][T20004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  713.315655][T20004] Call Trace:
[  713.315659][T20004]  <TASK>
[  713.315664][T20004]  dump_stack_lvl+0x100/0x190
[  713.315681][T20004]  should_fail_ex.cold+0x5/0xa
[  713.315698][T20004]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  713.315711][T20004]  should_failslab+0xc2/0x120
[  713.315727][T20004]  kmem_cache_alloc_noprof+0x83/0x780
[  713.315742][T20004]  ? skb_clone+0x190/0x400
[  713.315775][T20004]  ? skb_clone+0x190/0x400
[  713.315791][T20004]  skb_clone+0x190/0x400
[  713.315808][T20004]  netlink_deliver_tap+0xaed/0xcc0
[  713.315829][T20004]  netlink_unicast+0x70c/0x870
[  713.315848][T20004]  ? __pfx_netlink_unicast+0x10/0x10
[  713.315870][T20004]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  713.315889][T20004]  ? __pfx_inet_fill_ifaddr+0x10/0x10
[  713.315909][T20004]  nlmsg_notify+0x1ee/0x290
[  713.315920][T20004]  rtmsg_ifa+0x1bd/0x270
[  713.315937][T20004]  ? __pfx_rtmsg_ifa+0x10/0x10
[  713.315959][T20004]  __inet_del_ifa+0x3cb/0xf40
[  713.315981][T20004]  inet_rtm_deladdr+0x451/0x7c0
[  713.316001][T20004]  ? __pfx_inet_rtm_deladdr+0x10/0x10
[  713.316023][T20004]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  713.316040][T20004]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  713.316058][T20004]  ? __pfx_inet_rtm_deladdr+0x10/0x10
[  713.316076][T20004]  rtnetlink_rcv_msg+0x95e/0xe90
[  713.316095][T20004]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  713.316116][T20004]  ? ref_tracker_free+0x37e/0x6c0
[  713.316128][T20004]  netlink_rcv_skb+0x159/0x420
[  713.316146][T20004]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  713.316164][T20004]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  713.316187][T20004]  ? netlink_deliver_tap+0x1ae/0xcc0
[  713.316207][T20004]  netlink_unicast+0x5aa/0x870
[  713.316226][T20004]  ? __pfx_netlink_unicast+0x10/0x10
[  713.316243][T20004]  ? __asan_memset+0x23/0x50
[  713.316255][T20004]  ? __build_skb_around+0x278/0x390
[  713.316270][T20004]  ? is_vmalloc_addr+0x86/0xa0
[  713.316284][T20004]  netlink_sendmsg+0x8b0/0xda0
[  713.316304][T20004]  ? __pfx_netlink_sendmsg+0x10/0x10
[  713.316324][T20004]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  713.316341][T20004]  sock_sendmsg+0x3a1/0x430
[  713.316355][T20004]  ? __pfx_sock_sendmsg+0x10/0x10
[  713.316366][T20004]  ? bpf_ksym_find+0x124/0x1c0
[  713.316385][T20004]  ? __lock_acquire+0x4a5/0x2630
[  713.316403][T20004]  splice_to_socket+0xb4c/0x11b0
[  713.316424][T20004]  ? __pfx_splice_to_socket+0x10/0x10
[  713.316437][T20004]  ? aa_file_perm+0x277/0x1540
[  713.316452][T20004]  ? __pfx_aa_file_perm+0x10/0x10
[  713.316463][T20004]  ? __lock_acquire+0x4a5/0x2630
[  713.316489][T20004]  ? bpf_lsm_file_permission+0x9/0x10
[  713.316505][T20004]  ? security_file_permission+0x76/0x210
[  713.316524][T20004]  ? rw_verify_area+0xce/0x6d0
[  713.316534][T20004]  ? __pfx_splice_to_socket+0x10/0x10
[  713.316549][T20004]  do_splice+0x109c/0x1fd0
[  713.316562][T20004]  ? __lock_acquire+0x4a5/0x2630
[  713.316577][T20004]  ? ksys_write+0x190/0x250
[  713.316593][T20004]  ? __pfx_do_splice+0x10/0x10
[  713.316605][T20004]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  713.316618][T20004]  ? find_held_lock+0x2b/0x80
[  713.316631][T20004]  __do_splice+0x33b/0x370
[  713.316645][T20004]  ? __pfx___do_splice+0x10/0x10
[  713.316662][T20004]  __ia32_sys_splice+0x189/0x250
[  713.316678][T20004]  __do_fast_syscall_32+0xde/0x660
[  713.316694][T20004]  do_fast_syscall_32+0x32/0x70
[  713.316709][T20004]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  713.316723][T20004] RIP: 0023:0xf743d579
[  713.316733][T20004] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  713.316744][T20004] RSP: 002b:00000000f544550c EFLAGS: 00000292 ORIG_RAX: 0000000000000139
[  713.316755][T20004] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  713.316762][T20004] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 000000000000622c
[  713.316769][T20004] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  713.316775][T20004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  713.316782][T20004] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  713.316796][T20004]  </TASK>
[  713.524370][   T10] usb 40-1: device descriptor read/8, error -110
[  713.587593][T20006] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  713.603072][   T40] audit: type=1326 audit(1770378616.171:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20002 comm="syz.1.3647" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0
[  713.934582][   T10] usb usb40-port1: attempt power cycle
[  714.443428][T20022] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  714.446063][T20022] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  714.479088][T20022] vhci_hcd vhci_hcd.0: Device attached
[  714.530793][T20023] vhci_hcd: connection closed
[  714.531086][T16924] vhci_hcd vhci_hcd.1: stop threads
[  714.538783][T16924] vhci_hcd vhci_hcd.1: release socket
[  714.541208][T16924] vhci_hcd vhci_hcd.1: disconnect device
[  714.564211][   T10] usb 40-1: enqueue for inactive port 0
[  715.013377][T20027] FAULT_INJECTION: forcing a failure.
[  715.013377][T20027] name failslab, interval 1, probability 0, space 0, times 0
[  715.018972][T20027] CPU: 3 UID: 0 PID: 20027 Comm: syz.4.3652 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  715.019000][T20027] Tainted: [L]=SOFTLOCKUP
[  715.019007][T20027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  715.019017][T20027] Call Trace:
[  715.019023][T20027]  <TASK>
[  715.019031][T20027]  dump_stack_lvl+0x100/0x190
[  715.019058][T20027]  should_fail_ex.cold+0x5/0xa
[  715.019087][T20027]  should_failslab+0xc2/0x120
[  715.019111][T20027]  __kmalloc_cache_noprof+0x80/0x810
[  715.019128][T20027]  ? lockdep_init_map_type+0x5c/0x250
[  715.019151][T20027]  ? fscontext_alloc_log+0x4a/0x1b0
[  715.019182][T20027]  ? fscontext_alloc_log+0x4a/0x1b0
[  715.019207][T20027]  fscontext_alloc_log+0x4a/0x1b0
[  715.019233][T20027]  __ia32_sys_fsopen+0x15b/0x230
[  715.019259][T20027]  __do_fast_syscall_32+0xde/0x660
[  715.019285][T20027]  do_fast_syscall_32+0x32/0x70
[  715.019307][T20027]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  715.019329][T20027] RIP: 0023:0xf7f35579
[  715.019344][T20027] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  715.019361][T20027] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 00000000000001ae
[  715.019395][T20027] RAX: ffffffffffffffda RBX: 0000000080003040 RCX: 0000000000000001
[  715.019407][T20027] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  715.019417][T20027] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  715.019427][T20027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  715.019438][T20027] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  715.019462][T20027]  </TASK>
[  715.113816][ T5944] Bluetooth: hci0: command 0x1003 tx timeout
[  715.119409][ T5297] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  715.620732][T20046] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  715.634188][   T40] audit: type=1326 audit(1770378618.212:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20043 comm="syz.1.3659" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0
[  715.675230][   T62] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  716.047921][   T40] audit: type=1326 audit(1770378618.622:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20050 comm="syz.4.3660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  716.057578][   T40] audit: type=1326 audit(1770378618.622:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20050 comm="syz.4.3660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  716.064843][   T40] audit: type=1326 audit(1770378618.632:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20050 comm="syz.4.3660" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  716.071875][   T40] audit: type=1326 audit(1770378618.632:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20050 comm="syz.4.3660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  716.078953][   T40] audit: type=1326 audit(1770378618.632:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20050 comm="syz.4.3660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  716.086054][   T40] audit: type=1326 audit(1770378618.642:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20050 comm="syz.4.3660" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  716.094374][   T40] audit: type=1326 audit(1770378618.642:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20050 comm="syz.4.3660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  716.101247][   T40] audit: type=1326 audit(1770378618.642:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20050 comm="syz.4.3660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  716.313368][T16924] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  716.337732][T20051] netfs: Couldn't get user pages (rc=-14)
[  716.882754][   T34] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  717.035247][   T34] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  717.039043][   T34] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  717.042256][   T34] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  717.049315][   T34] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  717.059235][   T34] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  717.074330][   T34] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  717.077324][   T34] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  717.079790][   T34] usb 9-1: Product: syz
[  717.081177][   T34] usb 9-1: Manufacturer: syz
[  717.097439][   T34] cdc_wdm 9-1:1.0: skipping garbage
[  717.099136][   T34] cdc_wdm 9-1:1.0: skipping garbage
[  717.102076][   T34] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  717.104310][   T34] cdc_wdm 9-1:1.0: Unknown control protocol
[  717.379542][    C3] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  717.379695][ T6022] usb 9-1: USB disconnect, device number 12
[  717.382395][    C3] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  717.382414][    C3] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  717.383670][T20071] cdc_wdm 9-1:1.0: Tx URB error: -19
[  718.372473][T20094] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  718.424583][T20099] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  719.048432][T20109] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  719.051313][T20109] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  719.055108][T20109] vhci_hcd vhci_hcd.0: Device attached
[  719.069655][T20109] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  719.263333][T20110] vhci_hcd: connection closed
[  719.265023][   T62] vhci_hcd vhci_hcd.2: stop threads
[  719.267952][   T62] vhci_hcd vhci_hcd.2: release socket
[  719.269775][   T62] vhci_hcd vhci_hcd.2: disconnect device
[  719.620568][T20122] FAULT_INJECTION: forcing a failure.
[  719.620568][T20122] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  719.626282][T20122] CPU: 0 UID: 0 PID: 20122 Comm: syz.1.3676 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  719.626300][T20122] Tainted: [L]=SOFTLOCKUP
[  719.626304][T20122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  719.626311][T20122] Call Trace:
[  719.626315][T20122]  <TASK>
[  719.626320][T20122]  dump_stack_lvl+0x100/0x190
[  719.626337][T20122]  should_fail_ex.cold+0x5/0xa
[  719.626356][T20122]  _copy_from_user+0x2e/0xd0
[  719.626374][T20122]  video_usercopy+0x9e2/0x1400
[  719.626388][T20122]  ? __pfx___video_do_ioctl+0x10/0x10
[  719.626403][T20122]  ? __pfx_video_usercopy+0x10/0x10
[  719.626420][T20122]  ? hook_file_ioctl_common+0x146/0x410
[  719.626441][T20122]  v4l2_ioctl+0x1bd/0x250
[  719.626456][T20122]  v4l2_compat_ioctl32+0x20f/0x2d0
[  719.626467][T20122]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  719.626479][T20122]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  719.626500][T20122]  __do_fast_syscall_32+0xde/0x660
[  719.626517][T20122]  do_fast_syscall_32+0x32/0x70
[  719.626531][T20122]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  719.626544][T20122] RIP: 0023:0xf7fe7579
[  719.626554][T20122] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  719.626565][T20122] RSP: 002b:00000000f54a650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  719.626576][T20122] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040045612
[  719.626583][T20122] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  719.626589][T20122] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  719.626595][T20122] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  719.626602][T20122] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  719.626615][T20122]  </TASK>
[  720.756812][T20153] netlink: 'syz.3.3688': attribute type 1 has an invalid length.
[  720.760322][T20153] netlink: 'syz.3.3688': attribute type 2 has an invalid length.
[  720.763816][T20153] netlink: 'syz.3.3688': attribute type 1 has an invalid length.
[  720.767784][T20153] netlink: 'syz.3.3688': attribute type 3 has an invalid length.
[  720.773446][T20153] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3688'.
[  720.795927][T20154] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  720.864376][   T40] kauditd_printk_skb: 70 callbacks suppressed
[  720.864394][   T40] audit: type=1326 audit(1770378623.445:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20142 comm="syz.2.3683" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743d579 code=0x0
[  721.074847][T20151] lo: Caught tx_queue_len zero misconfig
[  721.517765][T16924] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  721.545700][   T82] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  723.142299][T20191] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  723.144404][T20191] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  723.147155][T20191] vhci_hcd vhci_hcd.0: Device attached
[  723.167132][T20192] vhci_hcd: connection closed
[  723.167439][T16924] vhci_hcd vhci_hcd.4: stop threads
[  723.174139][T16924] vhci_hcd vhci_hcd.4: release socket
[  723.176366][T16924] vhci_hcd vhci_hcd.4: disconnect device
[  723.787764][T20202] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3699'.
[  723.976538][T20205] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3698'.
[  724.017056][T20205] 8021q: adding VLAN 0 to HW filter on device bond0
[  724.025363][T20205] 8021q: adding VLAN 0 to HW filter on device team0
[  724.042267][T20205] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  724.052812][T20207] IPVS: length: 218 != 24
[  724.057309][T20207] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  724.073213][T20207] syz_tun: entered allmulticast mode
[  724.077696][T20207] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3700'.
[  724.091558][T20206] syz_tun: left allmulticast mode
[  724.312215][T20211] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  724.376127][   T40] audit: type=1326 audit(1770378626.957:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20209 comm="syz.2.3701" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743d579 code=0x0
[  725.643272][T20244] netlink: 180 bytes leftover after parsing attributes in process `syz.1.3710'.
[  725.646890][T20244] openvswitch: netlink: Flow key attr not present in new flow.
[  726.241484][T20261] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  726.324442][   T40] audit: type=1326 audit(1770378628.908:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20256 comm="syz.3.3714" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f63579 code=0x0
[  726.977249][T20287] openvswitch: netlink: IP tunnel dst address not specified
[  727.187777][   T62] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  729.474666][T20332] fuse: Bad value for 'group_id'
[  729.476966][T20332] fuse: Bad value for 'group_id'
[  729.816266][T20338] binder: 20337:20338 ioctl c0046209 0 returned -22
[  729.868405][T20336] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  729.900334][T20341] ip6tnl0: Caught tx_queue_len zero misconfig
[  729.976234][   T40] audit: type=1326 audit(1770378632.549:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20333 comm="syz.1.3730" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0
[  730.679036][T20359] autofs4:pid:20359:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  731.027448][   T82] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  732.115867][T20379] netlink: 332 bytes leftover after parsing attributes in process `syz.3.3744'.
[  732.453737][T20386] FAULT_INJECTION: forcing a failure.
[  732.453737][T20386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  732.458142][T20386] CPU: 3 UID: 0 PID: 20386 Comm: syz.1.3745 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  732.458160][T20386] Tainted: [L]=SOFTLOCKUP
[  732.458164][T20386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  732.458171][T20386] Call Trace:
[  732.458175][T20386]  <TASK>
[  732.458180][T20386]  dump_stack_lvl+0x100/0x190
[  732.458197][T20386]  should_fail_ex.cold+0x5/0xa
[  732.458216][T20386]  strncpy_from_user+0x3b/0x2d0
[  732.458234][T20386]  getname_flags.part.0+0x8f/0x540
[  732.458253][T20386]  __ia32_sys_rename+0xe3/0x210
[  732.458270][T20386]  __do_fast_syscall_32+0xde/0x660
[  732.458287][T20386]  do_fast_syscall_32+0x32/0x70
[  732.458301][T20386]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  732.458315][T20386] RIP: 0023:0xf7fe7579
[  732.458325][T20386] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  732.458336][T20386] RSP: 002b:00000000f546450c EFLAGS: 00000292 ORIG_RAX: 0000000000000026
[  732.458347][T20386] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 00000000800000c0
[  732.458354][T20386] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  732.458360][T20386] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  732.458367][T20386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  732.458373][T20386] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  732.458387][T20386]  </TASK>
[  732.956799][   T62] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  733.444468][T20399] fuse: Bad value for 'group_id'
[  733.447053][T20399] fuse: Bad value for 'group_id'
[  734.806307][T20412] fuse: Unknown parameter 'gd�~A
[  734.806307][T20412] ��F�'
[  734.963635][T15597] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  735.194316][T15597] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  735.567727][T15597] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  735.574956][T15597] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  735.584717][T15597] usb 8-1: config 0 interface 0 has no altsetting 0
[  735.596094][T15597] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  735.635916][T15597] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  735.743505][T15597] usb 8-1: config 0 interface 0 has no altsetting 0
[  735.909620][T15597] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  735.914533][T15597] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  735.938796][T15597] usb 8-1: config 0 interface 0 has no altsetting 0
[  735.957390][T15597] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  735.960646][T15597] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  735.966098][T15597] usb 8-1: config 0 interface 0 has no altsetting 0
[  735.971419][T15597] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  735.974440][T15597] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  735.977942][T15597] usb 8-1: config 0 interface 0 has no altsetting 0
[  735.996795][T15597] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  735.999673][T15597] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  736.022660][T15597] usb 8-1: config 0 interface 0 has no altsetting 0
[  736.034710][T15597] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  736.037839][T15597] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  736.041307][T15597] usb 8-1: config 0 interface 0 has no altsetting 0
[  736.073833][T15597] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  736.077106][T15597] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  736.080711][T15597] usb 8-1: config 0 interface 0 has no altsetting 0
[  736.095206][T15597] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  736.098576][T15597] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  736.101768][T15597] usb 8-1: Product: syz
[  736.113099][T15597] usb 8-1: Manufacturer: syz
[  736.114888][T15597] usb 8-1: SerialNumber: syz
[  736.129062][T15597] usb 8-1: config 0 descriptor??
[  736.145436][T15597] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[  736.150115][T20458] autofs4:pid:20458:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  736.783242][   T82] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  737.714251][    C1] usb 8-1: yurex_control_callback - control failed: -2
[  737.762503][   T34] usb 8-1: USB disconnect, device number 27
[  737.766781][   T34] yurex 8-1:0.0: USB YUREX #0 now disconnected
[  738.052488][T20490] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[  738.055316][T20490] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  738.062185][T20490] vhci_hcd vhci_hcd.0: Device attached
[  738.116423][T20493] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3773'.
[  738.355518][   T24] usb 44-1: SetAddress Request (89) to port 0
[  738.359150][   T24] usb 44-1: new SuperSpeed USB device number 89 using vhci_hcd
[  738.736545][T20491] vhci_hcd: connection reset by peer
[  738.738696][T16924] vhci_hcd vhci_hcd.3: stop threads
[  738.740431][T16924] vhci_hcd vhci_hcd.3: release socket
[  738.742617][T16924] vhci_hcd vhci_hcd.3: disconnect device
[  740.361084][   T60] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  740.512718][   T60] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  740.516542][   T60] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  740.520925][   T60] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  740.524669][   T60] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  740.530129][T20509] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  740.535533][   T60] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  740.757060][   T60] usb 8-1: USB disconnect, device number 28
[  741.522643][T20518] autofs4:pid:20518:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  741.760281][T17197] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  742.251661][T17197] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  742.255103][T17197] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  742.258034][T17197] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  742.261413][T17197] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.270245][T20521] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  742.278206][T17197] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  742.313755][T20534] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  742.315869][T20534] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  742.318911][T20534] vhci_hcd vhci_hcd.0: Device attached
[  742.499595][   T60] usb 6-1: USB disconnect, device number 28
[  742.540097][ T1140] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  742.590209][T17197] usb 46-1: SetAddress Request (64) to port 0
[  742.592191][T17197] usb 46-1: new SuperSpeed USB device number 64 using vhci_hcd
[  742.686516][T20535] vhci_hcd: connection reset by peer
[  742.688544][T16924] vhci_hcd vhci_hcd.4: stop threads
[  742.692977][T16924] vhci_hcd vhci_hcd.4: release socket
[  742.700295][T16924] vhci_hcd vhci_hcd.4: disconnect device
[  743.158685][T20543] netlink: 332 bytes leftover after parsing attributes in process `syz.3.3785'.
[  743.267634][T20549] binder: 20548:20549 ioctl c0306201 80000640 returned -22
[  743.419680][   T24] usb 44-1: device descriptor read/8, error -110
[  743.646778][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  743.661369][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  743.682867][T20561] netlink: 'syz.4.3793': attribute type 58 has an invalid length.
[  743.685529][T20561] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3793'.
[  743.855028][   T24] usb usb44-port1: attempt power cycle
[  744.441096][   T24] usb usb44-port1: unable to enumerate USB device
[  745.067027][T20587] random: crng reseeded on system resumption
[  745.120961][T20590] serio: Serial port ptm0
[  745.169994][T20592] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3804'.
[  745.240280][T20594] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3803'.
[  745.243986][T20594] bridge_slave_1: left allmulticast mode
[  745.246332][T20594] bridge_slave_1: left promiscuous mode
[  745.249393][T20594] bridge0: port 2(bridge_slave_1) entered disabled state
[  745.309388][T20594] bridge_slave_0: left allmulticast mode
[  745.311211][T20594] bridge_slave_0: left promiscuous mode
[  745.318587][T20594] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.379484][ T1201] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  746.999715][T20625] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3812'.
[  747.004405][T20625] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3812'.
[  747.657387][T17197] usb 46-1: device descriptor read/8, error -110
[  748.060871][T17197] usb usb46-port1: attempt power cycle
[  748.061101][T20631] syz.4.3813 (20631): drop_caches: 3
[  748.308934][   T82] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  748.627729][T17197] usb usb46-port1: unable to enumerate USB device
[  748.935495][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  748.942303][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  749.908874][T20653] serio: Serial port ptm0
[  750.136328][T20665] FAULT_INJECTION: forcing a failure.
[  750.136328][T20665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  750.141825][T20665] CPU: 1 UID: 0 PID: 20665 Comm: syz.2.3822 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  750.141854][T20665] Tainted: [L]=SOFTLOCKUP
[  750.141860][T20665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  750.141871][T20665] Call Trace:
[  750.141879][T20665]  <TASK>
[  750.141887][T20665]  dump_stack_lvl+0x100/0x190
[  750.141913][T20665]  should_fail_ex.cold+0x5/0xa
[  750.141942][T20665]  _copy_from_user+0x2e/0xd0
[  750.141970][T20665]  get_user_ifreq+0x116/0x1c0
[  750.141988][T20665]  sock_do_ioctl+0x16e/0x280
[  750.142005][T20665]  ? __pfx_sock_do_ioctl+0x10/0x10
[  750.142026][T20665]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  750.142048][T20665]  ? do_vfs_ioctl+0x226/0x13e0
[  750.142075][T20665]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  750.142105][T20665]  compat_sock_ioctl+0x568/0x760
[  750.142129][T20665]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  750.142153][T20665]  ? __fget_files+0x21f/0x3d0
[  750.142176][T20665]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  750.142198][T20665]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  750.142228][T20665]  __do_fast_syscall_32+0xde/0x660
[  750.142255][T20665]  do_fast_syscall_32+0x32/0x70
[  750.142278][T20665]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  750.142299][T20665] RIP: 0023:0xf743d579
[  750.142313][T20665] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00
[  750.142330][T20665] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  750.142348][T20665] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000008914
[  750.142360][T20665] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  750.142370][T20665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  750.142380][T20665] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  750.142392][T20665] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  750.142414][T20665]  </TASK>
[  750.609770][T20681] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  750.611860][T20681] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  750.614559][T20681] vhci_hcd vhci_hcd.0: Device attached
[  750.638989][T20684] vhci_hcd: connection closed
[  750.639265][ T1201] vhci_hcd vhci_hcd.1: stop threads
[  750.642768][ T1201] vhci_hcd vhci_hcd.1: release socket
[  750.644633][ T1201] vhci_hcd vhci_hcd.1: disconnect device
[  750.776766][T20692] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  750.779188][T20692] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  750.782627][T20692] vhci_hcd vhci_hcd.0: Device attached
[  750.807218][T20692] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  751.045686][   T24] usb 46-1: SetAddress Request (68) to port 0
[  751.048595][   T24] usb 46-1: new SuperSpeed USB device number 68 using vhci_hcd
[  751.175179][T20693] vhci_hcd: connection reset by peer
[  751.180149][   T62] vhci_hcd vhci_hcd.4: stop threads
[  751.182454][   T62] vhci_hcd vhci_hcd.4: release socket
[  751.185078][   T62] vhci_hcd vhci_hcd.4: disconnect device
[  751.501103][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  752.135298][   T82] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  752.395847][   T10] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  752.555365][   T10] usb 6-1: Using ep0 maxpacket: 8
[  752.558402][   T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  752.560813][   T10] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  752.564223][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  752.568086][   T10] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  752.571749][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  752.575409][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  752.579036][   T10] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  752.583172][   T10] usb 6-1: config 168 interface 0 has no altsetting 0
[  752.586405][   T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  752.588791][   T10] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  752.592224][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  752.596105][   T10] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  752.599806][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  752.603282][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  752.607734][   T10] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  752.612178][   T10] usb 6-1: config 168 interface 0 has no altsetting 0
[  752.615775][   T10] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  752.618276][   T10] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  752.621933][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  752.626160][   T10] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  752.630239][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  752.633883][   T10] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  752.641329][   T10] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  752.645647][   T10] usb 6-1: config 168 interface 0 has no altsetting 0
[  752.650217][   T10] usb 6-1: string descriptor 0 read error: -22
[  752.652219][   T10] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  752.655120][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  752.670061][   T10] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  753.004969][T15597] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  753.150640][T15597] usb 8-1: device descriptor read/64, error -71
[  753.484794][T15597] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  757.172927][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  758.671823][T15597] usb 8-1: device descriptor read/64, error -110
[  758.781999][T15597] usb usb8-port1: attempt power cycle
[  759.121653][T15597] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  759.141818][T15597] usb 8-1: device descriptor read/8, error -32
[  759.381483][T15597] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  759.401691][T15597] usb 8-1: device descriptor read/8, error -32
[  759.511530][T15597] usb usb8-port1: unable to enumerate USB device
[  763.010053][ T1201] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  766.618820][ T5944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  766.625417][ T5944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  766.630749][ T5944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  766.633455][ T5944] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  766.635962][ T5944] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  767.906875][ T1418] ==================================================================
[  767.909417][ T1418] BUG: KASAN: slab-use-after-free in handle_tx+0x5c2/0x620
[  767.911708][ T1418] Read of size 1 at addr ffff88802938b490 by task aoe_tx0/1418
[  767.914812][ T1418] 
[  767.916220][ T1418] CPU: 2 UID: 0 PID: 1418 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  767.916238][ T1418] Tainted: [L]=SOFTLOCKUP
[  767.916242][ T1418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  767.916249][ T1418] Call Trace:
[  767.916253][ T1418]  <TASK>
[  767.916258][ T1418]  dump_stack_lvl+0x100/0x190
[  767.916274][ T1418]  print_report+0x156/0x4c9
[  767.916290][ T1418]  ? __virt_addr_valid+0x81/0x620
[  767.916306][ T1418]  ? __phys_addr+0xe8/0x180
[  767.916322][ T1418]  ? handle_tx+0x5c2/0x620
[  767.916339][ T1418]  kasan_report+0xdf/0x1a0
[  767.916354][ T1418]  ? handle_tx+0x5c2/0x620
[  767.916372][ T1418]  handle_tx+0x5c2/0x620
[  767.916409][ T1418]  dev_hard_start_xmit+0x127/0x6c0
[  767.916431][ T1418]  __dev_queue_xmit+0x6dd/0x46f0
[  767.916447][ T1418]  ? finish_task_switch.isra.0+0x204/0xb70
[  767.916461][ T1418]  ? __pfx___dev_queue_xmit+0x10/0x10
[  767.916476][ T1418]  ? __lock_acquire+0x4a5/0x2630
[  767.916491][ T1418]  ? ref_tracker_free+0x37e/0x6c0
[  767.916502][ T1418]  ? do_raw_spin_lock+0x128/0x260
[  767.916519][ T1418]  ? find_held_lock+0x2b/0x80
[  767.916530][ T1418]  ? skb_dequeue+0x126/0x180
[  767.916541][ T1418]  ? skb_dequeue+0x126/0x180
[  767.916553][ T1418]  ? find_held_lock+0x2b/0x80
[  767.916563][ T1418]  ? tx+0xa4/0x130
[  767.916575][ T1418]  ? tx+0xa4/0x130
[  767.916586][ T1418]  ? rcu_is_watching+0x12/0xc0
[  767.916597][ T1418]  ? __pfx_tx+0x10/0x10
[  767.916608][ T1418]  tx+0xc4/0x130
[  767.916620][ T1418]  kthread+0x1d8/0x3c0
[  767.916630][ T1418]  ? __kthread_parkme+0xbb/0x230
[  767.916644][ T1418]  ? __pfx_kthread+0x10/0x10
[  767.916653][ T1418]  ? rcu_is_watching+0x12/0xc0
[  767.916664][ T1418]  ? __pfx_default_wake_function+0x10/0x10
[  767.916677][ T1418]  ? __kthread_parkme+0x18c/0x230
[  767.916690][ T1418]  ? __pfx_kthread+0x10/0x10
[  767.916700][ T1418]  kthread+0x3b3/0x730
[  767.916715][ T1418]  ? __pfx_kthread+0x10/0x10
[  767.916730][ T1418]  ? ret_from_fork+0x79/0xaf0
[  767.916741][ T1418]  ? ret_from_fork+0x79/0xaf0
[  767.916750][ T1418]  ? rcu_is_watching+0x12/0xc0
[  767.916761][ T1418]  ? __pfx_kthread+0x10/0x10
[  767.916776][ T1418]  ret_from_fork+0x754/0xaf0
[  767.916786][ T1418]  ? __pfx_ret_from_fork+0x10/0x10
[  767.916797][ T1418]  ? __switch_to+0x7b9/0x10c0
[  767.916811][ T1418]  ? __pfx_kthread+0x10/0x10
[  767.916826][ T1418]  ret_from_fork_asm+0x1a/0x30
[  767.916845][ T1418]  </TASK>
[  767.916849][ T1418] 
[  767.991763][ T1418] Allocated by task 17115:
[  767.993183][ T1418]  kasan_save_stack+0x30/0x50
[  767.994727][ T1418]  kasan_save_track+0x14/0x30
[  767.996256][ T1418]  __kasan_kmalloc+0xaa/0xb0
[  767.997757][ T1418]  alloc_tty_struct+0x96/0x8c0
[  767.999243][ T1418]  tty_init_dev.part.0+0x20/0x470
[  768.000845][ T1418]  tty_open+0xa63/0xfa0
[  768.002173][ T1418]  chrdev_open+0x234/0x6a0
[  768.003625][ T1418]  do_dentry_open+0x73e/0x1570
[  768.005178][ T1418]  vfs_open+0x82/0x3f0
[  768.006510][ T1418]  path_openat+0x21dc/0x3120
[  768.008024][ T1418]  do_filp_open+0x1f7/0x420
[  768.009496][ T1418]  do_sys_openat2+0x12e/0x220
[  768.011025][ T1418]  __ia32_compat_sys_openat+0x12d/0x210
[  768.012857][ T1418]  __do_fast_syscall_32+0xde/0x660
[  768.014536][ T1418]  do_fast_syscall_32+0x32/0x70
[  768.016089][ T1418]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  768.018145][ T1418] 
[  768.018934][ T1418] Freed by task 6022:
[  768.020325][ T1418]  kasan_save_stack+0x30/0x50
[  768.022228][ T1418]  kasan_save_track+0x14/0x30
[  768.024117][ T1418]  kasan_save_free_info+0x3b/0x70
[  768.026134][ T1418]  __kasan_slab_free+0x5f/0x80
[  768.028111][ T1418]  kfree+0x1c7/0x690
[  768.029688][ T1418]  process_one_work+0x9c2/0x1840
[  768.031669][ T1418]  worker_thread+0x5da/0xe40
[  768.033570][ T1418]  kthread+0x3b3/0x730
[  768.035218][ T1418]  ret_from_fork+0x754/0xaf0
[  768.037130][ T1418]  ret_from_fork_asm+0x1a/0x30
[  768.039080][ T1418] 
[  768.040079][ T1418] Last potentially related work creation:
[  768.042281][ T1418]  kasan_save_stack+0x30/0x50
[  768.043806][ T1418]  kasan_record_aux_stack+0xa7/0xc0
[  768.045489][ T1418]  insert_work+0x36/0x230
[  768.046987][ T1418]  __queue_work+0x96f/0x10f0
[  768.048893][ T1418]  queue_work_on+0x180/0x1e0
[  768.050720][ T1418]  release_tty+0x4f3/0x5f0
[  768.052328][ T1418]  tty_release_struct+0xb7/0xe0
[  768.053937][ T1418]  tty_release+0xd7a/0x1300
[  768.055548][ T1418]  __fput+0x3ff/0xb40
[  768.056881][ T1418]  task_work_run+0x150/0x240
[  768.058376][ T1418]  do_exit+0x829/0x2a30
[  768.059756][ T1418]  do_group_exit+0xd5/0x2a0
[  768.061257][ T1418]  get_signal+0x1ec7/0x21e0
[  768.062723][ T1418]  arch_do_signal_or_restart+0x91/0x770
[  768.064743][ T1418]  exit_to_user_mode_loop+0x86/0x4b0
[  768.066631][ T1418]  do_int80_emulation+0x39b/0x470
[  768.068252][ T1418]  asm_int80_emulation+0x1a/0x20
[  768.069853][ T1418] 
[  768.070653][ T1418] The buggy address belongs to the object at ffff88802938b000
[  768.070653][ T1418]  which belongs to the cache kmalloc-cg-2k of size 2048
[  768.075120][ T1418] The buggy address is located 1168 bytes inside of
[  768.075120][ T1418]  freed 2048-byte region [ffff88802938b000, ffff88802938b800)
[  768.079468][ T1418] 
[  768.080304][ T1418] The buggy address belongs to the physical page:
[  768.082361][ T1418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802938d000 pfn:0x29388
[  768.085736][ T1418] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  768.088820][ T1418] memcg:ffff888029982c81
[  768.090512][ T1418] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  768.093511][ T1418] page_type: f5(slab)
[  768.094879][ T1418] raw: 00fff00000000240 ffff88801b84c140 ffffea0000a0e610 ffffea0000a1c810
[  768.097937][ T1418] raw: ffff88802938d000 0000000000080007 00000000f5000000 ffff888029982c81
[  768.100735][ T1418] head: 00fff00000000240 ffff88801b84c140 ffffea0000a0e610 ffffea0000a1c810
[  768.104169][ T1418] head: ffff88802938d000 0000000000080007 00000000f5000000 ffff888029982c81
[  768.107348][ T1418] head: 00fff00000000003 ffffea0000a4e201 00000000ffffffff 00000000ffffffff
[  768.110802][ T1418] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  768.114220][ T1418] page dumped because: kasan: bad access detected
[  768.116667][ T1418] page_owner tracks the page as allocated
[  768.118959][ T1418] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5934, tgid 5934 (syz-executor), ts 53707217142, free_ts 52534370853
[  768.126670][ T1418]  post_alloc_hook+0x1e1/0x250
[  768.128643][ T1418]  get_page_from_freelist+0xe3d/0x2e10
[  768.130744][ T1418]  __alloc_frozen_pages_noprof+0x26c/0x2410
[  768.133162][ T1418]  alloc_pages_mpol+0x1fb/0x550
[  768.133616][ T5297] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  768.134809][ T1418]  new_slab+0x2c4/0x440
[  768.134822][ T1418]  ___slab_alloc+0xda3/0x1ca0
[  768.139520][ T5297] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  768.140042][ T1418]  __slab_alloc.isra.0+0x63/0x110
[  768.142991][ T5297] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  768.144016][ T1418]  __kmalloc_noprof+0x618/0x9c0
[  768.146779][ T5297] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  768.148188][ T1418]  __register_sysctl_table+0xac/0x1650
[  768.148209][ T1418]  __devinet_sysctl_register+0x1b9/0x360
[  768.148220][ T1418]  devinet_sysctl_register+0x17b/0x210
[  768.148230][ T1418]  inetdev_init+0x2b8/0x570
[  768.148239][ T1418]  inetdev_event+0x7fa/0x17f0
[  768.148248][ T1418]  notifier_call_chain+0x99/0x3b0
[  768.148263][ T1418]  call_netdevice_notifiers_info+0xbe/0x110
[  768.148274][ T1418]  register_netdevice+0x16b9/0x21d0
[  768.148284][ T1418] page last free pid 5929 tgid 5929 stack trace:
[  768.148291][ T1418]  __free_frozen_pages+0x822/0x1130
[  768.148301][ T1418]  qlist_free_all+0x47/0xe0
[  768.148313][ T1418]  kasan_quarantine_reduce+0x1a0/0x1f0
[  768.148326][ T1418]  __kasan_slab_alloc+0x69/0x90
[  768.150973][ T5297] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  768.152667][ T1418]  kmem_cache_alloc_noprof+0x2ad/0x780
[  768.179527][ T1418]  ptlock_alloc+0x1f/0x70
[  768.180952][ T1418]  pte_alloc_one+0x84/0x3e0
[  768.182547][ T1418]  __do_fault+0x359/0x550
[  768.184276][ T1418]  do_fault+0x10d3/0x1990
[  768.185688][ T1418]  __handle_mm_fault+0x1807/0x2b50
[  768.187322][ T1418]  handle_mm_fault+0x36d/0xa20
[  768.188872][ T1418]  do_user_addr_fault+0x5a3/0x12f0
[  768.190512][ T1418]  exc_page_fault+0x6f/0xd0
[  768.192228][ T1418]  asm_exc_page_fault+0x26/0x30
[  768.194077][ T1418] 
[  768.194862][ T1418] Memory state around the buggy address:
[  768.197040][ T1418]  ffff88802938b380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  768.199778][ T1418]  ffff88802938b400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  768.202365][ T1418] >ffff88802938b480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  768.204897][ T1418]                          ^
[  768.206359][ T1418]  ffff88802938b500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  768.208888][ T1418]  ffff88802938b580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  768.211599][ T1418] ==================================================================
[  768.214694][ T1418] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  768.217026][ T1418] CPU: 2 UID: 0 PID: 1418 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  768.220349][ T1418] Tainted: [L]=SOFTLOCKUP
[  768.221807][ T1418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  768.224967][ T1418] Call Trace:
[  768.226049][ T1418]  <TASK>
[  768.227034][ T1418]  dump_stack_lvl+0x100/0x190
[  768.228559][ T1418]  vpanic+0x20d/0x630
[  768.229853][ T1418]  panic+0xd1/0xd1
[  768.231062][ T1418]  ? __pfx_panic+0x10/0x10
[  768.232501][ T1418]  ? check_panic_on_warn+0x1f/0x90
[  768.234141][ T1418]  check_panic_on_warn.cold+0x19/0x34
[  768.235880][ T1418]  end_report.part.0+0x3a/0x90
[  768.237774][ T1418]  kasan_report.cold+0xe/0x18
[  768.239757][ T1418]  ? handle_tx+0x5c2/0x620
[  768.241569][ T1418]  handle_tx+0x5c2/0x620
[  768.243246][ T1418]  dev_hard_start_xmit+0x127/0x6c0
[  768.245265][ T1418]  __dev_queue_xmit+0x6dd/0x46f0
[  768.247229][ T1418]  ? finish_task_switch.isra.0+0x204/0xb70
[  768.249518][ T1418]  ? __pfx___dev_queue_xmit+0x10/0x10
[  768.251653][ T1418]  ? __lock_acquire+0x4a5/0x2630
[  768.253627][ T1418]  ? ref_tracker_free+0x37e/0x6c0
[  768.255636][ T1418]  ? do_raw_spin_lock+0x128/0x260
[  768.257312][ T1418]  ? find_held_lock+0x2b/0x80
[  768.258878][ T1418]  ? skb_dequeue+0x126/0x180
[  768.260386][ T1418]  ? skb_dequeue+0x126/0x180
[  768.261911][ T1418]  ? find_held_lock+0x2b/0x80
[  768.263447][ T1418]  ? tx+0xa4/0x130
[  768.264676][ T1418]  ? tx+0xa4/0x130
[  768.265896][ T1418]  ? rcu_is_watching+0x12/0xc0
[  768.267491][ T1418]  ? __pfx_tx+0x10/0x10
[  768.268851][ T1418]  tx+0xc4/0x130
[  768.270016][ T1418]  kthread+0x1d8/0x3c0
[  768.271292][ T1418]  ? __kthread_parkme+0xbb/0x230
[  768.272887][ T1418]  ? __pfx_kthread+0x10/0x10
[  768.274372][ T1418]  ? rcu_is_watching+0x12/0xc0
[  768.275919][ T1418]  ? __pfx_default_wake_function+0x10/0x10
[  768.277812][ T1418]  ? __kthread_parkme+0x18c/0x230
[  768.279422][ T1418]  ? __pfx_kthread+0x10/0x10
[  768.280927][ T1418]  kthread+0x3b3/0x730
[  768.282268][ T1418]  ? __pfx_kthread+0x10/0x10
[  768.283780][ T1418]  ? ret_from_fork+0x79/0xaf0
[  768.285303][ T1418]  ? ret_from_fork+0x79/0xaf0
[  768.286838][ T1418]  ? rcu_is_watching+0x12/0xc0
[  768.288404][ T1418]  ? __pfx_kthread+0x10/0x10
[  768.289932][ T1418]  ret_from_fork+0x754/0xaf0
[  768.291438][ T1418]  ? __pfx_ret_from_fork+0x10/0x10
[  768.293063][ T1418]  ? __switch_to+0x7b9/0x10c0
[  768.294405][ T1418]  ? __pfx_kthread+0x10/0x10
[  768.295755][ T1418]  ret_from_fork_asm+0x1a/0x30
[  768.297342][ T1418]  </TASK>
[  768.299140][ T1418] Kernel Offset: disabled
[  768.300566][ T1418] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:57:18  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffea0001734d80 RCX=ffffffff82532af9 RDX=ffff8880287cc980
RSI=ffffffff82532b07 RDI=ffffea0001734d80 RBP=800000005cd36027 RSP=ffffc90002d2f578
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff888027be48c0 R13=ffff8880701ef8a8 R14=0000000000000000 R15=8000000000000027
RIP=ffffffff82064a80 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880973e3000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73d4fe8 CR3=00000000613bf000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000770058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffff0f0e0d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000200 RBX=0000000000000001 RCX=ffffffff825488b9 RDX=ffff88802706c980
RSI=ffffffff825483a4 RDI=ffff88802706c980 RBP=00000000403ef007 RSP=ffffc9000c567c70
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff8880299cef00 R13=0000000000000067 R14=0000000000000067 R15=0000000001c55780
RIP=ffffffff825483b2 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974e3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f72d202c CR3=0000000072740000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffff0f0e0d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000054 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85673a35 RDI=ffffffff9b1f2260 RBP=ffffffff9b1f2220 RSP=ffffc90007d5f3a0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000031343154
R12=0000000000000000 R13=0000000000000054 R14=0000000000000010 R15=ffffffff856739d0
RIP=ffffffff85673a5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975e3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5484ff4 CR3=0000000053e76000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004c00000000 0000000100000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004c00000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000b0737b RBX=ffff88801dea8000 RCX=ffffffff8b7414b5 RDX=0000000000000000
RSI=ffffffff8dc4156b RDI=ffffffff8bfa3320 RBP=0000000000000003 RSP=ffffc9000048fdf0
R8 =0000000000000001 R9 =ffffed10056a673d R10=ffff88802b5339eb R11=0000000000000000
R12=ffffed1003bd5000 R13=0000000000000003 R14=ffffffff90b76fd0 R15=0000000000000000
RIP=ffffffff8b73fe1f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976e3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055a885510658 CR3=0000000051e03000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefeffd0 Opmask01=0000000000000008 Opmask02=000000007ffeffff Opmask03=0000000010400004
Opmask04=00000000ffffefff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9b7b12cade028bdf b27aada9068a7ab0
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8ace2b7c64aad905 6303f3033f441c33
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e3384407662ad71d 982e6152aa4e21be
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4970c3df12a25d12 549ff4664651bfcd
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000240
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0080010005a4e091 00000000000001d2
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001d21d909208 000001d200800100
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1d736f48000001d2 008001001d0a9fc0
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001d21daf9580 1dadbe1a000001d2
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c3c4e8ad07cfb85 62ca6606a0333983
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 824c38b82a06922b a0bc644075899efd
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3130323a30696368 2f306963682f6874 6f6f7465756c622f 6c6175747269762f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000071 0000000000007974 0073657600347400 306d656d702f6b63
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312c3937312c3136 312c3131312c3031 312c32452c34442c 30442c45412c3841
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c34412c42382c30 382c33372c32372c 31376b2c34312c32 2c312c30652d3033
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4442654344464670 3243353176333030 30623a7475706e69 3d5341494c41444f
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000